CVE-2005-3172: Buffer Overflow
First published: Thu Oct 06 2005(Updated: )
The WideCharToMultiByte function in Microsoft Windows 2000 before Update Rollup 1 for SP4 does not properly convert strings with Japanese composite characters in the last character, which could prevent the string from being null terminated and lead to data corruption or enable buffer overflow attacks.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 2000 | =sp4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2005-3172?
CVE-2005-3172 has been assigned a moderate severity rating due to potential data corruption and buffer overflow risks.
How do I fix CVE-2005-3172?
The recommended fix for CVE-2005-3172 is to apply Update Rollup 1 for SP4 on Microsoft Windows 2000.
Which versions of Windows are affected by CVE-2005-3172?
CVE-2005-3172 specifically affects Microsoft Windows 2000 SP4.
What type of attacks can be executed due to CVE-2005-3172?
CVE-2005-3172 could enable buffer overflow attacks that may lead to unauthorized access or system instability.
What specific issue does CVE-2005-3172 cause in string handling?
CVE-2005-3172 causes improper conversion of Japanese composite characters, preventing strings from being null-terminated.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- agent/remedy
- agent/severity
- agent/author
- agent/weakness
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- vendor/microsoft
- canonical/microsoft windows 2000
- version/microsoft windows 2000/sp4