Oval Definition:
oval:org.mitre.oval:def:237
Revision Date
:
2004-03-25
Version
:
41
Title
:
Troubleshooter ActiveX Control Buffer Overflow
Description
:
Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method.
Family
:
windows
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2003-0662
Platform(s)
:
Microsoft Windows 2000
Product(s)
:
Definition Synopsis
Software section
Windows 2000 is installed
AND
the version of tshoot.ocx is less than 1.0.1.2125
AND
NOT
the patch kb826232 is installed
AND
Configuration section
ActiveX controls are enabled
current user settings are being used and ActiveX controls are enabled
NOT
use machine settings rather than individual user settings
AND
ActiveX controls are enabled for the current user
OR
local machine settings are being used and ActiveX controls are enabled
use machine settings rather than individual user settings
AND
ActiveX controls are enabled for the local machine
BACK