vendor:
Windows
by:
Unknown
5.5
CVSS
MEDIUM
Task Scheduler Vulnerability
20
CWE
Product Name: Windows
Affected Version From: Windows 2000
Affected Version To: Windows XP SP1
Patch Exists: YES
Related CWE: CVE-2004-0214
CPE: o:microsoft:windows
Platforms Tested: Windows XP SP1
2004
Microsoft Windows 2K/XP Task Scheduler Vulnerability (MS04-022)
Running this will create a file 'j.job'. When explorer.exe or any file-open dialog box accesses the directory containing this file, notepad.exe will be spawned.
Mitigation:
Apply the security update provided by Microsoft (MS04-022)