|CVSS SCORE||10.0, (AV:N/AC:L/Au:N/C:C/I:C/A:C)|
Windows Server 2003
|TIPPINGPOINT™ IPS CUSTOMER PROTECTION||TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 9436. For further product information on the TippingPoint IPS: http://www.tippingpoint.com|
This vulnerability allows remote attackers to force a Microsoft Windows system to execute a given local executable. User interaction is required in that the target must access a malicious URL.
The specific flaw exists within the ShellExecute API. Using a specially formatted URL an attacker can bypass sanitization checks within this function and force the calling application into running an executable of their choice. Successful exploitation requires a useful binary to exist in a predictable location on the remote system.
Microsoft has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Brett Moore, Insomnia Security