Summary
This NVT is deprecated as it seems to be broken and doesn't produce any valuable results.
Windows operating system are affected to multiple remote code execution and privileges escalation vulnerabilities.
An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system,
including installing programs
viewing, changing, or deleting data
or creating new accounts that have full privileges.
These vulnerabilities includes:
LSASS Remote Code Execution Vulnerability - CAN-2003-0533 LDAP Denial Of Service Vulnerability - CAN-2003-0663 PCT Remote Code Execution Vulnerability - CAN-2003-0719 Winlogon Remote Code Execution Vulnerability - CAN-2003-0806 Metafile Remote Code Execution Vulnerability - CAN-2003-0906 Help and Support Center Remote Code Execution Vulnerability - CAN-2003-0907 Utility Manager Privilege Elevation Vulnerability - CAN-2003-0908 Windows Management Privilege Elevation Vulnerability - CAN-2003-0909 Local Descriptor Table Privilege Elevation Vulnerability - CAN-2003-0910 H.323 Remote Code Execution Vulnerability - CAN-2004-0117 Virtual DOS Machine Privilege Elevation Vulnerability - CAN-2004-0118 Negotiate SSP Remote Code Execution Vulnerability - CAN-2004-0119 SSL Denial Of Service Vulnerability - CAN-2004-0120 ASN.1 Double Free Vulnerability - CAN-2004-0123
Solution
Microsoft has released a patch to fix these issues.
Severity
Classification
-
CVSS Base Score: 7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerability (944533)
- Certificate Validation Flaw Could Enable Identity Spoofing (Q328145)
- Buffer Overrun In HTML Converter Could Allow Code Execution (823559)
- Microsoft Internet Explorer Memory Corruption Vulnerability (2755801)
- Microsoft Ancillary Function Driver Elevation of Privilege Vulnerability (956803)