CVE-2005-1676

Published: May 20, 2005Modified: Apr 16, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in Groove Mobile Workspace in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allow remote attackers to inject arbitrary web script or HTML via the (1) picture columns embedded within SharePoint lists or (2) drop-down menus in a SharePoint list.

Affected (3)

Products: Groove: Groove Workspace, Virtual Office

2 products

Groove Workspace

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Groove Groove Workspace	Up to 2.5n_build_1871
Groove Virtual Office	Up to 3.1_build_2338
Groove Virtual Office	Up to 3.1a_build_2364

References (8)

http://secunia.com/advisories/15421

Source: cve@mitre.org

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/372618

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://www.kb.cert.org/vuls/id/514386

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://www.kb.cert.org/vuls/id/JGEI-6BCRCC

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://secunia.com/advisories/15421

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/372618

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

http://www.kb.cert.org/vuls/id/514386

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

http://www.kb.cert.org/vuls/id/JGEI-6BCRCC

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.