Support
Eng
òÕÓ
Company
Home
Services
Solutions
Documentation
News and Events
 
 
 
Knowledgebase
Downloads
Glossary
Ask a Question
Search:     Advanced search
SHALB.com / Security Knowledgebase / Network Security / Windows Microsoft Bulletins / Vulnerability in Web View Could Allow Code Execution (894320)
server monitoring

Vulnerability in Web View Could Allow Code Execution (894320)
Article ID: 18215
Last updated: 27 Jan, 2009
Print
Email to friend
Views: 440
Posted: 22 Jan, 2009
by: Tech Pubs S.
Updated: 27 Jan, 2009
by: Tech Pubs S.

Vulnerability in Web View Could Allow Code Execution (894320)
This script is Copyright (C) 2005-2008 Tenable Network Security

FamilyWindows : Microsoft Bulletins
Plugin ID18215
Bugtraq ID13248
CVE IDCVE-2005-1191

Description:

Synopsis :

Arbitrary code can be executed on the remote host through Explorer.

Description :

The remote host is running a version of Microsoft Windows which contains a
security flaw in the Web View of the Windows Explorer which may allow an
attacker to execute arbitrary code on the remote host.

To succeed, the attacker would have to send a rogue file to a user of the
remote computer and have it preview it using the Web View with the Windows
Explorer.

Solution :

Microsoft has released a patch for Windows 2000 :

http://www.microsoft.com/technet/security/bulletin/ms05-024.mspx

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
This article was:   Helpful | Not Helpful
Prev   Next
Cumulative Security Update for Internet Explorer (916281)     Vulnerability in the Windows FTP Client Could Allow File...

server monitoring

¿ 2010 "SHALB.com" All rights reserved
SHALB Home
Services
Solutions
Documentation
News and Events