Microsoft Windows File/Directory Names Handling Arbitrary Command Injection Vulnerability

Microsoft Windows is prone to a remote command-injection that affects the Windows Shell component vulnerability because it fails to adequately sanitize user-supplied input data.

Attackers can exploit this issue to execute arbitrary shell commands with user-level privileges. This may facilitate the remote compromise of affected computers.


Privacy Statement
Copyright 2010, SecurityFocus