Reported February 5, 2003, by Microsoft.
· Windows XP
A new vulnerability in the Microsoft Windows Redirector can result in the execution of arbitrary code on the vulnerable system. This vulnerability stems from an unchecked buffer that XP uses to receive parameter information. By providing malformed data to the Windows Redirector, a potential attacker can cause the system to fail or run code of the attacker’s choice.
Microsoft has released Security Bulletin MS03-005, "Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation (810577)," to address this vulnerability and recommends that affected users apply the appropriate patch mentioned in the bulletin.
Discovered by NSFocus.