header-logo
Suggest Exploit
vendor:
Windows Explorer
by:
SecurityFocus
7.5
CVSS
HIGH
Remote Denial of Service
20
CWE
Product Name: Windows Explorer
Affected Version From: Windows XP
Affected Version To: Windows XP
Patch Exists: NO
Related CWE: N/A
CPE: o:microsoft:windows_xp
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Microsoft Windows Explorer for Windows XP Remote Denial of Service Vulnerability

Microsoft Windows Explorer for Windows XP has been reported to be prone to a remote denial of service vulnerability. This issue is due to a failure of the application to properly validate user-supplied input via the 'shell:' command. The 'shell:' command is a parameter that a user can specify when including a URI in an HTML tag. This command allows the HTML script to potentially execute any program specified after the 'shell:' command. Successful exploitation of this issue would cause the affected application to crash, denying service to legitimate users. The issue may be triggered when a user follows an HTML link formatted like so: <a href=shell:windowssystem32calc.exe>link</a> or when a user views an HTML document containing the following tag: <iframe src=shell:windowssystem32calc.exe></iframe>

Mitigation:

Users should avoid following untrusted HTML links and should exercise caution when viewing HTML documents from untrusted sources.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9924/info

Microsoft Windows Explorer for Windows XP has been reported to be prone to a remote denial of service vulnerability.

This issue is due to a failure of the application to properly validate user-supplied input via the 'shell:' command. The 'shell:' command is a parameter that a user can specify when including a URI in an HTML tag. This command allows the HTML script to potentially execute any program specified after the 'shell:' command.

Successful exploitation of this issue would cause the affected application to crash, denying service to legitimate users.

The issue may be triggered when a user follows an HTML link formatted like so:
<a href=shell:windows\\system32\\calc.exe>link</a>

This issue may be triggered when a user views an HTML document containing the following tag:
<iframe src=shell:windows\\system32\\calc.exe></iframe>

Navigation

Suggest Exploit

Services By CQR