Microsoft Agent ActiveX buffer overflow updated since 11.09.2007
Published:		12.09.2007
Source:		MICROSOFT
SecurityVulns ID:		8136
Type:		client
Level:		6/10
Description:		Buffer overflow on oversized URL.

Affected:		MICROSOFT : Windows 2000 Server
		MICROSOFT : Windows 2000 Professional
CVE:		CVE-2007-3040 (Stack-based buffer overflow in the Agent.Control function in Microsoft Agent ActiveX control (agentdpv.dll) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL, a different issue than CVE-2007-1205.)

Original document		IDEFENSE, iDefense Security Advisory 09.11.07: Microsoft Windows 2000 Agent URL Canonicalizing Stack Based Buffer Overflow Vulnerability (12.09.2007)
		VR-Subscription-noreply_(at)_assurent.com, Assurent VR - Microsoft Agent Crafted URL Stack Buffer Overflow (11.09.2007)
		MICROSOFT, Microsoft Security Bulletin MS07-051 - Critical Vulnerability in Microsoft Agent Could Allow Remote Code Execution (938827) (11.09.2007)

Files:		Microsoft Security Bulletin MS07-051 - Critical Vulnerability in Microsoft Agent Could Allow Remote Code Execution (938827)
Discuss:		Read or add your comments to this news (0 comments)