CVE-2005-2126 — Microsoft Windows 2003 Server vulnerability

3 documents3 sources

Severity

2.6LOWNVD

EPSS

50.1%

top 2.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft IE Microsoft Windows 2003 Server

Timeline

PublishedOct 21

Latest updateMay 1

Description

The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary locations via crafted filenames.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

▶NVDmicrosoft/windows_2003_serverr2

▶NVDmicrosoft/ie6.0

Patches

Patch: secunia.com ↗Patch: www.securiteam.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-qrc4-28w8-rjc8: The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled↗2022-05-01

▶

CVEList

CVE-2005-2126: The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled↗2005-10-21

▶