Vulnerability in Microsoft Windows_2000
CVE-2005-1212
Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.
EPSS: 0.249 (97.6th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Windows_2000
- Microsoft Windows_2000_terminal_services
- Microsoft Windows_2003_server — versions 64-bit, datacenter_64-bit, enterprise
- Microsoft Windows_98
- Microsoft Windows_98se
- Microsoft Windows_me
- Microsoft Windows_xp
- N/a — versions n/a
References
- secure@microsoft.com (vdb-entry, x_refsource_BID)
- secure@microsoft.com (x_refsource_IDEFENSE, Patch, Vendor Advisory, third-party-advisory)
- secure@microsoft.com (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secure@microsoft.com (vdb-entry, x_refsource_SECTRACK)
- secure@microsoft.com (x_refsource_MS, vendor-advisory)
- secure@microsoft.com (x_refsource_OVAL, signature, vdb-entry)