Reported February 5, 2003, by Microsoft.

 

 

VERSIONS AFFECTED

 

·         Windows XP

 

DESCRIPTION

 

A new vulnerability in the Microsoft Windows Redirector can result in the execution of arbitrary code on the vulnerable system. This vulnerability stems from an unchecked buffer that XP uses to receive parameter information. By providing malformed data to the Windows Redirector, a potential attacker can cause the system to fail or run code of the attacker’s choice.

 

VENDOR RESPONSE

 

Microsoft has released Security Bulletin MS03-005, "Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation (810577)," to address this vulnerability and recommends that affected users apply the appropriate patch mentioned in the bulletin.

 

CREDIT          

Discovered by NSFocus.