VDB
CVE-2005-0051
CVE-2005-0051
PUBLISHED
CVSS 7.5 HIGH
The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information (users who are accessing resources) via an anonymous logon using a named pipe, which is not properly authenticated, aka the "Named Pipe Vulnerability."
EPSS 47.19% · 97.7th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
47.19%
97.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| microsoft | windows_xp |
Timeline
- Feb 8, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 31, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- oval:org.mitre.oval:def:3055 vdb
- TA05-039A third-party-advisory
- oval:org.mitre.oval:def:2292 vdb
- MS05-007 vendor-advisory
- 1013112 vdb
- 12486 vdb
- win-named-pipe-information-disclosure(19093) vdb
- VU#939074 third-party-advisory
- 14189 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2005-0051 advisory