Oval Definition:oval:org.mitre.oval:def:4493
Revision Date:2009-12-21Version:45
Title:Windows 2003 (64-Bit) Program Group Converter Buffer Overflow
Description:Buffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to execute arbitrary code via a shell: URL with a long filename and a .grp extension, which is not properly handled when the shell capability launches grpconv.exe.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-0572
Platform(s):Microsoft Windows Server 2003
Product(s):Program Group Converter
Definition Synopsis
  • Windows Server 2003 is installed
  • AND a version of Windows for the ia64 architecture is installed
  • AND a vulnerable version of grpconv.exe exists
  • the version of grpconv.exe (system32) is less than 5.2.3790.205
  • OR the version of grpconv.exe (syswow64) is less than 5.2.3790.205
  • AND NOT the patch q841356 is installed (Hotfix key)
  • BACK