Oval Definition:	oval:org.mitre.oval:def:2049
Revision Date: 2012-09-10 Version: 46 Title: UPnP Memory Corruption Vulnerability Description: Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2007-1204 Platform(s): Microsoft Windows XP Product(s): Definition Synopsis WinXP,SP2 Microsoft Windows XP SP2 or later is installed AND the version of Upnphost.dll is less than 5.1.2600.3077 OR WinXP,SP1 (64-bit) Microsoft Windows XP SP1 (64-bit) is installed AND the version of Upnphost.dll is less than 5.2.3790.2878 OR WinXP,SP2 (64-bit) the version of Upnphost.dll is less than 5.2.3790.4019 AND Microsoft Windows XP x64 Edition SP2 is installed
BACK