Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows即插即用UMPNPMGR.DLL wsprintfW溢出漏洞(MS05-047)
Vulnerability Description
Microsoft Windows即插即用(PnP)允许操作在安装新硬件时能够检测到这些硬件。 Microsoft Windows 2000 SP4, XP SP1 SP2 中的即插即用服务存在栈溢出漏洞。允许攻击者通过在注册表子键中构建带有多个'\'来触发wsprintfW函数溢出。 Microsoft Windows即插即用功能中存在缓冲区溢出漏洞。UMPNPMGR.DLL用于管理即插即用服务,为访问设备管理和通知服务提供RPC接口。UMPNPMGR代码包含有对wsprintfW的调用,用于在栈缓冲区
CVSS Information
N/A
Vulnerability Type
N/A