CVE-2005-1987 Information

Description

Buffer overflow in Collaboration Data Objects (CDO) as used in Microsoft Windows and Microsoft Exchange Server allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name as demonstrated using the \Content-Type\ string.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0289.html http://marc.info/?l=bugtraq&m=112915118302012&w=2 http://secunia.com/advisories/17167 http://securitytracker.com/id?1015038 http://securitytracker.com/id?1015039 http://support.microsoft.com/default.aspx?scid=kb;[LN];Q907245 http://www.kb.cert.org/vuls/id/883460 http://www.osvdb.org/19905 http://www.securityfocus.com/bid/15067 http://www.us-cert.gov/cas/techalerts/TA05-284A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-048 https://exchange.xforce.ibmcloud.com/vulnerabilities/22495 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1130 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1201 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1406 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1420 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1515 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A581 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A848