Microsoft Windows 2000 Local Troubleshooter ActiveX control buffer overflow
| win2k-local-troubleshooter-bo (13423) |  High Risk |
Description:
Microsoft Windows 2000 is vulnerable to a buffer overflow in the Microsoft Local Troubleshooter ActiveX control (Tshoot.ocx), caused by improper validation of parameters. The Tshoot.ocx ActiveX control assists in diagnosing problems and is used by the Microsoft Windows Troubleshooting and Help System, which is installed by default on Microsoft Windows 2000. By creating a specially-crafted Web page, a remote attacker could overflow a buffer and execute arbitrary code on the victim's computer with privileges of the victim, once the page is viewed. An attacker could exploit this vulnerability by hosting the malicious Web page on a Web site or by sending it to a victim as an HTML email.
Platforms Affected:
- Microsoft, Windows 2000
Remedy:
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS03-042. See References.
Consequences:
Gain Access
References:
- CERT Advisory CA-2003-27, Multiple Vulnerabilities in Microsoft Windows and Exchange at http://www.cert.org/advisories/CA-2003-27.html.
- CIAC Information Bulletin O-008, Microsoft Troubleshooter ActiveX Control Buffer Overflow Vulnerability at http://www.ciac.org/ciac/bulletins/o-008.shtml.
- Full-Disclosure Mailing List, Thu Oct 16 2003 - 08:46:37 CDT, Microsoft Local Troubleshooter ActiveX control buffer overflow at http://archives.neohapsis.com/archives/fulldisclosure/2003-q4/0965.html.
- Microsoft Security Bulletin MS03-042, Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code Execution (826232) at http://www.microsoft.com/technet/security/bulletin/ms03-042.mspx.
- BID-8833: Microsoft Windows 2000 TroubleShooter ActiveX Control Buffer Overflow Vulnerability
- CVE-2003-0662: Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method.
- US-CERT VU#989932: Microsoft contains a buffer overflow in the Local Troubleshooter ActiveX control (Tshoot.ocx)
Reported:
Oct 15, 2003
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net