Vulnerability Details CVE-2005-3981
NOTE: this issue has been disputed by third parties. Microsoft Windows XP, 2000, and 2003 allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has been opened using the OpenProcess function, possibly involving an invalid address for the start routine. NOTE: followup posts have disputed this issue, saying that if a user already has privileges to write to a process, then other functions could be called or the process could be terminated using PROCESS_TERMINATE
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.0%
CVSS Severity
CVSS v2 Score 4.9
References
- http://www.securityfocus.com/archive/1/418289/100/0/threaded
- http://www.securityfocus.com/archive/1/418431/100/0/threaded
- http://www.securityfocus.com/bid/15671/
- http://www.securityfocus.com/archive/1/418289/100/0/threaded
- http://www.securityfocus.com/archive/1/418431/100/0/threaded
- http://www.securityfocus.com/bid/15671/
Products affected by CVE-2005-3981
-
cpe:2.3:o:microsoft:windows_2000:-
-
cpe:2.3:o:microsoft:windows_2000:beta3
-
cpe:2.3:o:microsoft:windows_2003_server:enterprise
-
cpe:2.3:o:microsoft:windows_2003_server:r2
-
cpe:2.3:o:microsoft:windows_2003_server:standard
-
cpe:2.3:o:microsoft:windows_2003_server:web
-
cpe:2.3:o:microsoft:windows_xp:-