CVE-2006-4692

by Fred · 10/10/2006

Argument injection vulnerability in the Windows Object Packager (packager.exe) in Microsoft Windows XP SP1 and SP2 and Server 2003 SP1 and earlier allows remote user-assisted attackers to execute arbitrary commands via a crafted file with a "/" (slash) character in the filename of the Command Line property, followed by a valid file extension, which causes the command before the slash to be executed, aka "Object Packager Dialogue Spoofing Vulnerability."

Date published : 2006-10-10

http://www.securityfocus.com/bid/20318

http://www.securityfocus.com/archive/1/448273/100/0/threaded

CVE-2006-4692

Similar

Recent Posts

Categories

CVE-2006-4692

Share this:

Similar

Recent Posts

Categories

Tags