Assembly Execution Vulnerability in Microsoft Windows by embedded ClickOnce applicationID: oval:org.secpod.oval:def:3717 | Date: (C)2012-01-11 (M)2023-12-14 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Windows and is prone to remote code execution vulnerability. A flaw is present in the application which is caused by the way that Windows Packager loads ClickOnce applications embedded in Microsoft Office files. Successful exploitation allows remote attacker to gain the same user rights as the local user and take complete control over the affected system.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |