Stack-based Buffer Overflow in Plug and Play Service (UMPNPMGR.DLL) in Microsoft Windows

Stack-based Buffer Overflow in Plug and Play Service (UMPNPMGR.DLL) in Microsoft Windows

CVE-2005-2120 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call.

Learn more about our Web Application Penetration Testing UK.