MS03-026: Buffer Overrun in RPC May Allow Code Execution

Technical UpdateSeptember 10, 2003: The following changes were made to this article: Updated the "Security Patch Replacement Information" sections to indicate that this patch has been replaced by 824146 MS03-039. For more information about the 824146 security patch MS03-039, click the following...

CVE-2003-0352

CVE-2003-0352 describes a buffer overflow vulnerability in the DCOM RPC interface (RPCSS) of Windows NT 4.0 SP3-6a, Windows 2000, XP, and Server 2003. The issue is a stack/heap buffer overflow triggered by a malformed DCERPC DCOM object activation request with modified length fields, allowing rem...