3 matches found
Secunia Research: Microsoft Windows Object Packager Dialog Spoofing
====================================================================== Secunia Research 11/10/2006 - Microsoft Windows Object Packager Dialog Spoofing - ====================================================================== Table of Contents Affected...
CVE-2006-4692
Argument injection vulnerability in the Windows Object Packager packager.exe in Microsoft Windows XP SP1 and SP2 and Server 2003 SP1 and earlier allows remote user-assisted attackers to execute arbitrary commands via a crafted file with a "/" slash character in the filename of the Command Line...
CVE-2006-4692
CVE-2006-4692 describes an Argument injection in Windows Object Packager (packager.exe) that could allow remote code execution. The vulnerability exists in Windows XP (SP1/SP2) and Windows Server 2003 (SP1 and earlier) due to improper handling of the Command Line property when a slash (/) is incl...