5 matches found
CVE-2017-8464
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK fil...
LNK remote code execution vulnerability: June 13, 2017
LNK remote code execution vulnerability: June 13, 2017 Summary A remote code execution exists in Microsoft Windows that could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user...
VulnCheck KEV: CVE-2010-2568
Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could execute code as the logged-on user...
Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)
Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution 2286198 Published: August 02, 2010 Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerabili...
MS KB2286198: Windows Shell Shortcut Icon Parsing Arbitrary Code Execution (EASYHOOKUP)
Windows Shell does not properly validate the parameters of a shortcut file when loading its icon. Attempting to parse the icon of a specially crafted shortcut file can result in arbitrary code execution. A remote attacker could exploit this by tricking a user into viewing a malicious shortcut fil...