CVE-2005-0063 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-0063
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-0063

Description: The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document.

CVE Status: Candidate

References: OVAL http://oval.mitre.org/oval/definitions/data/oval587.html http://oval.mitre.org/oval/definitions/data/oval573.html http://oval.mitre.org/oval/definitions/data/oval4710.html http://oval.mitre.org/oval/definitions/data/oval407.html http://oval.mitre.org/oval/definitions/data/oval2184.html http://oval.mitre.org/oval/definitions/data/oval3456.html MS http://www.microsoft.com/technet/security/bulletin/ms05-016.mspx MISC http://www.securiteam.com/exploits/5YP0T0AFFW.html IDEFENSE http://www.idefense.com/application/poi/display?id=231&type=vulnerabilities BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=111755356016155&w=2 BID 13132

Return to the previous page.