CVE-2008-0951

Name of the Vulnerable Software and Affected Versions Microsoft Windows Vista (affected versions not specified)

Description The issue allows user-assisted remote attackers, and possibly physically proximate attackers, to execute arbitrary code by inserting a CD-ROM device or U3-enabled USB device containing a filesystem with an Autorun.inf file. This is due to the improper enforcement of the NoDriveTypeAutoRun registry value, which is related to AutoRun and AutoPlay actions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.