Family: Windows : Microsoft Bulletins --> Category: infos
Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725) Vulnerability Scan
Vulnerability Scan Summary
Acertains the presence of update 900725
Detailed Explanation for this Vulnerability Test
Vulnerabilities in the Windows Shell may allow a possible hacker to execute
arbitrary code on the remote host.
The remote version of Windows contains a version of the Windows Shell
which has several vulnerabilities.
A possible hacker may exploit these vulnerabilities by :
- Sending a malformed .lnk file a to user on the remote host which
triggers an overflow
- Sending a malformed HTML document to a user on the remote host and
have him view it in the Windows Explorer preview pane
Microsoft has released a set of patches for Windows 2000, XP and 2003 :
Medium / CVSS Base Score : 6
Click HERE for more information and discussions on this network vulnerability scan.