Vulnerabilities > CVE-2005-1207 - Unspecified vulnerability in Microsoft Windows 2003 Server and Windows XP
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS05-028.NASL |
description | The remote version of Windows contains a flaw in the Web Client service that could allow an attacker to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need credentials to log into the remote host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 18484 |
published | 2005-06-14 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/18484 |
title | MS05-028: Vulnerability in Web Client Service Could Allow Remote Code Execution (896426) |
code |
|
Oval
accepted 2011-05-16T04:00:42.395-04:00 class vulnerability contributors name Matthew Burton organization The MITRE Corporation name Shane Shaffer organization G2, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters. family windows id oval:org.mitre.oval:def:1255 status accepted submitted 2005-07-15T12:00:00.000-04:00 title Windows XP Web Client Service Buffer Overflow version 70 accepted 2011-05-16T04:03:24.666-04:00 class vulnerability contributors name Matthew Burton organization The MITRE Corporation name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters. family windows id oval:org.mitre.oval:def:721 status accepted submitted 2005-07-15T12:00:00.000-04:00 title Server 2003 Web Client Service Buffer Overflow version 67
References
- http://secunia.com/advisories/15696/
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-028
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1255
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A721