Oval Definition:oval:org.mitre.oval:def:154
Revision Date:2007-02-20Version:18
Title:Microsoft Agent Memory Corruption Vulnerability
Description:Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length value in an .ACF file, which results in a heap-based buffer overflow.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-3445
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • Win2K,SP4
  • Microsoft Windows 2000 SP4 or later is installed
  • AND the version of agentdpv.dll is less than 2.0.0.3424
  • OR WinXP,SP2
  • Microsoft Windows XP SP2 or later is installed
  • AND the version of agentdpv.dll is less than 2.0.0.3424
  • OR WinXP,SP1 (64-bit)
  • Microsoft Windows XP SP1 (64-bit) is installed
  • AND the version of agentdpv.dll is less than 5.2.3790.1242
  • OR S03-Gold
  • Microsoft Windows Server 2003 (x86) Gold is installed
  • AND the version of agentdpv.dll is less than 2.0.0.3424
  • OR S03,SP1
  • Microsoft Windows Server 2003 SP1 (x86) is installed
  • AND the version of agentdpv.dll is less than 5.2.3790.1242
    • BACK