MS08-008: Vulnerability in OLE Automation Could Allow Remote Code Execution (947890)
High Nessus Plugin ID 31042
SynopsisArbitrary code can be executed on the remote host through the web or email client.
DescriptionThe remote host contains a version of Microsoft Windows that has a vulnerability in the OLE Automation component that can be abused by an attacker to execute arbitrary code on the remote host.
An attacker may be able to execute arbitrary code on the remote host by constructing a malicious script and enticing a victim to visit a web site or view a specially crafted email message.
SolutionMicrosoft has released a set of patches for Windows 2000, XP, 2003 and Vista.