SECUNIA ADVISORY ID: SA26753
VERIFY ADVISORY: http://secunia.com/advisories/26753/
CRITICAL: Highly critical
IMPACT: System access
WHERE: >From remote
OPERATING SYSTEM:
Microsoft Windows 2000 Server - http://secunia.com/product/20/
Microsoft Windows 2000 Professional - http://secunia.com/product/1/
Microsoft Windows 2000 Datacenter Server - http://secunia.com/product/1177/
Microsoft Windows 2000 Advanced Server - http://secunia.com/product/21/
DESCRIPTION: A vulnerability has been reported in Microsoft Windows 2000, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the Microsoft Agent component when handling URLs and can be exploited to cause memory corruption via a specially crafted URL. Successful exploitation may allow execution of arbitrary code on a user's system when e.g. visiting a malicious website.
SOLUTION: Apply patches - Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?FamilyId=7cd248ed-d154-4dce-89ef-ceefd2700965
PROVIDED AND/OR DISCOVERED BY:
The vendor credits the following:
* Assurent Secure Technologies
* Yamata Li, Palo Alto Networks.
* An anonymous researcher via iDefense.
ORIGINAL ADVISORY: MS07-051 (KB938827): http://www.microsoft.com/technet/security/Bulletin/MS07-051.mspx
Microsoft Agent URL Handling Memory Corruption VulnerabilityPosted on Tuesday, September 11, 2007 @ 18:09:23 CDT in Security Associated Topics
 |
Related
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
