CVE-2008-0951

2008-03-24T22:44:00
ID CVE-2008-0951
Type cve
Reporter cve@mitre.org
Modified 2018-10-12T21:45:00

Description

Microsoft Windows Vista does not properly enforce the NoDriveTypeAutoRun registry value, which allows user-assisted remote attackers, and possibly physically proximate attackers, to execute arbitrary code by inserting a (1) CD-ROM device or (2) U3-enabled USB device containing a filesystem with an Autorun.inf file, and possibly other vectors related to (a) AutoRun and (b) AutoPlay actions.