Описание
Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a (1) local file or (2) UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using C:/windows/system32/winrm (winrm.cmd) and migwiz (migwiz.exe).
Ссылки
- Exploit
- Exploit
- US Government Resource
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:microsoft:windows_vista:*:*:32_bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:business:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:enterprise:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:home_basic:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:home_premium:*:*:*:*:*
EPSS
Процентиль: 99%
0.76316
Высокий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a (1) local file or (2) UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using C:/windows/system32/winrm (winrm.cmd) and migwiz (migwiz.exe).
EPSS
Процентиль: 99%
0.76316
Высокий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other