John Lampe

**Name of the Vulnerable Software and Affected Versions** Microsoft DirectPlay versions 7.0a through 9.0b **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash, via a malformed packet. This affects the IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay. **Recommendations** For Microsoft DirectPlay versions 7.0a through 9.0b, consider restricting access to the IDirectPlay4 API to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Windows 2000 Windows XP Windows Server 2003 **Description** The issue allows remote attackers to cause a denial of service via malformed SSL messages. **Recommendations** For Windows 2000, Windows XP, and Windows Server 2003, at the moment, there is no information about a newer version that contains a fix for this vulnerability.