Summary
It is possible for a malicious user to mount a buffer overrun attack using windows XP shell.
A successful attack could have the effect of either causing the Windows Shell to fail, or causing an attacker's code to run on the user's computer in the security context of the user.
Maximum Severity Rating: Critical
Recommendation: Administrators should install the patch immediately.
Affected Software:
Microsoft Windows XP.
See
http://www.microsoft.com/technet/security/bulletin/ms02-072.mspx
Severity
Classification
-
CVE CVE-2002-1327 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Cumulative Patch for Internet Information Services (Q327696)
- Microsoft DirectShow Remote Code Execution Vulnerability (2845187)
- Microsoft Active Directory Denial of Service Vulnerability (953235)
- Microsoft Hyper-V Privilege Elevation Vulnerability (2893986)
- Certificate Validation Flaw Could Enable Identity Spoofing (Q328145)