Buffer Overflow in Windows Troubleshooter ActiveX Control

A vulnerability in Windows 2000 can result in the remote execution of arbitrary code on the vulnerable system under the security context of the logged-on user.

Ken Pfeil

October 16, 2003

1 Min Read
ITPro Today logo in a gray background | ITPro Today

Reported October 15, 2003, by Microsoft.

VERSIONS AFFECTED

·        Windows 2000

DESCRIPTION

A vulnerability in Windows 2000 can result in the remote execution of arbitrary code on the vulnerable system under the security context of the logged-on user. This vulnerability is a result of a buffer overflow in the Troubleshooter ActiveX control (Tshoot.ocx). Because this control is marked "safe for scripting," an attacker can convince a user to use this control to view a specially crafted HTML page. The control is installed as a default part of the OS.

VENDOR RESPONSE

Microsoft has released security bulletin MS03-042, "Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code Execution (826232)," which addresses this vulnerability, and recommends that affected users immediately apply the appropriate patch listed in the bulletin.

CREDIT

Discovered by Greg Jones ofKPMG UK andCesar Cerrudo.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like