Reported February 26, 2001, by Microsoft.

VERSIONS AFFECTED
  • Windows 2000

DESCRIPTION

A buffer overflow has been discovered in the Event Viewer of Microsoft Windows 2000 OSs. The problem can let an attacker cause arbitrary code to execute on the OS in the security context of the user viewing a particular malformed event log entry. The problem is compounded by the fact that unprivileged processes can write events into the Application and System logs.

VENDOR RESPONSE

Microsoft has released a security bulletin, MS01-013, and a patch to address the issue.

CREDIT
Discovered by Blake Watts at Guardent.