Reported October 12, 2004, by Microsoft
VERSIONS AFFECTED
|
DESCRIPTION
A vulnerability in the Network Dynamic Data Exchange (NetDDE) services could
result in the arbitrary execution of code on the vulnerable system. This
vulnerability is a result of an unchecked buffer, and a potential attacker who
successfully exploited the vulnerability could take complete control of an
affected system.
VENDOR RESPONSE
Microsoft has released
bulletin MS04-031, "Vulnerability in NetDDE Could Allow Remote
Code Execution (841533)," to address this vulnerability and recommends
that affected users apply the appropriate patch listed in the bulletin.
CREDIT
Discovered by John Heasman of Next
Generation Security Software, Ltd.
0 comments
Hide comments