CVE-2005-3981

NOTE: this issue has been disputed by third parties. Microsoft Windows XP, 2000, and 2003 allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has been opened using the OpenProcess function, possibly involving an invalid address for the start routine. NOTE: followup posts have disputed this issue, saying that if a user already has privileges to write to a process, then other functions could be called or the process could be terminated using PROCESS_TERMINATE

Published: Dec 4, 2005
Updated: Nov 8, 2023
CVE: CVE-2005-3981
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.9
AV:L/AC:L/Au:N/C:N/I:N/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_xp	-	-
microsoft / windows_2003_server	web	web.x
microsoft / windows_2003_server	enterprise	enterprise.x
microsoft / windows_2000	-	-
microsoft / windows_2003_server	r2-sp1	r2-sp1.x
microsoft / windows_2003_server	web-sp1	web-sp1.x
microsoft / windows_2003_server	standard-sp1	standard-sp1.x
microsoft / windows_2003_server	enterprise-sp1	enterprise-sp1.x
microsoft / windows_2003_server	standard	standard.x
microsoft / windows_2003_server	r2	r2.x

Vulnerability Database

289,599

CVE-2005-3981