Lucene search
+L

89 matches found

NVD
NVD
added 2005/10/21 6:2 p.m.22 views

CVE-2005-2117

Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 does not properly handle certain HTML characters in preview fields, which allows remote user-assisted attackers to execute arbitrary code...

5.1CVSS7.2AI score0.36881EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2005/05/10 12:0 a.m.37 views

MS05-024: Vulnerability in Web View Could Allow Code Execution (894320)

The remote host is running a version of Microsoft Windows that contains a security flaw in the Web View of the Windows Explorer that could allow an attacker to execute arbitrary code on the remote host. To succeed, the attacker would have to send a rogue file to a user of the remote computer and...

5CVSS6.2AI score0.19617EPSS
Exploits1References2
CERT
CERT
added 2005/05/10 12:0 a.m.25 views

Microsoft Windows Explorer vulnerable to script injection via the Web View DLL

Overview Windows Explorer is vulnerable to script injection via the Web View DLL. Exploitation of this vulnerability may lead to execution of arbitrary code. Description Windows Explorer uses the Web View DLL webvw.dll to display information about a selected file/folder file size, author, version...

5CVSS7.2AI score0.19617EPSS
Exploits1References4
NVD
NVD
added 2005/05/02 4:0 a.m.18 views

CVE-2005-1191

The Web View DLL webvw.dll, as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe "'" in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when t...

5CVSS7.1AI score0.19617EPSS
Exploits1References7
Cvelist
Cvelist
added 2005/04/19 4:0 a.m.24 views

CVE-2005-1191

The Web View DLL webvw.dll, as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe "'" in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when t...

7.1AI score0.19617EPSS
Exploits1References7
CVE
CVE
added 2005/04/19 4:0 a.m.60 views

CVE-2005-1191

Summary : CVE-2005-1191 affects the Web View DLL (webvw.dll) used by Windows Explorer on Windows 2000. The flaw arises from insufficient validation of the Author field in file metadata, allowing an attacker to craft a name that, when Web View creates a mailto: link in the preview pane, results in...

5CVSS7.2AI score0.19617EPSS
Exploits1References7Affected Software4
Exploit DB
Exploit DB
added 2005/04/19 12:0 a.m.35 views

Microsoft Windows 98/2000 Explorer - Preview Pane Script Injection

source: https://www.securityfocus.com/bid/13248/info Microsoft Windows Explorer is prone to a script injection vulnerability. This occurs when the Windows Explorer preview pane Web View is enabled on Windows 2000 computers. Windows 98/98SE/ME are also affected by this issue. If a file with...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/11/22 12:0 a.m.34 views

Microsoft Windows Media Player 7.0 - '.asx' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/1980/info Windows Media Player is an application used for digital audio, and video content viewing. An unsafe buffer copy involving remotely-obtained data exists in the Active Stream Redirector ASX component in Windows Media Player. The ASX enables a user...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/08/17 12:0 a.m.31 views

Another Web Folder issue

This is an issue that I submitted to Microsoft yesterday morning. I was going to wait to hear from them before submitting this NTBugTraq, but when only several hours later when I saw Georgi Guninski's Customized Folders issue I felt that I had better "stake my claim" to this issue before he or...

8AI score
Exploits0
Rows per page
Query Builder