Microsoft Windows Shell LNK Code Execution

This module exploits a vulnerability in the MS10-046 patch to abuse again the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This creates an SMB resource to provide the payload and the trigger, and generates a LNK file which must be sent to the...

Microsoft Windows Shell SMB LNK Code Execution Exploit

This Metasploit module exploits a vulnerability in the MS10-046 patch to abuse again the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This creates an SMB resource to provide the payload and the trigger, and generates a LNK file which must be...

Microsoft Windows Shell LNK Code Execution

This module exploits a vulnerability in the MS10-046 patch to abuse again the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This module creates the required files to exploit the vulnerability. They must be uploaded to an UNC path accessible by...

MS14-027: Vulnerability in Windows Shell Handler Could Allow Elevation of Privilege (2962488)

A privilege escalation vulnerability exists on the remote Windows host due to improper handling of file associations. A local attacker could exploit this vulnerability to execute arbitrary code on the remote host under the privileges of the Local System account. C Tenable Network Security, Inc...

MS14-027: Description of the security update for Windows systems that do not have update 2919355 installed: May 13, 2014

Resolves a vulnerability in Windows that could allow elevation of privilege if an attacker runs a specially crafted application that uses ShellExecute.IntroductionThis security update resolves a vulnerability in Windows that could allow elevation of privilege if an attacker runs a specially craft...