CVE-2005-2117 | Vulnerability Database | Aqua Security

Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 does not properly handle certain HTML characters in preview fields, which allows remote user-assisted attackers to execute arbitrary code.

Affected Software

Name	Vendor	Start Version	End Version
Windows_explorer	Microsoft	*	*

References

http://secunia.com/advisories/17168
http://secunia.com/advisories/17172
http://secunia.com/advisories/17223
http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf
http://www.securityfocus.com/bid/15064
http://www.us-cert.gov/cas/techalerts/TA05-284A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-049
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1291
http://secunia.com/advisories/17168
http://secunia.com/advisories/17172
http://secunia.com/advisories/17223
http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf
http://www.securityfocus.com/bid/15064
http://www.us-cert.gov/cas/techalerts/TA05-284A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-049
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1291

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2117
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html