7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.937 High
EPSS
Percentile
99.1%
The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document.
marc.info/?l=bugtraq&m=111755356016155&w=2
www.idefense.com/application/poi/display?id=231&type=vulnerabilities
www.securiteam.com/exploits/5YP0T0AFFW.html
www.securityfocus.com/bid/13132
www.vupen.com/english/advisories/2005/0335
docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3456
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A407
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4710
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A573
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A587