Back to search
CVE-2008-0951
Published: Mar 24, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Microsoft Windows Vista does not properly enforce the NoDriveTypeAutoRun registry value, which allows user-assisted remote attackers, and possibly physically proximate attackers, to execute arbitrary code by inserting a (1) CD-ROM device or (2) U3-enabled USB device containing a filesystem with an Autorun.inf file, and possibly other vectors related to (a) AutoRun and (b) AutoPlay actions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
vista-nodrivetypeautorun-weak-security(41349)
vdb-entry
x_refsource_XF
28360
vdb-entry
x_refsource_BID
VU#889747
third-party-advisory
x_refsource_CERT-VN
1020446
vdb-entry
x_refsource_SECTRACK
MS08-038
vendor-advisory
x_refsource_MS
ADV-2008-0954
vdb-entry
x_refsource_VUPEN
29458
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now