CVE-2006-1476 Information

Description

Windows Firewall in Microsoft Windows XP SP2 produces incorrect application block alerts when the application filename is .exe\ (with no characters before the .) which might allow local user-assisted users to trick a user into unblocking a Trojan horse program as demonstrated by a malicious .exe\ program in a folder named \Internet Explorer\ which triggers a question about whether to unblock the \Internet Explorer\ program.

Reference

http://www.securityfocus.com/archive/1/428970/100/0/threaded http://www.securityfocus.com/archive/1/429111/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/25598