Full title: Windows PowerShell ISE / Filename Parsing Flaw Remote Code Execution Exploit 
Category: remote exploits
Platform: windows
Microsoft Windows PowerShell ISE will execute wrongly supplied code when debugging specially crafted PowerShell scripts that contain array brackets as part of the filename. This can result in ISE executing attacker supplied scripts pointed to by the filename and not the "trusted" PS file currently loaded and being viewed by a user in the host application. This undermines the integrity of PowerShell ISE allowing potential unexpected remote code execution.

# 0day.today @ http://0day.today/