CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-1208

Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.513

EPSS Ranking 97.7%

CVSS Severity

CVSS v2 Score 10.0

References

Products affected by CVE-2005-1208

Microsoft » Windows 2000 » Version: N/A

cpe:2.3:o:microsoft:windows_2000:-
Microsoft » Windows 2000 » Version: beta3

cpe:2.3:o:microsoft:windows_2000:beta3
Microsoft » Windows 2003 Server » Version: 64-bit

cpe:2.3:o:microsoft:windows_2003_server:64-bit
Microsoft » Windows 2003 Server » Version: datacenter_64-bit

cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit
Microsoft » Windows 2003 Server » Version: enterprise

cpe:2.3:o:microsoft:windows_2003_server:enterprise
Microsoft » Windows 2003 Server » Version: enterprise_64-bit

cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit
Microsoft » Windows 2003 Server » Version: r2

cpe:2.3:o:microsoft:windows_2003_server:r2
Microsoft » Windows 2003 Server » Version: standard

cpe:2.3:o:microsoft:windows_2003_server:standard
Microsoft » Windows 2003 Server » Version: standard_64-bit

cpe:2.3:o:microsoft:windows_2003_server:standard_64-bit
Microsoft » Windows 2003 Server » Version: web

cpe:2.3:o:microsoft:windows_2003_server:web
Microsoft » Windows 98 » Version: N/A

cpe:2.3:o:microsoft:windows_98:-
Microsoft » Windows Xp » Version: Any

cpe:2.3:o:microsoft:windows_xp:*
Microsoft » Windows Xp » Version: N/A

cpe:2.3:o:microsoft:windows_xp:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-1208

Products

Pricing

Contact Us