Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
Spyware Doctor Enterprise
Help me choose
Windows 2000 Event Viewer Contains Unchecked Buffer
A security vulnerability exists in the Windows 2000 event viewer which could allow an attacker to run code of their choice by exploiting an unchecked buffer.
Issue
The Windows 2000 Event Viewer snap-in has an unchecked buffer in a section of the code that displays the detailed view of event records. If Event Viewer attempts to display an event record that contains specially malformed data in one of the fields, either of two outcomes can occur. In the less serious case, Event Viewer could stop working. In the more serious case, code of a malicious user's choice could be made to run by using a buffer overrun.
By design, unprivileged processes can log events in the System and Application logs, and interactively logged-on, unprivileged users can view them. However, only privileged processes can log events in the Security log, and only interactively logged-on administrators can view them. If the vulnerability were exploited to run code of a malicious user's choice, the code would run in the security context of the user who viewed the affected record.
Affected Products
- Windows 2000 Server and Advanced Server
Download
Patch: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27842
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: February 26, 2001
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
