Nessus Plugin #11885
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Buffer Overrun in the ListBox and in the ComboBox (824141)
- Family:
- Windows : Microsoft Bulletins
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2003 Jeff Adams
- Summary:
- Checks for hotfix Q824141
- Version:
- $Revision: 1.12 $
- Cve_id:
- CAN-2003-0659
- Bugtraq_id:
- 8827
- Xrefs:
- -
- Description:
A vulnerability exists because the ListBox control and the ComboBox control
both call a function, which is located in the User32.dll file, that contains
a buffer overrun. An attacker who had the ability to log on to a system
interactively could run a program that could send a specially-crafted Windows
message to any applications that have implemented the ListBox control or the
ComboBox control, causing the application to take any action an attacker
specified. An attacker must have valid logon credentials to exploit the
vulnerability. This vulnerability could not be exploited remotely.
Solution : see http://www.microsoft.com/technet/security/bulletin/ms03-045.mspx
Risk factor : Medium
Generiert am 27.04.2005 um 18:49:54 Uhr.