Remote Code Execution via Windows Shell Shortcut File Vulnerability

Remote Code Execution via Windows Shell Shortcut File Vulnerability

CVE-2005-2122 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118.

Learn more about our Cis Benchmark Audit For Server Software.