# Exploit Title:Microsoft Windows 'VCF' or 'Contact' File URL Manipulation-Spoof Arbitrary Code Execution Vulnerability -- Remote Vector# Google Dork: N/A# Date: January, 21 2019# Exploit Author:Eduardo Braun Prado# Vendor Homepage: http://www.microsoft.com/# Software Link: http://www.microsoft.com/# Version: Windows 7 SP1, 8.1, 10 v.1809 with full patches up to January 2019. both x86 and x64 architectures.# Tested on: Windows 7 SP1, 8.1, 10 v.1809 with full patches up to January 2019. both x86 and x64 architectures.# CVE : n/a
Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46220.zip
