OVAL Reference oval:org.mitre.oval:def:340

Oval Definition:

oval:org.mitre.oval:def:340

Revision Date:	2007-11-13	Version:	45
Title:	Windows 2000 ComboBox/ListBox GUI Widget User32.dll Buffer Overflow
Description:	Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2003-0659
Platform(s):	Microsoft Windows 2000	Product(s):
Definition Synopsis
Software section Windows 2000 is installed AND File %windir%\system32\user32.dll version is less than 5.0.2195.6799 AND NOT the patch kb824141 is installed (Hotfix key) AND NOT the patch kb891711 is installed AND Configuration section the utility manager Service is enabled