CVE-2005-2122

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1910%

EPSS Percentile35.67th

PublishedOct 21, 2005

Last ModifiedApr 16, 2026

Vulnerability Description

Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118.

Affected Platforms (CPE)

💻

Microsoft

Windows 2000

All versions

💻

Microsoft

Windows 2000

All versions

💻

Microsoft

Windows 2000

All versions

💻

Microsoft

Windows 2000

All versions

💻

Microsoft

Windows 2000

All versions

💻

Microsoft

Windows 2003 Server

= r2

💻

Microsoft

Windows Xp

All versions

💻

Microsoft

Windows Xp

All versions

💻

Microsoft

Windows Xp

All versions

💻

Microsoft

Windows Xp

All versions

💻

Microsoft

Windows Xp

All versions

💻

Microsoft

Windows Xp

All versions

References & Advisories

🔗 http://secunia.com/advisories/17168

🔗 http://secunia.com/advisories/17172

🔗 http://secunia.com/advisories/17223

🔗 http://securitytracker.com/id?1015040

🔗 http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf

🔗 http://www.argeniss.com/research/MSBugPaper.pdf

🔗 http://www.kb.cert.org/vuls/id/922708

🔗 http://www.securityfocus.com/bid/15069

Vulnerability Description

Affected Platforms (CPE)

Windows 2000

Windows 2000

Windows 2000

Windows 2000

Windows 2000

Windows 2003 Server

Windows Xp

Windows Xp

Windows Xp

Windows Xp

Windows Xp

Windows Xp

References & Advisories

Related Vulnerabilities