MS05-049: Vulnerabilities in Windows Shell Could Allow Remote Code
Execution(900725) Impact: Remote Code Execution Rating: Important Supercedes: MS05-016 and MS05-024 This bulletin has three Parts to it. Shell Vulnerability- CAN-2005-2122: A vulnerablity exist in the way that Windows handles the .lnk file extention. A .lnk file is a file that is a shortcut which points to another file and can contain properties that are passed on to the file that it is pointing to. As such, an attacker an attacker taking advantage of this would be able to execute code on the victim's system by getting the victim to open the .lnk file. Shell Vulnerability - CAN-2005-2118: Same information as above. The main difference appears that instead of opening the .lnk file, the victim only needs to view the properties of the .lnk file. Web View Script Injection Vulnerability - CAN-2005-2117: This vulnerability deals with Web View format used my Microsoft Explorer to view files and their information. A vulnerability exists in the way that Microsoft handles the validation of HTML characters within certain fields on the files. A attacker taking advantage of this would be able to take complete control of the victim's system if the vicitim views the malicious file with the Web View format turned on in Explorer. http://www.microsoft.com/technet/security/Bulletin/MS05-049.mspx |
Joshua 34 Posts Oct 11th 2005 |
Thread locked Subscribe |
Oct 11th 2005 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!