PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a DCE RPC request that specifies a large output buffer size, a variant of CVE-2006-6296, and a different vulnerability than CVE-2005-2120.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2005-11-17 03:02
Updated : 2019-04-30 07:27
NVD link : CVE-2005-3644
Mitre link : CVE-2005-3644
JSON object : View
CWE
CWE-399
Resource Management Errors
Products Affected
microsoft
- windows_xp
- windows_2000