7.1 High
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
60.1%
Windows 2000, XP, and Server 2003 does not properly “validate the use of memory regions” for COM structured storage files, which allows attackers to execute arbitrary code, aka the “COM Structured Storage Vulnerability.”
marc.info/?l=bugtraq&m=111755870828817&w=2
www.argeniss.com/research/SSExploit.c
www.kb.cert.org/vuls/id/597889
www.us-cert.gov/cas/techalerts/TA05-039A.html
docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012
exchange.xforce.ibmcloud.com/vulnerabilities/19105
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1159
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2351
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2892
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A901