Microsoft Windows 2000 ActiveX Control Buffer Overflow

2000-11-06T00:00:00
ID OSVDB:1633
Type osvdb
Reporter OSVDB
Modified 2000-11-06T00:00:00

Description

Vulnerability Description

Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.

Short Description

Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.

References:

Microsoft Security Bulletin: MS00-085 ISS X-Force ID: 5467 CVE-2000-1034 Bugtraq ID: 1899