The host is installed with Internet Explorer and VBScript and is prone to Remote Code Execution vulnerability.
Successful exploitation will allow remote attackers to execute arbitrary code via specially crafted attack. Impact Level: System
Apply the latest updates. For more information refer, http://technet.microsoft.com/en-us/security/advisory/981169
The flaw exists in the way that 'VBScript' interacts with Windows Help files when using Internet Explorer. If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, it allows arbitrary code to be executed in the security context of the currently logged-on user.
Microsoft Internet Explorer version 6.x, 7.x, 8.x
- PuTTY window title escape character arbitrary command execution
- SecureCRT SSH1 protocol version string overflow
- Microsoft Office Products Insecure Library Loading Vulnerability
- Microsoft Unauthorized Digital Certificates Spoofing Vulnerability (2728973)
- Microsoft EAP Implementation TLS Information Disclosure Vulnerability (2977292)