CVE-2005-2126

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-2126
The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary locations via crafted filenames.

2.6 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability : 4.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://secunia.com/advisories/17163 Patch Vendor Advisory
http://secunia.com/advisories/17172
http://secunia.com/advisories/17223
http://securitytracker.com/id?1015036
http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf
http://www.kb.cert.org/vuls/id/415828 Third Party Advisory US Government Resource
http://www.securiteam.com/windowsntfocus/6M00I0KEAU.html Patch
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-044
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1146
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1284
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1416
http://secunia.com/advisories/17163 Patch Vendor Advisory
http://secunia.com/advisories/17172
http://secunia.com/advisories/17223
http://securitytracker.com/id?1015036
http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf
http://www.kb.cert.org/vuls/id/415828 Third Party Advisory US Government Resource
http://www.securiteam.com/windowsntfocus/6M00I0KEAU.html Patch
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-044
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1146
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1284
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1416
Configurations

Configuration 1 (hide)

cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
History

20 Nov 2024, 23:58

Type Values Removed Values Added
References () http://secunia.com/advisories/17163 - Patch, Vendor Advisory () http://secunia.com/advisories/17163 - Patch, Vendor Advisory
References () http://secunia.com/advisories/17172 - () http://secunia.com/advisories/17172 -
References () http://secunia.com/advisories/17223 - () http://secunia.com/advisories/17223 -
References () http://securitytracker.com/id?1015036 - () http://securitytracker.com/id?1015036 -
References () http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf - () http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf -
References () http://www.kb.cert.org/vuls/id/415828 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/415828 - Third Party Advisory, US Government Resource
References () http://www.securiteam.com/windowsntfocus/6M00I0KEAU.html - Patch () http://www.securiteam.com/windowsntfocus/6M00I0KEAU.html - Patch
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-044 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-044 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1146 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1146 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1284 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1284 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1416 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1416 -
Information

Published : 2005-10-21 18:02

Updated : 2024-11-20 23:58

NVD link : CVE-2005-2126

Mitre link : CVE-2005-2126

CVE.ORG link : CVE-2005-2126

JSON object : View

Products Affected

microsoft

  • ie
  • windows_xp
  • windows_2000
  • windows_2003_server
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024