Windows Explorer Remote Code Execution Vulnerability in Microsoft Products
CVE-2006-0012

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Xp; Windows 2003 Server; Windows 2000; Windows 98se
Vendor: CVE Published:; 12 April 2006

Summary

A vulnerability exists within Windows Explorer in specific versions of Microsoft Windows that allows remote attackers to execute arbitrary code. This can be achieved through manipulating COM objects and utilizing specially crafted files and directories. Attackers can exploit this flaw to gain unauthorized access to system resources, making it imperative for users to apply security updates and patches to safeguard their systems.

References

http://www.securityfocus.com/bid/17464

vdb-entryx_refsource_BID

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://secunia.com/advisories/19606

third-party-advisoryx_refsource_SECUNIA

EPSS Score

51% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 12, 2006
Vulnerability Reserved
Nov 9, 2005