Vulnerability Name: | CVE-2004-2290 (CCN-14924) | ||||||||
Assigned: | 2004-01-25 | ||||||||
Published: | 2004-01-25 | ||||||||
Updated: | 2017-07-11 | ||||||||
Summary: | Microsoft Windows XP Explorer allows attackers to execute arbitrary code via a HTML and script in a self-executing folder that references an executable file within the folder, which is automatically executed when a user accesses the folder. | ||||||||
CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: BUGTRAQ Type: Exploit, Vendor Advisory 20040125 Self-Executing FOLDERS: Windows XP Explorer Part V Source: CCN Type: BugTraq Mailing List, Sun Jan 25 2004 - 10:51:00 CST Self-Executing FOLDERS: Windows XP Explorer Part V Source: MITRE Type: CNA CVE-2004-2290 Source: CCN Type: SA10708 Windows XP Malicious Folder Automatic Code Execution Vulnerability Source: SECUNIA Type: Vendor Advisory 10708 Source: CCN Type: SECTRACK ID: 1008843 Windows XP Explorer Executes Arbitrary Code in Folders Source: SECTRACK Type: Exploit 1008843 Source: OSVDB Type: UNKNOWN 3711 Source: CCN Type: OSVDB ID: 3711 Microsoft Windows XP Malicious Folder Automatic Code Execution Source: BID Type: Exploit 9487 Source: CCN Type: BID-9487 Microsoft Windows XP Explorer Self-Executing Folder Vulnerability Source: XF Type: UNKNOWN win-folder-execute-code(14924) Source: XF Type: UNKNOWN win-folder-execute-code(14924) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |