MS06-015: Vulnerabilities in Windows Explorer Could Allow Remote Code Execution (908531)
Medium Nessus Plugin ID 21212
SynopsisVulnerabilities in the Windows Explorer could allow an attacker to execute arbitrary code on the remote host.
DescriptionThe remote version of Windows contains a version of the Windows Explorer that has a vulnerability in the way it handles COM objects.
An attacker could exploit this vulnerability by asking a victim to visit a rogue website containing a malformed COM object.
SolutionMicrosoft has released a set of patches for Windows 2000, XP and 2003.