5.1 - MS05-025

Executive Summary

Informations
Name	MS05-025	First vendor Publication	N/A
Vendor	Microsoft	Last vendor Modification	N/A
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P)
Cvss Base Score	5.1	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	High
Cvss Expoit Score	4.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cumulative Security Update for Internet Explorer (883939)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:1115

Oval ID:	oval:org.mitre.oval:def:1115
Title:	IE6,SP2 PNG Image Buffer Overflow
Description:	Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-1211	Version:	4
Platform(s):	Microsoft Windows XP	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
Software section Internet Explorer 6.0 Installed XP SP2 AND the version of mshtml.dll is less than 6.0.2900.2668 AND NOT the patch kb883939 is installed AND Configuration section PNG image rendering enabled in Internet Explorer

Definition Id: oval:org.mitre.oval:def:1239

Oval ID:	oval:org.mitre.oval:def:1239
Title:	IE5.01,SP4 PNG Image Buffer Overflow
Description:	Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-1211	Version:	5
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
Software section Internet Explorer 5.01 Service Pack 4 is installed AND the version of mshtml.dll is less than 5.0.3828.2700 AND NOT the patch kb883939 is installed AND Configuration section PNG image rendering enabled in Internet Explorer

Definition Id: oval:org.mitre.oval:def:258

Oval ID:	oval:org.mitre.oval:def:258
Title:	IE5.01,SP3 PNG Image Buffer Overflow
Description:	Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-1211	Version:	5
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
Software section Internet Explorer 5.01 Service Pack 3 is installed AND the version of mshtml.dll is less than 5.0.3541.2700 AND NOT the patch kb883939 is installed AND Configuration section PNG image rendering enabled in Internet Explorer

Definition Id: oval:org.mitre.oval:def:770

Oval ID:	oval:org.mitre.oval:def:770
Title:	IE6,SP1 PNG Image Buffer Overflow
Description:	Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-1211	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
Software section Internet Explorer 6 Service Pack 1 is installed AND the version of mshtml.dll is less than 6.0.2800.1505 or 6.0.2800.1506 the version of mshtml.dll is less than 6.0.2800.1505 (RTMGDR) AND the version of mshtml.dll is less than 6.0.2800.1506 (RTMQFE) AND NOT the patch kb883939 is installed AND Configuration section PNG image rendering enabled in Internet Explorer

Definition Id: oval:org.mitre.oval:def:782

Oval ID:	oval:org.mitre.oval:def:782
Title:	IE6 for Server 2003 PNG Image Buffer Overflow
Description:	Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-1211	Version:	8
Platform(s):	Microsoft Windows Server 2003	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
Software section Internet Explorer 6 for Windows Server 2003 is installed AND a vulnerable version of mshtml.dll exisits a vulnerable version of mshtml.dll exists 32-bit version of Windows or 64-bit (itanium architecture) version of Windows is installed 32-Bit version of Windows is installed AND a version of Windows for the ia64 architecture is installed AND NOT Win2K/XP/2003 is patched AND the version of mshtml.dll is less than 6.0.3790.327 OR a vulnerable version of mshtml.dll exists 32-bit version of Windows or 64-bit (itanium architecture) version of Windows is installed 32-Bit version of Windows is installed AND a version of Windows for the ia64 architecture is installed AND Win2K/XP/2003 service pack 1 is installed AND the version of mshtml.dll is less than 6.0.3790.2440 OR a vulnerable version of mshtml.dll exists 64-Bit (x64 architecture) version of Windows is installed AND NOT Win2K/XP/2003 is patched AND the version of mshtml.dll is less than 6.0.3790.2440 AND NOT the patch kb883939 is installed AND Configuration section PNG image rendering enabled in Internet Explorer

CPE : Common Platform Enumeration

Type	Description	Count
Application	Microsoft Internet Explorer cpe:2.3:a:microsoft:internet_explorer:6.0.2900:::::::*	1

Open Source Vulnerability Database (OSVDB)

Id	Description
17313	Microsoft IE PNG Image Processing Arbitrary Code Execution A remote overflow exists in Windows. Internet Explorer fails to validate PNG files resulting in a buffer overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Snort® IPS/IDS

Date	Description
2014-01-10	Microsoft Windows Media Player Malformed PNG detected tRNS overflow attempt RuleID : 6695 - Revision : 24 - Type : FILE-IMAGE
2014-01-10	DigWebX MSN ActiveX object access RuleID : 4197 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft Windows MsnPUpld ActiveX object access RuleID : 4191 - Revision : 12 - Type : BROWSER-PLUGINS
2014-01-10	Microsoft Windows MsnPUpld ActiveX object access RuleID : 4173 - Revision : 14 - Type : BROWSER-PLUGINS
2014-01-10	DigWebX MSN ActiveX object access RuleID : 4164 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10	DigWebX MSN ActiveX object access RuleID : 4163 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10	DigWebX MSN ActiveX object access RuleID : 4162 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10	DigWebX MSN ActiveX object access RuleID : 4161 - Revision : 11 - Type : BROWSER-PLUGINS
2016-03-31	Microsoft Internet Explorer tRNS overflow attempt RuleID : 37870 - Revision : 1 - Type : BROWSER-IE
2014-01-10	Microsoft Internet Explorer tRNS overflow attempt RuleID : 3689 - Revision : 15 - Type : BROWSER-IE
2014-03-08	Adobe Photoshop malformed PNG detected tRNS overflow attempt RuleID : 29620 - Revision : 3 - Type : FILE-IMAGE
2014-01-10	Microsoft Windows Media Player Malformed PNG detected tRNS overflow attempt RuleID : 26860 - Revision : 7 - Type : FILE-IMAGE

Nessus® Vulnerability Scanner

Date	Description
2005-06-14	Name : Arbitrary code can be executed on the remote host through the web client. File : smb_nt_ms05-025.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:45:11	Multiple Updates
2014-01-19 21:29:54	Multiple Updates

Global Informations

Type	Count
Oval ID(s)	5
CPE ID(s)	1
osvdb(s)	1
Snort® Rule(s)	12
Nessus® Exploit(s)	1

	Related
5.1	CVE-2005-1211
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0715s

Facebook rss twitter linkedin mail