Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Microsoft Internet Explorer 6.0 does not properly handle Drag and Drop events, which allows remote user-assisted attackers to execute arbitrary code via a link to an SMB file share with a filename that contains encoded ..\ (%2e%2e%5c) sequences and whose extension contains the CLSID Key identifier for HTML Applications (HTA), aka "Folder GUID Code Execution Vulnerability." NOTE: directory traversal sequences were used in the original exploit, although their role is not clear.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows 拖放操作 远程代码执行漏洞(MS06-045)
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 Microsoft Windows没有正确的处理拖放事件,本地攻击者可能利用此漏洞提升自己的权限。 远程攻击者可以创建文件名中包含有编码的".."(%2e%2e%5c)序列且扩展名中包含有HTML应用(HTA)的CLSID Key标识符的SMW文件共享,并诱骗用户访问到这个共享的链接,导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A