Oval Definition:oval:org.mitre.oval:def:6410
Revision Date:2009-09-28Version:42
Title:WINS Heap Overflow Vulnerability
Description:Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buffer-length calculation, aka "WINS Heap Overflow Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-1923
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Product(s):
Definition Synopsis
  • Microsoft Windows 2000 SP4 is vulnerable
  • Microsoft Windows 2000 SP4 or later is installed
  • AND the version of wins.exe is less than 5.0.2195.7300
  • OR
  • Microsoft Windows Server 2003 SP2 (x86) is installed
  • AND the version of wins.exe is less than 5.2.3790.4520
  • OR
  • Microsoft Windows Server 2003 SP2 (x64) is installed
  • AND the version of wins.exe is less than 5.2.3790.4520
  • OR
  • Microsoft Windows Server 2003 (ia64) SP2 is installed
  • AND the version of wins.exe is less than 5.2.3790.4520
    • BACK