Summary
This host is missing a critical security update according to Microsoft Bulletin MS10-025.
Impact
Successful exploitation could allow attackers to execute arbitrary code with system level privileges.
Impact Level: System
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/Bulletin/MS10-026.mspx
Insight
This flaw is caused by a buffer overflow error in the Windows Media Unicast Service within the Windows Media Services component when handling transport information network packets, which could allow remote attackers to crash an affected service or execute arbitrary code by sending malformed packets.
Affected
Microsoft Windows 2000 Server Service Pack 4 and prior.
References
Severity
Classification
-
CVE CVE-2010-0478 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Flaw in Microsoft VM Could Allow Code Execution (810030)
- Embedded OpenType Font Engine Remote Code Execution Vulnerability (982132)
- Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (961371))
- Microsoft Comctl32 Integer Overflow Vulnerability (2864058)
- Microsoft Expression Design Remote Code Execution Vulnerability (2651018)