Published: 02/05/2005 Updated: 30/04/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows malicious users to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 2000
microsoft windows 98
microsoft windows 98se
microsoft windows me

source: wwwsecurityfocuscom/bid/13248/info Microsoft Windows Explorer is prone to a script injection vulnerability This occurs when the Windows Explorer preview pane (Web View) is enabled on Windows 2000 computers Windows 98/98SE/ME are also affected by this issue If a file with malicious attributes is selected using Explorer, script c ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/396224 http://security.greymagic.com/security/advisories/gm015-ie http://www.securityfocus.com/bid/13248 http://www.vupen.com/english/advisories/2005/0509 https://exchange.xforce.ibmcloud.com/vulnerabilities/20380 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3585 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-024 https://nvd.nist.gov https://www.exploit-db.com/exploits/25454/https://www.kb.cert.org/vuls/id/668916

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-1191

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect