English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.13642
Category:Windows
Title:Buffer overrun in Windows Shell (839645)
Summary:NOSUMMARY
Description:Description:

The remote host is running a version of Windows which has a flaw in
its shell. An attacker could persuade a user on the remote host to execute
a rogue program by using a CLSID instead of a file type, thus fooling
the user into thinking that he will not execute an application but simply
open a document.

Solution : http://www.microsoft.com/technet/security/bulletin/ms04-024.mspx
Risk factor : Medium

Cross-Ref: BugTraq ID: 9510
Common Vulnerability Exposure (CVE) ID: CVE-2004-0420
http://www.securityfocus.com/bid/9510
Bugtraq: 20040127 GOOROO CROSSING: File Spoofing Internet Explorer 6 (Google Search)
http://www.securityfocus.com/archive/1/351379
Bugtraq: 20040127 RE: GOOROO CROSSING: File Spoofing Internet Explorer 6 (Google Search)
http://www.security-express.com/archives/bugtraq/2004-01/0300.html
Cert/CC Advisory: TA04-196A
http://www.us-cert.gov/cas/techalerts/TA04-196A.html
CERT/CC vulnerability note: VU#106324
http://www.kb.cert.org/vuls/id/106324
Microsoft Security Bulletin: MS04-024
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-024
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2245
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2381
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2894
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3386
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3533
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3604
http://secunia.com/advisories/10736/
XForce ISS Database: ie-clsid-file-extension-spoofing(14964)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14964
CopyrightThis script is Copyright (C) 2004 Tenable Network Security

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.