Reported February 5, 2003, by Microsoft.
VERSIONS AFFECTED
· Windows XP
DESCRIPTION
A new vulnerability in the Microsoft Windows Redirector can result in the execution of arbitrary code on the vulnerable system. This vulnerability stems from an unchecked buffer that XP uses to receive parameter information. By providing malformed data to the Windows Redirector, a potential attacker can cause the system to fail or run code of the attacker’s choice.
VENDOR RESPONSE
Microsoft has released Security Bulletin MS03-005, "Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation (810577)," to address this vulnerability and recommends that affected users apply the appropriate patch mentioned in the bulletin.
CREDIT
Discovered
by NSFocus.