MS07-061 ? Critical: Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460) - Version:1.1 |
|
| BugsAlert Home > MS07-061 ? Critical: Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460) - Version:1.1 | |
|
Severity Rating: Critical - Revision Note: Bulletin updated to clarify that this bulletin only replaces MS06-045 and does not replace MS07-006.Summary: This update resolves a publicly reported vulnerability. A remote code execution vulnerability exists in the way that the Windows shell handles specially crafted URIs that are passed to it. If the Windows shell did not sufficiently validate these URIs, an attacker could exploit this vulnerability and execute arbitrary code. Microsoft has only identified ways to exploit this vulnerability on systems using Internet Explorer 7. However, the vulnerability exists in a Windows file, Shell32.dll, which is included in all supported editions of Windows XP and Windows Server 2003. Original Source: http://www.microsoft.com/technet/security/bulletin/MS07-061.mspx?pubDate=2007-11-21 Learn more about MS07-061 ? Critical: Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460) - Version:1.1 |
|
|
Tags: ms07-061 critical vulnerability windows uri handling remote code execution 943460 version 1.1 |
|
Related Items |
|
|
CVE-2008-4779 (tguzip)
|
|
|
Kaspersky Issue.
|
|
|
MS08-065 ? Important: Vulnerability in Message Queuing Could Allow Remote Code Execution (951071) - Version:1.1
|
|
|
CVE-2008-4381 (internet_explorer)
|
|
|
Web Wiz Rich Text Editor Directory traversal + HTM/HTML filecreation on the server
|
|
|
Eterm X11 Display Security Issue
|
|
|
CVE-2007-3651 (FaName)
|
|
