Vulnerabilities

CVE-2005-1191

by Fred · 19/04/2005

The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("’") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file.

Date published : 2005-04-19

http://www.securityfocus.com/bid/13248

http://www.securityfocus.com/archive/1/396224

Similar

Tags: Cybersecurity Alert