Skip navigation

Remote Code Execution in JView Profiler

Reported June 29, 2005 by SEC Consult

VERSIONS AFFECTED

           
Windows 98
Windows 2000
Windows XP
Windows Server 2003

DESCRIPTION

The JView Profiler contains a flaw that might allow a remote intruder to take complete control of an affected system.

VENDOR RESPONSE

Microsoft released a security bulletin, "Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)," and associated patch to correct the problem. The patch sets a "kill bit" to prevent the object from being loaded via Internet Explorer.



Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish