10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
100.0%
Added: 03/03/2006
CVE: CVE-2005-1983
BID: 14513
OSVDB: 18605
The Windows Plug and Play service allows Windows operating systems to automatically detect and configure a new hardware device, such as a mouse.
A buffer overflow in the Plug and Play service could allow command execution with administrative privileges.
Apply the patch referenced in Microsoft Security Bulletin 05-047.
<http://www.microsoft.com/technet/security/bulletin/MS05-039.mspx>
Remote, uncredentialed command execution is not possible on Windows XP or Windows Server 2003.
Successful exploitation may cause the target to reboot after disconnection.
Windows