Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:922708
HistoryOct 11, 2005 - 12:00 a.m.

Microsoft Windows Shell fails to handle shortcut files properly

2005-10-1100:00:00
www.kb.cert.org
13

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.954 High

EPSS

Percentile

99.4%

JSON

Overview

Microsoft Windows Shell does not properly handle some shortcut files and may permit arbitrary code execution when a specially-crafted file is opened.

Description

Microsoft Windows supports files that point to another file, called “shortcut” files. These files have the .lnk extension, and may have properties that are passed to the target program or file.

Windows does not properly handle some properties on shortcut files and may be vulnerable to a specially-crafted shortcut file format. An attacker that has crafted such a shortcut file and that has convinced a user to open the file may be able to execute arbitrary code on the system. This file may be opened from an email message or a web link.

The arbitrary code is executed with the user’s privileges, so if an administrative user has opened the file, the attacker may be able to take complete control of the system.

Impact

A remote, unauthenticated attacker may be able to execute arbitrary code and take complete control of the system.

Solution

Apply an update
Please see Microsoft Security Bulletin MS05-049 for more information on fixes, workarounds, and updates.

Vendor Information

922708

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Microsoft Corporation __ Affected

Updated: October 11, 2005

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see Microsoft Security Bulletin MS05-049 for more information.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23922708 Feedback>).

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

<http://www.microsoft.com/technet/security/Bulletin/MS05-049.mspx&gt;

Acknowledgements

Microsoft reported this vulnerability, and in turn thank Cesar Cerrudo of Argeniss for information on the issue.

This document was written by Ken MacInnis.

Other Information

CVE IDs: CVE-2005-2122
Severity Metric: 5.29 Date Public:

Related

checkpoint_advisories 1
cve 2
nessus 1
securityvulns 1
checkpoint_advisories
checkpoint_advisories
Microsoft Windows LNK File Shell Buffer Overflow (MS05-049; CVE-2005-2122)
2009-11-24 00:00:00
cve
cve
CVE-2005-2118
2005-10-21 18:02:00
CVE-2005-2122
2005-10-21 18:02:00
nessus
nessus
MS05-049: Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725)
2005-10-11 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS05-049 Vulnerabilities in Windows Shell Could Allow Remote Code Execution &#40;900725&#41;
2005-10-12 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.954 High

EPSS

Percentile

99.4%

JSON
Related for VU:922708
checkpoint_advisories1cve2nessus1securityvulns1