Thread-topic: [SA26753] Microsoft Agent URL Handling Memory Corruption Vulnerability
> ----------------------------------------------------------------------
>
> TITLE:
> Microsoft Agent URL Handling Memory Corruption Vulnerability
>
> SECUNIA ADVISORY ID:
> SA26753
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/26753/
>
> CRITICAL:
> Highly critical
>
> IMPACT:
> System access
>
> WHERE:
> From remote
>
> OPERATING SYSTEM:
> Microsoft Windows 2000 Server
> http://secunia.com/product/20/
> Microsoft Windows 2000 Professional
> http://secunia.com/product/1/
> Microsoft Windows 2000 Datacenter Server
> http://secunia.com/product/1177/
> Microsoft Windows 2000 Advanced Server
> http://secunia.com/product/21/
>
> DESCRIPTION:
> A vulnerability has been reported in Microsoft Windows 2000, which
> can be exploited by malicious people to compromise a user's system.
>
> The vulnerability is caused due to an error in the Microsoft Agent
> component when handling URLs and can be exploited to cause memory
> corruption via a specially crafted URL.
>
> Successful exploitation may allow execution of arbitrary code on a
> user's system when e.g. visiting a malicious website.
>
> SOLUTION:
> Apply patches.
>
> Microsoft Windows 2000 SP4:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=7cd24
> 8ed-d154-4dce-89ef-ceefd2700965
>
> PROVIDED AND/OR DISCOVERED BY:
> The vendor credits the following:
> * Assurent Secure Technologies
> * Yamata Li, Palo Alto Networks.
> * An anonymous researcher via iDefense.
>
> ORIGINAL ADVISORY:
> MS07-051 (KB938827):
> http://www.microsoft.com/technet/security/Bulletin/MS07-051.mspx
>