Oval Definition:	oval:org.mitre.oval:def:2447
Revision Date: 2011-05-16 Version: 49 Title: Windows XP Indexing Service Code Execution Vulnerability Description: The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-0897 Platform(s): Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows XP Product(s): Microsoft Indexing Service Definition Synopsis Software section - XP Windows XP (sp1 or earlier) is installed Windows XP is installed AND NOT Win2K/XP/2003 service pack 2 (or later) is installed AND Indexing Service ciodm.dll is less than 5.1.2600.1596 AND NOT the patch Windows XP KB871250 is installed OR Microsoft Windows 2000 is installed Win2K/XP/2003 service pack 3 is installed OR SP4 or later Installed AND Indexing Service ciodm.dll is less than 5.0.2195.6981 OR Microsoft Windows Server 2003 (32-bit) is installed AND Indexing Service ciodm.dll is less than 5.2.3790.220
BACK