CVE-2005-2117

Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 does not properly handle certain HTML characters in preview fields, which allows remote user-assisted attackers to execute arbitrary code.
Configurations

Configuration 1 (hide)

cpe:2.3:a:microsoft:windows_explorer:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*

History

20 Nov 2024, 23:58

Type Values Removed Values Added
References () http://secunia.com/advisories/17168 - () http://secunia.com/advisories/17168 -
References () http://secunia.com/advisories/17172 - () http://secunia.com/advisories/17172 -
References () http://secunia.com/advisories/17223 - () http://secunia.com/advisories/17223 -
References () http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf - () http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf -
References () http://www.securityfocus.com/bid/15064 - () http://www.securityfocus.com/bid/15064 -
References () http://www.us-cert.gov/cas/techalerts/TA05-284A.html - US Government Resource () http://www.us-cert.gov/cas/techalerts/TA05-284A.html - US Government Resource
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-049 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-049 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1291 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1291 -

Information

Published : 2005-10-21 18:02

Updated : 2024-11-20 23:58


NVD link : CVE-2005-2117

Mitre link : CVE-2005-2117

CVE.ORG link : CVE-2005-2117


JSON object : View

Products Affected

microsoft

  • windows_2000
  • windows_xp
  • windows_explorer
  • windows_2003_server