CVE-2005-1678

Published: May 20, 2005Modified: Apr 16, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 does not properly display file extensions on attached or embedded files in a compound document, which may allow remote attackers to trick users into executing malicious code.

Affected (3)

Products: Groove: Groove Workspace, Virtual Office

2 products

Groove Workspace

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Groove Groove Workspace	Up to 2.5n_build_1871
Groove Virtual Office	Up to 3.1_build_2338
Groove Virtual Office	Up to 3.1a_build_2364

References (6)

http://secunia.com/advisories/15421

Source: cve@mitre.org

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/232232

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://www.kb.cert.org/vuls/id/JGEI-6BCRD6

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://secunia.com/advisories/15421

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/232232

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

http://www.kb.cert.org/vuls/id/JGEI-6BCRD6

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.