Microsoft Security Bulletin (MS00-027)

Microsoft Security Bulletin MS00-027 - -------------------------------------- Patch Available for "Malformed Environment Variable" Vulnerability Originally Posted: April 20, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Windows NTr 4.0...

CVE-2000-0331

Buffer overflow in Microsoft command processor CMD.EXE for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability...