Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: MS06-065: Remote Code Excution in Windows Object Packager SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS06-065: Remote Code Excution in Windows Object Packager
There exists a remote code execution vulnerability in Windows Object Packager (MS06-065) due to the way the application handles file extensions. A specially crafted file could be created that would execute code if a user was sent to a malicious website. However, there is quite a bit of user interaction required for this exploit to actually work. Enhanced Security Configuration for Windows 2003 will effectively mitigate this problem.

The CVE for this exploit is CVE-2006-4692 and will not likely see much action in the wild.
John

260 Posts
ISC Handler
Oct 10th 2006

Sign Up for Free or Log In to start participating in the conversation!