5

CVE-2005-1191

Exploit
The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 19.62% 0.97
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://security.greymagic.com/security/advisories/gm015-ie
Patch
Exploit
http://www.securityfocus.com/archive/1/396224
Exploit
http://www.securityfocus.com/bid/13248
Patch
Vendor Advisory
Exploit
http://www.vupen.com/english/advisories/2005/0509
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-024
https://exchange.xforce.ibmcloud.com/vulnerabilities/20380
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3585