Microsoft Windows Plug and Play Registry Key Access Buffer Overflow
Schweregrad: : Medium
Identificador(es) CVE: : CVE-2005-2120
Data do informe: 21 julho 2015
Descrição
Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call.
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1000391
Trend Micro Deep Security DPI Rule Name: 1000391 - Microsoft Windows Plug and Play Registry Key Access Buffer Overflow
Software infectado e versão:
- Microsoft Windows 2000 SP4
- Microsoft Windows XP SP1
- Microsoft Windows XP SP2