Added: 03/03/2006
CVE: CVE-2005-1983
BID: 14513
OSVDB: 18605
The Windows Plug and Play service allows Windows operating systems to automatically detect and configure a new hardware device, such as a mouse.
A buffer overflow in the Plug and Play service could allow command execution with administrative privileges.
Apply the patch referenced in Microsoft Security Bulletin 05-047.
<http://www.microsoft.com/technet/security/bulletin/MS05-039.mspx>
Remote, uncredentialed command execution is not possible on Windows XP or Windows Server 2003.
Successful exploitation may cause the target to reboot after disconnection.
Windows