Summary
It is possible for a malicious user to mount a buffer overrun attack using windows XP shell.
A successful attack could have the effect of either causing the Windows Shell to fail, or causing an attacker's code to run on the user's computer in the security context of the user.
Maximum Severity Rating: Critical
Recommendation: Administrators should install the patch immediately.
Affected Software:
Microsoft Windows XP.
See
http://www.microsoft.com/technet/security/bulletin/ms02-072.mspx
Severity
Classification
-
CVE CVE-2002-1327 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Microsoft IIS Authentication Remote Code Execution Vulnerability (982666)
- Buffer Overrun In HTML Converter Could Allow Code Execution (823559)
- Cumulative Security Update for Internet Explorer (928090)
- Microsoft DirectShow Remote Code Execution Vulnerability (977935)
- Microsoft Active Directory Denial of Service Vulnerability (953235)