Summary
A security vulnerability exists in the H.323 filter for Microsoft Internet Security and Acceleration Server 2000 that could allow an attacker to overflow a buffer in the Microsoft Firewall Service in Microsoft Internet Security and Acceleration Server 2000.
An attacker who successfully exploited this vulnerability could try to run code of their choice in the security context of the Microsoft Firewall Service. This would give the attacker complete control over the system. The H.323 filter is enabled by default on servers running ISA Server 2000 computers that are installed in integrated or firewall mode.
Impact of vulnerability: Remote code execution
Affected Software:
Microsoft Internet Security and Acceleration Server 2000 Gold, SP1
Solution
Users using any of the affected
products should install the patch immediately.
Maximum Severity Rating: Critical
See http://www.microsoft.com/technet/security/bulletin/ms04-001.mspx
Severity
Classification
-
CVE CVE-2003-0819 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Microsoft DirectShow Remote Code Execution Vulnerability (961373)
- Microsoft Expression Design Remote Code Execution Vulnerability (2651018)
- Flaw in Microsoft VM Could Allow Code Execution (810030)
- Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)
- Cumulative Security Update for Internet Explorer (933566)