[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-0063Date: (C)2005-05-02   (M)2023-12-22


The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
BID-13132
http://www.idefense.com/application/poi/display?id=231&type=vulnerabilities
http://marc.info/?l=bugtraq&m=111755356016155&w=2
ADV-2005-0335
MS05-016
http://www.securiteam.com/exploits/5YP0T0AFFW.html
oval:org.mitre.oval:def:2184
oval:org.mitre.oval:def:3456
oval:org.mitre.oval:def:407
oval:org.mitre.oval:def:4710
oval:org.mitre.oval:def:573
oval:org.mitre.oval:def:587

CPE    13
cpe:/o:microsoft:windows_xp::sp1:media_center
cpe:/o:microsoft:windows_xp::sp2:media_center
cpe:/o:microsoft:windows_98::gold
cpe:/o:microsoft:windows_2000::sp3
...
OVAL    6
oval:org.mitre.oval:def:573
oval:org.mitre.oval:def:2184
oval:org.mitre.oval:def:3456
oval:org.mitre.oval:def:587
...

© SecPod Technologies