Lucene search

[email protected]CVE-2005-0060

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0060

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2005-0060

buffer overflow

font processing

microsoft windows

local privilege escalation

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.3%

JSON

Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application.

Affected configurations

NVD

Node

microsoftwindows_2000

microsoftwindows_2000sp1

microsoftwindows_2000sp2

microsoftwindows_2000sp3

microsoftwindows_2000sp4

microsoftwindows_2003_serverMatchenterprise64-bit

microsoftwindows_2003_serverMatchenterprise_64-bit

microsoftwindows_2003_serverMatchr264-bit

microsoftwindows_2003_serverMatchr2datacenter_64-bit

microsoftwindows_2003_serverMatchstandard64-bit

microsoftwindows_2003_serverMatchweb

microsoftwindows_98gold

microsoftwindows_98se

microsoftwindows_me

microsoftwindows_xp64-bit

microsoftwindows_xphome

microsoftwindows_xpmedia_center

microsoftwindows_xpgoldprofessional

microsoftwindows_xpsp164-bit

microsoftwindows_xpsp1home

microsoftwindows_xpsp1media_center

microsoftwindows_xpsp2home

microsoftwindows_xpsp2media_center

microsoftwindows_xpsp2tablet_pc

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_2003_servermicrosoft windows 2003 servereqenterprise
microsoft:windows_2003_servermicrosoft windows 2003 servereqenterprise_64-bit
microsoft:windows_2003_servermicrosoft windows 2003 servereqr2
microsoft:windows_2003_servermicrosoft windows 2003 servereqstandard
microsoft:windows_2003_servermicrosoft windows 2003 servereqweb
microsoft:windows_98microsoft windows 98eq*
microsoft:windows_98semicrosoft windows 98seeq*
microsoft:windows_memicrosoft windows meeq*
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_2003_server	microsoft windows 2003 server	eq	enterprise
microsoft:windows_2003_server	microsoft windows 2003 server	eq	enterprise_64-bit
microsoft:windows_2003_server	microsoft windows 2003 server	eq	r2
microsoft:windows_2003_server	microsoft windows 2003 server	eq	standard
microsoft:windows_2003_server	microsoft windows 2003 server	eq	web
microsoft:windows_98	microsoft windows 98	eq	*
microsoft:windows_98se	microsoft windows 98se	eq	*
microsoft:windows_me	microsoft windows me	eq	*
microsoft:windows_xp	microsoft windows xp	eq	*