Microsoft Agent Vulnerability in Web Application Security
CVE-2005-1214

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2003 Server; Windows 2000 Terminal Services; Windows Xp; Windows 2000
Vendor: CVE Published:; 14 June 2005

Summary

Microsoft Agent contains a vulnerability that permits remote attackers to manipulate security prompts displayed in trusted Internet content. By disguising these prompts on malicious web pages, attackers can execute arbitrary code on a user's system, potentially leading to unauthorized access and data compromise. This flaw emphasizes the need for vigilance and enhanced security measures when interacting with web content.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securityfocus.com/bid/13948

vdb-entryx_refsource_BID

EPSS Score

32% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 14, 2005
Vulnerability Reserved
Apr 22, 2005