Microsoft Windows Vista Windows Mail Local File Execution Vulnerability

To exploit this issue, an attacker must entice an unsuspecting user to click a malicious link using the vulnerable application.

The following links may be included in an HTML email as an example to trigger this issue:

The following example will execute the 'winrm.cmd' tool:


 

Privacy Statement
Copyright 2010, SecurityFocus