Oval Definition:	oval:org.mitre.oval:def:5509
Revision Date: 2007-11-13 Version: 15 Title: Exchange Server 2003 Routing Engine Buffer Overflow Description: The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-0840 Platform(s): Microsoft Windows Server 2003 Product(s): SMTP Definition Synopsis Software section Windows Server 2003 is installed AND The version of smtpsvc.dll is less than 6.0.3790.211 AND NOT the patch WindowsServer2003-KB885881-x86-enu.exe is installed AND Configuration section SMTP Enabled
BACK