Windows Server 2008 Color Control Panel DLL Loading Arbitrary Code Execution Vulnerability

Windows Server 2008 is prone to an arbitrary-code-execution vulnerability that affects the Color Control Panel library and lets attackers execute arbitrary code.

An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.

Windows Server 2008 Enterprise SP2 is vulnerable; others may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus