Back to search
CVE-2004-2289
Published: Aug 4, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Microsoft Windows XP Explorer allows local users to execute arbitrary code via a system folder with a Desktop.ini file containing a .ShellClassInfo specifier with a CLSID value that is associated with an executable file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
winxp-explorer-code-execution(16171)
vdb-entry
x_refsource_XF
11633
third-party-advisory
x_refsource_SECUNIA
http://www.freewebs.com/roozbeh_afrasiabi/xploit/execute.htm
x_refsource_MISC
10363
vdb-entry
x_refsource_BID
6221
vdb-entry
x_refsource_OSVDB
20040517 Desktop.ini flaw results in executing folders
mailing-list
x_refsource_BUGTRAQ
MS06-015
vendor-advisory
x_refsource_MS
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now