First published: Mon May 02 2005(Updated: )
Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability."
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows XP | =sp1 | |
Microsoft Windows Server 2003 | =web | |
Microsoft Windows Server 2003 | =enterprise | |
Microsoft Windows Server 2003 | =enterprise_64-bit | |
Microsoft Windows XP | =gold | |
Microsoft Windows 2000 | ||
Microsoft Windows XP | ||
Microsoft Windows 2000 | =sp4 | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows XP | ||
Microsoft Windows XP | =sp1 | |
Microsoft Windows 2000 | =sp2 | |
Microsoft Windows Server 2003 | =r2 | |
Microsoft Windows 2000 | =sp1 | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows XP | ||
Microsoft Windows XP | =sp1 | |
Microsoft Windows Server 2003 | =standard | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows Server 2003 | =r2 | |
Microsoft Windows 2000 | =sp3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2005-0047 is considered critical as it can allow attackers to execute arbitrary code on affected systems.
To fix CVE-2005-0047, users should apply the latest security updates and patches provided by Microsoft for their affected Windows operating systems.
CVE-2005-0047 affects Windows 2000, Windows XP, and Windows Server 2003 in various service pack configurations.
CVE-2005-0047 is classified as a memory validation vulnerability in COM structured storage files.
Yes, CVE-2005-0047 can potentially be exploited remotely if a malicious COM structured storage file is opened by a user.