Microsoft ActiveSync Null Pointer Dereference Denial Of Service Vulnerability

Summary
This host is running Microsoft ActiveSync and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow attackers to cause denial of service condition. Impact Level: Application
Solution
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
Insight
The flaw is due to NULL pointer is dereferenced in a call to the function 'WideCharToMultiByte()' while it is trying to process an entry within the sync request packet. This causes an application error, killing the 'wcescomm' process.
Affected
Microsoft ActiveSync version 3.5
References