89 matches found
CVE-2005-2117
Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 does not properly handle certain HTML characters in preview fields, which allows remote user-assisted attackers to execute arbitrary code...
MS05-024: Vulnerability in Web View Could Allow Code Execution (894320)
The remote host is running a version of Microsoft Windows that contains a security flaw in the Web View of the Windows Explorer that could allow an attacker to execute arbitrary code on the remote host. To succeed, the attacker would have to send a rogue file to a user of the remote computer and...
Microsoft Windows Explorer vulnerable to script injection via the Web View DLL
Overview Windows Explorer is vulnerable to script injection via the Web View DLL. Exploitation of this vulnerability may lead to execution of arbitrary code. Description Windows Explorer uses the Web View DLL webvw.dll to display information about a selected file/folder file size, author, version...
CVE-2005-1191
The Web View DLL webvw.dll, as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe "'" in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when t...
CVE-2005-1191
The Web View DLL webvw.dll, as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe "'" in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when t...
CVE-2005-1191
Summary : CVE-2005-1191 affects the Web View DLL (webvw.dll) used by Windows Explorer on Windows 2000. The flaw arises from insufficient validation of the Author field in file metadata, allowing an attacker to craft a name that, when Web View creates a mailto: link in the preview pane, results in...
Microsoft Windows 98/2000 Explorer - Preview Pane Script Injection
source: https://www.securityfocus.com/bid/13248/info Microsoft Windows Explorer is prone to a script injection vulnerability. This occurs when the Windows Explorer preview pane Web View is enabled on Windows 2000 computers. Windows 98/98SE/ME are also affected by this issue. If a file with...
Microsoft Windows Media Player 7.0 - '.asx' Remote Buffer Overflow
source: https://www.securityfocus.com/bid/1980/info Windows Media Player is an application used for digital audio, and video content viewing. An unsafe buffer copy involving remotely-obtained data exists in the Active Stream Redirector ASX component in Windows Media Player. The ASX enables a user...
Another Web Folder issue
This is an issue that I submitted to Microsoft yesterday morning. I was going to wait to hear from them before submitting this NTBugTraq, but when only several hours later when I saw Georgi Guninski's Customized Folders issue I felt that I had better "stake my claim" to this issue before he or...