Buffer Overflow in Windows Troubleshooter ActiveX Control

Reported October 15, 2003, by Microsoft.


·         Windows 2000


A vulnerability in Windows 2000 can result in the remote execution of arbitrary code on the vulnerable system under the security context of the logged-on user. This vulnerability is a result of a buffer overflow in the Troubleshooter ActiveX control (Tshoot.ocx). Because this control is marked "safe for scripting," an attacker can convince a user to use this control to view a specially crafted HTML page. The control is installed as a default part of the OS.


Microsoft has released security bulletin MS03-042, "Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code Execution (826232)," which addresses this vulnerability, and recommends that affected users immediately apply the appropriate patch listed in the bulletin.


Discovered by Greg Jones of KPMG UK and Cesar Cerrudo.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.