Summary
This host is missing a critical security update according to Microsoft Bulletin MS10-025.
Impact
Successful exploitation could allow attackers to execute arbitrary code with system level privileges.
Impact Level: System
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/Bulletin/MS10-026.mspx
Insight
This flaw is caused by a buffer overflow error in the Windows Media Unicast Service within the Windows Media Services component when handling transport information network packets, which could allow remote attackers to crash an affected service or execute arbitrary code by sending malformed packets.
Affected
Microsoft Windows 2000 Server Service Pack 4 and prior.
References
Severity
Classification
-
CVE CVE-2010-0478 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Flaw in Microsoft VM Could Allow Code Execution (810030)
- Microsoft Active Directory Denial of Service Vulnerability (953235)
- Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability (980195)
- Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2514842)
- Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)