Ravens PHP Scripts

Microsoft Agent URL Handling Memory Corruption Vulnerability
Date: Tuesday, September 11, 2007 @ 19:09:23 CEST
Topic: Security


SECUNIA ADVISORY ID: SA26753

VERIFY ADVISORY: http://secunia.com/advisories/26753/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

OPERATING SYSTEM:
Microsoft Windows 2000 Server - http://secunia.com/product/20/
Microsoft Windows 2000 Professional - http://secunia.com/product/1/
Microsoft Windows 2000 Datacenter Server - http://secunia.com/product/1177/
Microsoft Windows 2000 Advanced Server - http://secunia.com/product/21/

DESCRIPTION: A vulnerability has been reported in Microsoft Windows 2000, which can be exploited by malicious people to compromise a user's system.



The vulnerability is caused due to an error in the Microsoft Agent component when handling URLs and can be exploited to cause memory corruption via a specially crafted URL. Successful exploitation may allow execution of arbitrary code on a user's system when e.g. visiting a malicious website.

SOLUTION: Apply patches - Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?FamilyId=7cd248ed-d154-4dce-89ef-ceefd2700965

PROVIDED AND/OR DISCOVERED BY:
The vendor credits the following:
* Assurent Secure Technologies
* Yamata Li, Palo Alto Networks.
* An anonymous researcher via iDefense.

ORIGINAL ADVISORY: MS07-051 (KB938827): http://www.microsoft.com/technet/security/Bulletin/MS07-051.mspx






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3064