Reported August 22, 2002, by Microsoft.
VERSION AFFECTED
· Any system using Microsoft's Terminal Services Advanced Client (TSAC) ActiveX control
DESCRIPTION
A buffer overrun condition exists in Microsoft's TSAC ActiveX control that can let an attacker execute arbitrary code remotely on the vulnerable system. This vulnerability results from an unchecked buffer in the control’s code that processes one of the input parameters. By calling the control on a client system and overrunning the buffer, an attacker can run code under the currently logged-on user's security context. The attacker can mount an attack by either hosting a Web page that exploits the vulnerability against any user who visits the Web page or by sending HTML mail to another user.
VENDOR RESPONSE
The vendor, Microsoft, has released Security Bulletin MS02-046 (Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution) to address these vulnerabilities and recommends that affected users download and apply the appropriate patch mentioned in the bulletin.
CREDIT
Discovered
by Ollie
Whitehouse of @Stake.
