Remote Code Execution via Windows Shell Shortcut File Vulnerability
CVE-2005-2122 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118.
Learn more about our Cis Benchmark Audit For Server Software.