NVD Vulnerability Detail

CVE-2005-0047

Summary	Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability."
Publication Date	May 2, 2005, 1 p.m.
Registration Date	Jan. 29, 2021, 5:58 p.m.
Last Update	April 30, 2019, 11:27 p.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:microsoft:windows_2000::::::::
cpe:2.3:o:microsoft:windows_2000::sp1::::::*
cpe:2.3:o:microsoft:windows_2000::sp2::::::*
cpe:2.3:o:microsoft:windows_2000::sp3::::::*
cpe:2.3:o:microsoft:windows_2000::sp4::::::*
cpe:2.3:o:microsoft:windows_2003_server:enterprise::64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:::::::*
cpe:2.3:o:microsoft:windows_2003_server:r2::64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:r2::datacenter_64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:standard::64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:web:::::::*
cpe:2.3:o:microsoft:windows_xp:::64-bit:::::*
cpe:2.3:o:microsoft:windows_xp:::home:::::*
cpe:2.3:o:microsoft:windows_xp:::media_center:::::*
cpe:2.3:o:microsoft:windows_xp::gold:professional:::::
cpe:2.3:o:microsoft:windows_xp::sp1:64-bit:::::
cpe:2.3:o:microsoft:windows_xp::sp1:home:::::
cpe:2.3:o:microsoft:windows_xp::sp1:media_center:::::
cpe:2.3:o:microsoft:windows_xp::sp2:home:::::
cpe:2.3:o:microsoft:windows_xp::sp2:media_center:::::
cpe:2.3:o:microsoft:windows_xp::sp2:tablet_pc:::::

Related information, measures and tools

No	URL	refsource	タグ
1	http://marc.info/?l=bugtraq&m=111755870828817&w=2	BUGTRAQ
2	http://www.argeniss.com/research/SSExploit.c	MISC
3	http://www.kb.cert.org/vuls/id/597889	CERT-VN	Patch US Government Resource
4	http://www.us-cert.gov/cas/techalerts/TA05-039A.html	CERT	Patch US Government Resource
5	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012	MS
6	https://exchange.xforce.ibmcloud.com/vulnerabilities/19105	XF
7	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1159	OVAL
8	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2351	OVAL
9	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2892	OVAL
10	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A901	OVAL

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:microsoft:windows_2000::::::::
cpe:2.3:o:microsoft:windows_2000::sp1::::::*
cpe:2.3:o:microsoft:windows_2000::sp2::::::*
cpe:2.3:o:microsoft:windows_2000::sp3::::::*
cpe:2.3:o:microsoft:windows_2000::sp4::::::*
cpe:2.3:o:microsoft:windows_2003_server:enterprise::64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:::::::*
cpe:2.3:o:microsoft:windows_2003_server:r2::64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:r2::datacenter_64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:standard::64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:web:::::::*
cpe:2.3:o:microsoft:windows_xp:::64-bit:::::*
cpe:2.3:o:microsoft:windows_xp:::home:::::*
cpe:2.3:o:microsoft:windows_xp:::media_center:::::*
cpe:2.3:o:microsoft:windows_xp::gold:professional:::::
cpe:2.3:o:microsoft:windows_xp::sp1:64-bit:::::
cpe:2.3:o:microsoft:windows_xp::sp1:home:::::
cpe:2.3:o:microsoft:windows_xp::sp1:media_center:::::
cpe:2.3:o:microsoft:windows_xp::sp2:home:::::
cpe:2.3:o:microsoft:windows_xp::sp2:media_center:::::
cpe:2.3:o:microsoft:windows_xp::sp2:tablet_pc:::::