CVE-2005-1191

Windows Explorer < Windows 2000 - XSS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1191. PoCs published by GreyMagic Software.

AI-analyzed exploit summary The provided text describes a script injection vulnerability in Microsoft Windows Explorer's preview pane (Web View) on Windows 2000, 98, 98SE, and ME. It references ExploitDB entry 25454 and includes links to malicious .doc files designed to exploit this vulnerability.

Description

The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file.

Exploits (1)

exploitdb WRITEUP VERIFIED

by GreyMagic Software · textremotewindows

https://www.exploit-db.com/exploits/25454

View Code ZIP pw:eip

The provided text describes a script injection vulnerability in Microsoft Windows Explorer's preview pane (Web View) on Windows 2000, 98, 98SE, and ME. It references ExploitDB entry 25454 and includes links to malicious .doc files designed to exploit this vulnerability.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Windows Explorer (Windows 2000, 98, 98SE, ME)

No auth needed

Prerequisites: Windows Explorer preview pane (Web View) enabled · User interaction to select a malicious file

MITRE ATT&CK