NVD脆弱性詳細

CVE-2005-0047

概要	Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability."
公表日	2005年5月2日13:00
登録日	2021年1月29日17:58
最終更新日	2019年4月30日23:27

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:o:microsoft:windows_2000::::::::
cpe:2.3:o:microsoft:windows_2000::sp1::::::*
cpe:2.3:o:microsoft:windows_2000::sp2::::::*
cpe:2.3:o:microsoft:windows_2000::sp3::::::*
cpe:2.3:o:microsoft:windows_2000::sp4::::::*
cpe:2.3:o:microsoft:windows_2003_server:enterprise::64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:::::::*
cpe:2.3:o:microsoft:windows_2003_server:r2::64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:r2::datacenter_64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:standard::64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:web:::::::*
cpe:2.3:o:microsoft:windows_xp:::64-bit:::::*
cpe:2.3:o:microsoft:windows_xp:::home:::::*
cpe:2.3:o:microsoft:windows_xp:::media_center:::::*
cpe:2.3:o:microsoft:windows_xp::gold:professional:::::
cpe:2.3:o:microsoft:windows_xp::sp1:64-bit:::::
cpe:2.3:o:microsoft:windows_xp::sp1:home:::::
cpe:2.3:o:microsoft:windows_xp::sp1:media_center:::::
cpe:2.3:o:microsoft:windows_xp::sp2:home:::::
cpe:2.3:o:microsoft:windows_xp::sp2:media_center:::::
cpe:2.3:o:microsoft:windows_xp::sp2:tablet_pc:::::

関連情報、対策とツール

No	URL	refsource	タグ
1	http://marc.info/?l=bugtraq&m=111755870828817&w=2	BUGTRAQ
2	http://www.argeniss.com/research/SSExploit.c	MISC
3	http://www.kb.cert.org/vuls/id/597889	CERT-VN	Patch US Government Resource
4	http://www.us-cert.gov/cas/techalerts/TA05-039A.html	CERT	Patch US Government Resource
5	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012	MS
6	https://exchange.xforce.ibmcloud.com/vulnerabilities/19105	XF
7	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1159	OVAL
8	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2351	OVAL
9	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2892	OVAL
10	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A901	OVAL

共通脆弱性一覧

構成1	以上	以下	より上	未満
cpe:2.3:o:microsoft:windows_2000::::::::
cpe:2.3:o:microsoft:windows_2000::sp1::::::*
cpe:2.3:o:microsoft:windows_2000::sp2::::::*
cpe:2.3:o:microsoft:windows_2000::sp3::::::*
cpe:2.3:o:microsoft:windows_2000::sp4::::::*
cpe:2.3:o:microsoft:windows_2003_server:enterprise::64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:::::::*
cpe:2.3:o:microsoft:windows_2003_server:r2::64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:r2::datacenter_64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:standard::64-bit:::::
cpe:2.3:o:microsoft:windows_2003_server:web:::::::*
cpe:2.3:o:microsoft:windows_xp:::64-bit:::::*
cpe:2.3:o:microsoft:windows_xp:::home:::::*
cpe:2.3:o:microsoft:windows_xp:::media_center:::::*
cpe:2.3:o:microsoft:windows_xp::gold:professional:::::
cpe:2.3:o:microsoft:windows_xp::sp1:64-bit:::::
cpe:2.3:o:microsoft:windows_xp::sp1:home:::::
cpe:2.3:o:microsoft:windows_xp::sp1:media_center:::::
cpe:2.3:o:microsoft:windows_xp::sp2:home:::::
cpe:2.3:o:microsoft:windows_xp::sp2:media_center:::::
cpe:2.3:o:microsoft:windows_xp::sp2:tablet_pc:::::