Zero Day Initiative Advisory 10-016 - This vulnerability allows remote attackers to force a Microsoft Windows system to execute a given local executable. User interaction is required in that the target must access a malicious URL. The specific flaw exists within the ShellExecute API. Using a specially formatted URL an attacker can bypass sanitization checks within this function and force the calling application into running an executable of their choice. Successful exploitation requires a useful binary to exist in a predictable location on the remote system.
cbead906d997ee76877af1d55e446626a519eb77a9753cd8dd8b5595996a9469