Locked Exploits Windows PowerShell ISE / Filename Parsing Flaw Remote Code Execution

[1337day-Exploits]

Microsoft Windows PowerShell ISE will execute wrongly supplied code when debugging specially crafted PowerShell scripts that contain array brackets as part of the filename. This can result in ISE executing attacker supplied scripts pointed to by the filename and not the "trusted" PS file currently loaded and being viewed by a user in the host application. This undermines the integrity of PowerShell ISE allowing potential unexpected remote code execution.

This is the hidden content, please

• Sign In
• or
• Sign Up