New Search

.lnk File-Open Remote Code Execution Vulnerability (XPSP1)

oval:org.mitre.oval:def:1329

Windows Shell for Microsoft Windows 2000 SP4 XP SP1 and SP2 and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS) a different vulnerability than CVE-2005-2118.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2005-2122
Product(s):