|
|
Family: Windows : Microsoft Bulletins --> Category: infos
Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245) Vulnerability Scan
Vulnerability Scan Summary
Acertains the presence of update 907245
Detailed Explanation for this Vulnerability Test
Synopsis :
A flaw in the Microsoft Collaboration Data Object may allow a possible hacker
to execute arbitrary code on the remote host.
Description :
An unchecked buffer condition may allow a possible hacker to execute arbitrary
code on the remote host.
To execute this flaw, a possible hacker would need to send a malformed message
via SMTP to the remote host, either by using the SMTP server
(if Exchange is installed) or by sending an email to a user on the remote
host.
When the email is processed by CDO, an unchecked buffer may allow cause
code execution.
Solution :
Microsoft has released a set of patches for Windows 2000, XP and 2003 :
http://www.microsoft.com/technet/security/bulletin/ms05-048.mspx
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
