Remote code execution vulnerability in Windows theme file - MS13-071ID: oval:org.secpod.oval:def:15406 | Date: (C)2013-09-13 (M)2023-12-14 |
Class: PATCH | Family: windows |
The host is missing an important security update according to Microsoft security bulletin, MS13-071. The update is required to fix remote code execution vulnerability. The flaw is present in the Windows theme file (Themeui.dll), which fails to properly handle crafted Windows theme when user forced open the file or apply the theme. Successful exploitation allows attackers to execute arbitrary code.
Platform: |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |