CVE-2005-0551

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2005-0551

buffer overflow

winsrv.dll

csrss

windows 2000

windows xp

windows server 2003

privilege escalation

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.0%

JSON

Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.

Affected configurations

NVD

Node

microsoftwindows_2000

microsoftwindows_2003_serverMatchr2

microsoftwindows_xpsp1tablet_pc

microsoftwindows_xpsp2tablet_pc

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_2003_servermicrosoft windows 2003 servereqr2
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_2003_server	microsoft windows 2003 server	eq	r2
microsoft:windows_xp	microsoft windows xp	eq	*