The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability announce CVE-2005-2120

Windows: buffer overflow of Plug and Play

Synthesis of the vulnerability

An authenticated attacker can overflow a buffer in Plug and Play in order to increase his privileges.
Vulnerable products: Windows 2000, Windows NT, Windows XP.
Severity of this weakness: 2/4.
Consequences of a hack: administrator access/rights.
Hacker's origin: user account.
Creation date: 12/10/2005.
Revisions dates: 24/10/2005, 25/10/2005.
Références of this bulletin: AD20051011, BID-15065, CERTA-2005-AVI-398, CVE-2005-2120, MS05-047, VIGILANCE-VUL-5262, VU#214572.

Description of the vulnerability

Service Plug and Play (umpnpmgr.dll) automatically detects new hardware installed on system.

However, an authenticated attacker can send a message leading to an overflow in function wsprintfW() used by service. This overflow permits to execute code with rights of system user.

This vulnerability therefore permits an attacker to increase his privileges.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides software vulnerability patches. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.