5.1
CVE-2005-2117
- EPSS 36.88%
- Veröffentlicht 21.10.2005 18:02:00
- Zuletzt bearbeitet 16.06.2026 22:14:18
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 does not properly handle certain HTML characters in preview fields, which allows remote user-assisted attackers to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Windows 2000 Updatesp4 Langfr
Microsoft ≫ Windows 2003 Server Versionr2
Microsoft ≫ Windows Xp Updatesp1 Editiontablet_pc
Microsoft ≫ Windows Xp Updatesp2 Editiontablet_pc
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 36.88% | 0.983 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.1 | 4.9 | 6.4 |
AV:N/AC:H/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/17223
http://secunia.com/advisories/17172
http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf
http://www.us-cert.gov/cas/techalerts/TA05-284A.html
http://secunia.com/advisories/17168
http://www.securityfocus.com/bid/15064
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-049
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1291