Reported
April 11, 2001, by Compaq.
VERSION AFFECTED
Compaq Presario PCs running Windows Millennium
Edition (Me) and Windows 98
DESCRIPTION
VENDOR RESPONSE
The
vendor, Compaq Computer Corporation, has
released Softpaq
16629 to correct this vulnerability.
CREDIT
Compaq
provides customer support features through its Knowledge Center and Back Web
components for its Presario PCs running Windows Millennium Edition (Me) and
Windows 98. Users use ActiveX to implement some of Presario's custom support
features. By utilizing the ActiveX control function LogDataListToFile, a
malicious attacker can use a Web page to write a specified file to the system's
hard drive, creating a potential Denial of Service (DoS) vulnerability. The
intruder can't modify the content of the file, but can access the hardware and
software configuration information.
Discovered by Compaq.
Denial of Service Condition in Compaq Presario Personal Computers
0 comments
Hide comments