Oval Definition:
oval:org.mitre.oval:def:3095
Revision Date
:
2011-05-16
Version
:
47
Title
:
WinXP Explorer Buffer Overflow
Description
:
Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter.
Family
:
windows
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2003-0306
Platform(s)
:
Microsoft Windows XP
Product(s)
:
Windows Explorer
Definition Synopsis
NOT
Patch KB821557 Installed
AND
Windows XP is installed
AND
Version check for XP SP1 and XP no service pack for shell32.dll
XP Service Pack 1 and version of Shell32.dll is less than 6.0.2800.1233
the version of shell32.dll is less than 6.0.2800.1233
AND
Win2K/XP/2003/Vista service pack 1 is installed
OR
XP no Service Pack installed and version of Shell32.dll is less than 6.0.2600.115
the version of shell32.dll is less than 6.0.2600.115
AND
Win2K/XP/2003 service pack 1 (or later) is installed
BACK