MS06-043: Vulnerability in Microsoft Windows Could Allow Remote Code Execution (920214)
MS06-043: Vulnerability in Microsoft Windows Could Allow Remote Code Execution (920214)
https://www.microsoft.com/technet/security/bulletin/ms06-043.mspx
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2766
Affected Software:
? Microsoft Windows XP Service Pack 2
? Microsoft Windows XP Professional x64 Edition
? Microsoft Windows Server 2003 Service Pack 1
? Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
? Microsoft Windows Server 2003 x64 Edition
Impact: Remote Code Execution
Severity: Critical
Description: There is an issue in the way the MHTML protocol is parsed. The MHTML protocol allows for the use of embedded objects such as images. This is another a cross-domain scripting vulnerability in which code is allowed to be run in the wrong security zone (i.e. on the system or local) which is should not be allowed to do. There are MANY ways to exploit this and you should patch immediately!
https://www.microsoft.com/technet/security/bulletin/ms06-043.mspx
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2766
Affected Software:
? Microsoft Windows XP Service Pack 2
? Microsoft Windows XP Professional x64 Edition
? Microsoft Windows Server 2003 Service Pack 1
? Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
? Microsoft Windows Server 2003 x64 Edition
Impact: Remote Code Execution
Severity: Critical
Description: There is an issue in the way the MHTML protocol is parsed. The MHTML protocol allows for the use of embedded objects such as images. This is another a cross-domain scripting vulnerability in which code is allowed to be run in the wrong security zone (i.e. on the system or local) which is should not be allowed to do. There are MANY ways to exploit this and you should patch immediately!
Keywords:
0 comment(s)
×
Diary Archives
Comments