CVE-2005-0047
Windows <2000-Server 2003 - RCE
Title source: llmDescription
Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability."
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Cesar Cerrudo · clocalwindows
https://www.exploit-db.com/exploits/1019
References (10)
Scores
EPSS
0.0895
EPSS Percentile
92.6%
Details
Status
published
Products (7)
microsoft/windows_2000
(5 CPE variants)
microsoft/windows_2003_server
enterprise
microsoft/windows_2003_server
enterprise_64-bit
microsoft/windows_2003_server
r2 (2 CPE variants)
microsoft/windows_2003_server
standard
microsoft/windows_2003_server
web
microsoft/windows_xp
(10 CPE variants)
Published
May 02, 2005
Tracked Since
Feb 18, 2026