Remote code execution vulnerability in Windows Common Controls| ID: oval:org.secpod.oval:def:5113 | Date: (C)2012-04-12 (M)2024-02-29 |
| Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft BizTalk Server 2002 or Microsoft Commerce Server 2002 or 2007 or 2009 or 2009 R2 or Microsoft Office 2003 or 2007 or 2010 or Microsoft Visual FoxPro or Visual Basic 6.0 Runtime and is prone remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted webpage. Successful exploitation could allow remote attackers to gain the same user rights as the logged-on user.
| Platform: |
| Microsoft Windows 2000 |
| Microsoft Windows 7 |
| Microsoft Windows 8 |
| Microsoft Windows 8.1 |
| Microsoft Windows Server 2003 |
| Microsoft Windows 10 |
| Microsoft Windows Server 2008 |
| Microsoft Windows Server 2012 |
| Microsoft Windows Server 2012 R2 |
| Microsoft Windows Vista |
| Microsoft Windows XP |
| Microsoft Windows Server 2008 R2 |
| Product: |
| Microsoft BizTalk Server 2002 |
| Microsoft Commerce Server 2002 |
| Microsoft Commerce Server 2007 |
| Microsoft Commerce Server 2009 |
| Microsoft Commerce Server 2009 R2 |
| Microsoft Office 2003 |
| Microsoft Office 2007 |
| Microsoft Office 2010 |
| Microsoft SQL Server 2000 |
| Microsoft SQL Server 2000 Analysis Services |
| Microsoft SQL Server 2005 |
| Microsoft SQL Server 2008 |
| Microsoft SQL Server 2008 R2 |
| Microsoft Visual Basic 6.0 |
| Microsoft Visual FoxPro |
| Microsoft Office 2003 Web Components |
