A Digital Age Deserves A Digital Leader

Windows XP Explorer Executes Arbitrary Code in Folders

Windows XP Explorer Executes Arbitrary Code in Folders

Postby Mac33 » Tue Jan 27, 2004 2:44 pm

Windows XP Explorer Executes Arbitrary Code in Folders

SecurityTracker Alert ID: 1008843
CVE Reference: GENERIC-MAP-NOMATCH


Impact: Execution of arbitrary code via network, User access via network

Exploit Included: Yes

Version(s): Windows XP Explorer

Description: A vulnerability was reported in Microsoft Windows XP in Windows Explorer. A remote user can create a folder that, when viewed by the target user, will execute arbitrary code on the target user's system.

http-equiv reported that a remote user can create a specially crafted 'folder' that includes HTML scripting code and a Windows executable ('.exe' file) containing arbitary code. When a target user attempts to view the contents of the 'folder' (which may be considered an ostensibly safe task by many users), the arbitrary code will be automatically executed on the target user's computer by Windows Explorer. The code will run with the privileges of the target user.

If the 'folder' is an HTML-based file, Windows Explorer (on XP) will execute the file when viewed, extracted, or opened. The scripting code can reference the executable contained in the 'folder', causing the executable to run.

A demonstration exploit is available at:

http://www.malware.com/my.pics.zip

Impact: A remote user can cause arbitrary code to be executed on the target user's system.

Solution: No solution was available at the time of this entry.

Vendor URL: www.microsoft.com/technet/security/ (Links to External Site)

Cause: State error

Underlying OS: Windows (XP)

Reported By: "http-equiv@excite.com" <1@malware.com>

:view: Full Story
:source: Security Tracker
PROfessional Member
User avatar
Posts: 4910
Joined: Tue Mar 12, 2002 4:55 pm
Location: Scotland

Return to Security & Virus

Who is online

Users browsing this forum: No registered users and 5 guests