10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
High
0.012 Low
EPSS
Percentile
85.0%
Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.
www.idefense.com/application/poi/display?id=230&type=vulnerabilities
docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1822
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A266
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3544
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A777