Family: Windows : Microsoft Bulletins --> Category: infos
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486) Vulnerability Scan
Vulnerability Scan Summary
Acertains the presence of update 925486
Detailed Explanation for this Vulnerability Test
Arbitrary code can be executed on the remote host through the email client or
the web browser.
The remote host is running a version of Internet Explorer or Outlook Express
which is vulnerable to a bug in the Vector Markup Language (VML) handling routine
which may allow a possible hacker execute arbitrary code on the remote host by sending
a specially crafted email or by luring a user on the remote host into visiting
a rogue web site.
Microsoft has released a set of patches for Windows 2000, XP and 2003 :
High / CVSS Base Score : 8.0
Click HERE for more information and discussions on this network vulnerability scan.