Microsoft Windows Plug and Play Service Buffer Overflow
Publish Date: 21 de lipca de 2015
Severity: : Critical
CVE Kennungen: : CVE-2005-1983
Advisory Date: 21 de lipca de 2015
DESCRIPTION
cve: Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1000343
Trend Micro Deep Security DPI Rule Name: 1000343 - Microsoft Windows Plug and Play Service Buffer Overflow
AFFECTED SOFTWARE AND VERSION:
- Microsoft Windows 2000
- Microsoft Windows XP SP1