Microsoft Remote Desktop Connection Client DLL Loading Arbitrary Code Execution Vulnerability

Microsoft Remote Desktop Connection client is prone to a vulnerability that lets attackers execute arbitrary code.

An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.

NOTE: This issue may be related to BID 42853 (Microsoft Remote Desktop Protocol 'ieframe.dll' DLL Loading Arbitrary Code Execution Vulnerability).


 

Privacy Statement
Copyright 2010, SecurityFocus