OVAL Repository - View Definition: oval:org.mitre.oval:def:201

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:201		Version: 10 Last Modified: 2011-04-26
Title:	Windows XP ComboBox/ListBox GUI Widget User32.dll Buffer Overflow
Description:	Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2003-0659
Platform(s):	Microsoft Windows XP	Product(s):
Definition Synopsis:
Software section a vulnerable version of user32.dll exists no service pack is installed and user32.dll is less than 5.1.2600.118 NOT Win2K/XP/2003 is patched AND the version of user32.dll is less than 5.1.2600.118 OR service pack 1 is installed and user32.dll is less than 5.1.2600.1255 Win2K/XP/2003/Vista service pack 1 is installed AND the version of user32.dll is less than 5.1.2600.1255 AND NOT the patch kb824141 is installed (Hotfix key) AND Windows XP (sp1 or earlier) is installed Windows XP is installed AND NOT Win2K/XP/2003 service pack 2 (or later) is installed AND NOT the patch kb891711 is installed AND Configuration section the utility manager Service is enabled

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest