Microsoft Windows ShellExecute()输入验证漏洞（MS10-002/MS10-007）

BUGTRAQ ID: 37884 CVE ID: CVE-2010-0027 Microsoft Windows是微软发布的非常流行的操作系统。 IE浏览器等应用使用ShellExecute API函数处理文件。由于没有正确的对数据流执行验证，用户受骗跟随了恶意URL就可能导致绕过安全过滤执行本地系统上的二进制程序。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows 2000SP4 厂商补丁： Microsoft ---------...

Microsoft Windows Shell Handler Could Allow Remote Code Execution Vulnerability (975713)

This host is missing a critical security update according to Microsoft Bulletin MS10-007. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows Shell Handler URL Validation Code Execution (MS10-007; CVE-2010-0027)

A remote code execution vulnerability has been reported in the Microsoft Windows ShellExecute API function. The Windows user interface provides users with access to a wide variety of objects necessary for running applications and managing the operating system. ShellExecute is part of the Windows...