Lucene search

[email protected]CVE-2005-1678

HistoryMay 20, 2005 - 4:00 a.m.

CVE-2005-1678

2005-05-2004:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-1678

groove virtual office

groove workspace

file extension

security vulnerability

code execution

6.8 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

43.5%

JSON

Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 does not properly display file extensions on attached or embedded files in a compound document, which may allow remote attackers to trick users into executing malicious code.

CPENameOperatorVersion
groove:virtual_officegroove virtual officele3.1a_build_2364
groove:virtual_officegroove virtual officele3.1_build_2338
groove:groove_workspacegroove groove workspacele2.5n_build_1871

CPE	Name	Operator	Version
groove:virtual_office	groove virtual office	le	3.1a_build_2364
groove:virtual_office	groove virtual office	le	3.1_build_2338
groove:groove_workspace	groove groove workspace	le	2.5n_build_1871

References

secunia.com/advisories/15421

www.kb.cert.org/vuls/id/232232

www.kb.cert.org/vuls/id/JGEI-6BCRD6

6.8 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

43.5%

JSON

Related for CVE-2005-1678

cvelist1 nessus1 kaspersky1