Microsoft Windows is prone to a vulnerability that may allow the execution of an arbitrary attacker specified executable file, if this file is located in the same folder as a .THEME file. The attacker must entice a victim into opening a specially crafted .THEME file and go to screensaver tag or push apply and wait default minutes without interaction, with display properties opened. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
CVE Link
Exploit Platform
Exploit Type
Product Name