Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Microsoft Windows does not properly enforce the Autorun and NoDriveTypeAutoRun registry values, which allows physically proximate attackers to execute arbitrary code by (1) inserting CD-ROM media, (2) inserting DVD media, (3) connecting a USB device, and (4) connecting a Firewire device; (5) allows user-assisted remote attackers to execute arbitrary code by mapping a network drive; and allows user-assisted attackers to execute arbitrary code by clicking on (6) an icon under My Computer\Devices with Removable Storage and (7) an option in an AutoPlay dialog, related to the Autorun.inf file. NOTE: vectors 1 and 3 on Vista are already covered by CVE-2008-0951.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows NoDriveTypeAutoRun自动执行文件漏洞
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 Windows Vista没有正确地处理NoDriveTypeAutoRun注册表值。根据Microsoft的规范,如果将HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorerNoDriveTypeAutoRun注册表值设置为0xFF的话就应禁止自动播放所有类型的驱动,但即使存在这个值Vista仍允许一些AutoPlay功能。例如,当用户点击驱动器图标
CVSS Information
N/A
Vulnerability Type
N/A