MS07-011: Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (926436)
High Nessus Plugin ID 24335
SynopsisArbitrary code can be executed on the remote host through the OLE Dialog component provided with Microsoft Windows.
DescriptionThe remote host contains a version of Microsoft Windows that has a vulnerability in the OLE Dialog component that could be abused by an attacker to execute arbitrary code on the remote host.
To exploit this vulnerability, an attacker would need to send a specially crafted RTF file to a user on the remote host and lure him into opening it.
SolutionMicrosoft has released a set of patches for Windows 2000, XP and 2003.