Lucene search

[email protected]CVE-2005-2765

HistoryOct 03, 2022 - 4:22 p.m.

CVE-2005-2765

2022-10-0316:22:48

[email protected]

web.nvd.nist.gov

windows firewall

vulnerability

information hiding

windows registry

administrator privileges

nvd

cve-2005-2765

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.6%

JSON

The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activities if the administrator only uses the Windows Firewall interface to monitor exceptions. NOTE: the vendor disputes this issue, saying that since administrative privileges are already required, it is not a vulnerability. CVE has not yet formally decided if such “information hiding” issues should be included.

Affected configurations

NVD

Node

microsoftwindows_2003_serverMatch64-bit

microsoftwindows_2003_serverMatchsp1

microsoftwindows_xp64-bit

microsoftwindows_xpsp2tablet_pc

CPENameOperatorVersion
microsoft:windows_2003_servermicrosoft windows 2003 servereq64-bit
microsoft:windows_2003_servermicrosoft windows 2003 servereqsp1
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_2003_server	microsoft windows 2003 server	eq	64-bit
microsoft:windows_2003_server	microsoft windows 2003 server	eq	sp1
microsoft:windows_xp	microsoft windows xp	eq	*

References

www.microsoft.com/technet/security/advisory/897663.mspx

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.6%

JSON

Related for CVE-2005-2765

nvd1 cvelist1