CVE-2005-1677
CVE-2005-1677 is a high-severity vulnerability in Groove Groove Workspace with a CVSS 2.0 base score of 7.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: High (CVSS 2.0 base score 7.5)
- EPSS exploit prediction: 4% (88th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Groove Groove Workspace
- Published:
- Last modified:
Description
Unknown vulnerability in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allows remote attackers to bypass restrictions on COM objects.
Frequently asked questions
- What is CVE-2005-1677?
- Unknown vulnerability in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allows remote attackers to bypass restrictions on COM objects.
- How severe is CVE-2005-1677?
- CVE-2005-1677 has a CVSS 2.0 base score of 7.5, rated high severity.
- Is CVE-2005-1677 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 4% (88th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2005-1677?
- CVE-2005-1677 primarily affects Groove Groove Workspace. In total, 2 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2005-1677?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2005-1677 published?
- CVE-2005-1677 was published on 2005-05-20 and last updated on 2026-06-16.
References
- http://secunia.com/advisories/15421
- http://www.kb.cert.org/vuls/id/155610
- http://www.kb.cert.org/vuls/id/JGEI-6BCRCM
Affected products (2)
- cpe:2.3:a:groove:groove_workspace:*:*:*:*:*:*:*:*
- cpe:2.3:a:groove:virtual_office:*:*:*:*:*:*:*:*
More vulnerabilities in Groove Groove Workspace
- CVE-2005-1676 — Medium (CVSS 6.8): Multiple cross-site scripting (XSS) vulnerabilities in Groove Mobile Workspace in Groove Virtual Office before 3.1…
- CVE-2005-1675 — Medium (CVSS 4.6): Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871…
- CVE-2005-1678 — Low (CVSS 2.6): Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 does…