Published: 12/05/2006 Updated: 18/10/2018

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 215

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent malicious users to create files that cannot be accessed through the expected DOS path or prevent access to other similarly named files in the same directory, which prevents those files from being detected or disinfected by certain anti-virus and anti-spyware software.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows xp
microsoft windows 2000

source: wwwsecurityfocuscom/bid/17934/info Microsoft Windows is susceptible to a path-conversion weakness that may allow attackers to bypass security applications This issue occurs because the operating system uses multiple differing algorithms to resolve file paths Attackers may exploit this issue to bypass security software such as a ...

NVD-CWE-Other http://www.48bits.com/advisories/rtldospath.pdf http://www.securityfocus.com/bid/17934 http://www.osvdb.org/25761 https://exchange.xforce.ibmcloud.com/vulnerabilities/26487 http://www.securityfocus.com/archive/1/433583/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/27851/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-2334

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect