10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
High
0.936 High
EPSS
Percentile
99.1%
The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an “unchecked buffer” and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the “License Logging Service Vulnerability.”
www.kb.cert.org/vuls/id/130433
www.us-cert.gov/cas/techalerts/TA05-039A.html
docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-010
exchange.xforce.ibmcloud.com/vulnerabilities/19101
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2568
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3582
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4786
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A644