CVE-2005-0063

The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document.
References
Link Resource
http://marc.info/?l=bugtraq&m=111755356016155&w=2
http://www.idefense.com/application/poi/display?id=231&type=vulnerabilities Patch
http://www.securiteam.com/exploits/5YP0T0AFFW.html
http://www.securityfocus.com/bid/13132
http://www.vupen.com/english/advisories/2005/0335
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3456
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A407
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4710
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A573
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A587
http://marc.info/?l=bugtraq&m=111755356016155&w=2
http://www.idefense.com/application/poi/display?id=231&type=vulnerabilities Patch
http://www.securiteam.com/exploits/5YP0T0AFFW.html
http://www.securityfocus.com/bid/13132
http://www.vupen.com/english/advisories/2005/0335
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3456
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A407
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4710
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A573
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A587
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*

History

20 Nov 2024, 23:54

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=111755356016155&w=2 - () http://marc.info/?l=bugtraq&m=111755356016155&w=2 -
References () http://www.idefense.com/application/poi/display?id=231&type=vulnerabilities - Patch () http://www.idefense.com/application/poi/display?id=231&type=vulnerabilities - Patch
References () http://www.securiteam.com/exploits/5YP0T0AFFW.html - () http://www.securiteam.com/exploits/5YP0T0AFFW.html -
References () http://www.securityfocus.com/bid/13132 - () http://www.securityfocus.com/bid/13132 -
References () http://www.vupen.com/english/advisories/2005/0335 - () http://www.vupen.com/english/advisories/2005/0335 -
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3456 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3456 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A407 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A407 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4710 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4710 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A573 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A573 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A587 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A587 -

Information

Published : 2005-05-02 04:00

Updated : 2024-11-20 23:54


NVD link : CVE-2005-0063

Mitre link : CVE-2005-0063

CVE.ORG link : CVE-2005-0063


JSON object : View

Products Affected

microsoft

  • windows_me
  • windows_98
  • windows_xp
  • windows_98se
  • windows_2000
  • windows_2003_server