CVE-2005-0551

Microsoft Windows 2000 - Buffer Overflow

Title source: rule

Description

Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.

Exploits (1)

exploitdb WORKING POC VERIFIED

by eyas · clocalwindows

https://www.exploit-db.com/exploits/1198

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1822

[Patch, Vendor Advisory] http://www.idefense.com/application/poi/display?id=230&type=vulnerabilities

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A777

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A266

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3544

Scores

EPSS 0.3652

EPSS Percentile 97.1%

Details

Status published

Products (3)

microsoft/windows_2000

microsoft/windows_2003_server r2

microsoft/windows_xp (2 CPE variants)

Published May 02, 2005

Tracked Since Feb 18, 2026