Oval Definition:	oval:org.mitre.oval:def:14393
Revision Date: 2012-02-20 Version: 8 Title: Object Packager Insecure Executable Launching Vulnerability Description: Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that contains a file with an embedded packaged object, aka "Object Packager Insecure Executable Launching Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2012-0009 Platform(s): Microsoft Windows Server 2003 Microsoft Windows XP Product(s): Definition Synopsis Windows Server 2003 x86/x64/ia64 SP2, Windows Server 2008 x86/x64, Windows Server 2008 SP2 x86/x64, Windows Server 2008 R2 x64, Windows Server 2008 R2 x64 SP1 Microsoft Windows XP (x86) SP3 is installed OR Microsoft Windows XP x64 Edition SP2 is installed OR Microsoft Windows Server 2003 SP2 (x86) is installed OR Microsoft Windows Server 2003 SP2 (x64) is installed OR Microsoft Windows Server 2003 (ia64) SP2 is installed AND NOT KB2603381 is installed
BACK