CVE-2006-0012

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version

Description: The issue allows remote attackers to execute arbitrary code via attack vectors involving COM objects and crafted files and directories. A remote code execution vulnerability exists in Windows Explorer because of the way that it handles COM objects. An attacker would need to convince a user to visit a Web site that could force a connection to a remote file server, which could then cause Windows Explorer to fail in a way that could allow code execution. An attacker who successfully exploited this issue could take complete control of an affected system.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.