New Search

Windows Mail UNC Navigation Request Remote Code Execution Vulnerability

oval:org.mitre.oval:def:1861

Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a (1) local file or (2) UNC share pathname in which there is a directory with the same base name as an executable program at the same level as demonstrated using C:/windows/system32/winrm (winrm.cmd) and migwiz (migwiz.exe).

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Vista
Class:
vulnerability
Reference(s):
  • CVE-2007-1658
Product(s):
  • Windows Mail