CVE-2005-1219

EXPLOITED

Microsoft Color Management Module - RCE

Title source: llm

Description

Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.

Exploits (2)

exploitdb WORKING POC VERIFIED

by darkeagle · cremotewindows

https://www.exploit-db.com/exploits/1506

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by snooq · cdoswindows

https://www.exploit-db.com/exploits/1116

View Code ZIP pw:eip

References (10)

[Patch, Vendor Advisory] http://secunia.com/advisories/16004/

[US Government Resource] http://www.kb.cert.org/vuls/id/720742

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA05-193A.html

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-036

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/14214

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1125

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1280

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A330

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A440

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A769

Scores

EPSS 0.7799

EPSS Percentile 99.0%

Details

VulnCheck KEV 2005-07-12

Status published

Products (1)

microsoft/image_color_management

Published Jul 12, 2005

Tracked Since Feb 18, 2026