Skip navigation
Menu
Collaboration>Email and Calendaring

Vulnerability in OLE and COM Could Allow Remote Code Execution

Reported February 8, 2005 by Microsoft

VERSIONS AFFECTED


  • Windows 2000

  • Windows XP

  • Windows Server 2003

  • Windows Me and 98

  • Exchange Server 5.0 and 5.5

  • Exchange 2000 Server

  • Exchange Server 2003

  • Office XP

  • Office 2003

DESCRIPTION

A vulnerability in the way memory is accessed when processing COM-based storage files could allow the locally logged on user to take complete control of the OS.

A vulnerability in the way OLE processes input validation could allow a remote intruder to execute code on a user's system. A successful exploit could allow the intruder to take complete control of the user's system.

VENDOR RESPONSE

Microsoft has released Security Bulletin MS05-012, "Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)," and a patch to correct the problem.

CREDIT
Cesar Cerrudo of Application Security



TAGS: Security Windows 7/8
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
zoom logo on screens of laptop and smartphone device.jpg
At Zoomtopia, Small Businesses Share Transformation Stories
Oct 12, 2023
zoom logo
Zoom Unveils Docs, Upgrades Contact Center Offerings
Oct 03, 2023
Hand working at laptop computer
Critical Security Bug Opens Cisco BroadWorks to Complete Takeover
Sep 08, 2023
a person is shown on a conference call with two in-office colleagues
Can AI Summaries Save You From Endless Virtual Meetings?
Aug 17, 2023