Vulnerabilities > CVE-2004-2289 - Unspecified vulnerability in Microsoft Windows XP
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
exploit available
Summary
Microsoft Windows XP Explorer allows local users to execute arbitrary code via a system folder with a Desktop.ini file containing a .ShellClassInfo specifier with a CLSID value that is associated with an executable file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 3 |
Exploit-Db
| description | Microsoft Windows XP Self-Executing Folder Vulnerability. CVE-2004-2289. Remote exploit for windows platform |
| id | EDB-ID:24125 |
| last seen | 2016-02-02 |
| modified | 2004-05-17 |
| published | 2004-05-17 |
| reporter | Roozbeh Afrasiabi |
| source | https://www.exploit-db.com/download/24125/ |
| title | Microsoft Windows XP Self-Executing Folder Vulnerability |
References
- http://archives.neohapsis.com/archives/bugtraq/2004-05/0168.html
- http://archives.neohapsis.com/archives/bugtraq/2004-05/0168.html
- http://secunia.com/advisories/11633
- http://secunia.com/advisories/11633
- http://www.freewebs.com/roozbeh_afrasiabi/xploit/execute.htm
- http://www.freewebs.com/roozbeh_afrasiabi/xploit/execute.htm
- http://www.osvdb.org/6221
- http://www.osvdb.org/6221
- http://www.securityfocus.com/bid/10363
- http://www.securityfocus.com/bid/10363
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-015
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-015
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16171
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16171