Summary
This NVT is deprecated as it seems to be broken and doesn't produce any valuable results.
Windows operating system are affected to multiple remote code execution and privileges escalation vulnerabilities.
An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system,
including installing programs
viewing, changing, or deleting data
or creating new accounts that have full privileges.
These vulnerabilities includes:
LSASS Remote Code Execution Vulnerability - CAN-2003-0533 LDAP Denial Of Service Vulnerability - CAN-2003-0663 PCT Remote Code Execution Vulnerability - CAN-2003-0719 Winlogon Remote Code Execution Vulnerability - CAN-2003-0806 Metafile Remote Code Execution Vulnerability - CAN-2003-0906 Help and Support Center Remote Code Execution Vulnerability - CAN-2003-0907 Utility Manager Privilege Elevation Vulnerability - CAN-2003-0908 Windows Management Privilege Elevation Vulnerability - CAN-2003-0909 Local Descriptor Table Privilege Elevation Vulnerability - CAN-2003-0910 H.323 Remote Code Execution Vulnerability - CAN-2004-0117 Virtual DOS Machine Privilege Elevation Vulnerability - CAN-2004-0118 Negotiate SSP Remote Code Execution Vulnerability - CAN-2004-0119 SSL Denial Of Service Vulnerability - CAN-2004-0120 ASN.1 Double Free Vulnerability - CAN-2004-0123
Solution
Microsoft has released a patch to fix these issues.
Severity
Classification
-
CVSS Base Score: 7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities (2651026)
- Microsoft 'hxvz.dll' ActiveX Control Memory Corruption Vulnerability (948881)
- ADODB.Stream object from Internet Explorer (KB870669)
- Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)
- Microsoft GDI+ Remote Code Execution Vulnerability (2489979)