Oval Definition:	oval:org.mitre.oval:def:1603
Revision Date: 2013-04-15 Version: 50 Title: HyperTerminal Session File Vulnerability (Windows XP,SP1) Description: HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-0568 Platform(s): Microsoft Windows XP Product(s): HyperTerminal Definition Synopsis Software section the version of hypertrm.dll is less than 5.1.2600.1609 AND the patch WindowsXP-KB87339-x86-ENU.exe is installed AND Windows XP (sp1 or earlier) is installed Windows XP is installed AND NOT Win2K/XP/2003 service pack 2 (or later) is installed AND Configuration section If key present hyperterminal will automatically open session files OR If the Hyperterminal client is registered as the default telnet client
BACK