Oval Definition:	oval:org.mitre.oval:def:900
Revision Date: 2015-08-10 Version: 48 Title: Windows XP RPCSS DCOM Buffer Overflow (Blaster) Description: A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2003-0813 Platform(s): Microsoft Windows XP Product(s): Definition Synopsis a vulnerable version of rpcrt4.dll exists depending on service pack level no service pack is installed and rpcrt4.dll is less than 5.1.2600.135 Microsoft Windows XP (32-bit) is installed AND NOT Win2K/XP/2003 is patched AND the version of rpcrt4.dll is less than 5.1.2600.135 OR service pack 1 is installed and rpcrt4.dll is less than 5.1.2600.1361 Microsoft Windows XP SP1 (32-bit) is installed AND the version of rpcrt4.dll is less than 5.1.2600.1361 AND NOT the patch kb828741 is installed
BACK