Skip navigation
Menu
End-User Platforms>Windows 7/8

Unchecked Buffer in Microsoft Windows Shell

Reported March 08, 2002, by Microsoft.

VERSIONS AFFECTED

 

  • Windows 2000, Windows NT 4.0, Windows NT 4.0 Server Terminal Edition, Windows 98 Second Edition (Win98SE), and Windows 98

 

DESCRIPTION
A vulnerability exists in Windows Shell that lets an attacker arbitrarily execute code under the authorized user’s security context. An unchecked buffer exists in one of the functions that helps locate incompletely removed applications on the system. As a result, an attacker can mount a buffer-overrun attack and either cause the Windows Shell to crash or can execute code under the user's security context.

 

VENDOR RESPONSE

The vendor, Microsoft, has released Security Bulletin MS02-014 to address this vulnerability, and recommends that affected users immediately apply the appropriate patch as listed in Security Bulletin MS03-014.

 

CREDIT
Discovered by eEye Digital Security.

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
PowerShell screenshot shows Where-Object cmdlet
How to Use the PowerShell Where-Object Cmdlet
Aug 04, 2022
shield_icon_laptop.jpg
What To Do When Windows Defender Is Not Working
Mar 15, 2022
Computer Screen Showing Password Dialog Box
Microsoft Edge Downloads Updated for Azure AD Sign-In & Sync
Aug 22, 2019
mktg-wp-nolabel5
How to Approach the Windows 7 to 10 Migration
Aug 01, 2019