| Patch Name : |
Windows2000-KB891781-x86-ENU.EXE |
| Patch Description : |
Security Update for Windows 2000 (KB891781) |
| Bulletin Id : |
MS05-013 |
| Bulletin Title : |
Vulnerability in the DHTML Editing ActiveX Control could allow code execution (891781) |
| KnowledgeBase : | 891781 |
| Severity : |
Critical |
| Location Path : | Windows2000-KB891781-x86-ENU.EXE |
| Bulletin Summary: |
This update resolves a newly-discovered, public vulnerability. A vulnerability exists in the DHTML Editing ActiveX control that could allow Information Disclosure or, at worst remote code execution on an affected system. The vulnerability is documented in the "Vulnerability Details" section of this bulletin.
If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
| Superceding Bulletin Id : |
MSWU-040 |
| Patch Release Date : |
Feb 8, 2005 |
| CVE Id : | CAN-2004-1319 |
| Affected Product Information |
|
| Product Name |
Service Pack Name |
| Windows 2000 Advanced Server | Windows 2000 Service Pack 3 |
| Windows 2000 Professional | Windows 2000 Service Pack 3 |
| Windows 2000 Server | Windows 2000 Service Pack 3 |
|
| File changes |
|
| File Path |
Version |
| %commonprogramfiles%\Microsoft Shared\Triedit\dhtmled.ocx | 6.1.0.9232 |
|
| Registry changes |
|
| Registry Path |
Key Name |
Key Value |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows 2000\SP5\KB891781 | | -2 |
|
