The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: microsoft
Published: 2005-10-11T04:00:00
Updated: 2018-10-12T19:57:01
Reserved: 2005-07-02T00:00:00
Link: CVE-2005-2119
JSON object: View
NVD Information
Status : Modified
Published: 2005-10-12T13:04:00.000
Modified: 2018-10-12T21:37:03.863
Link: CVE-2005-2119
JSON object: View
Redhat Information
No data.
CWE