PT-2004-2555 · Microsoft · Msinfo32.Exe
Joe
·
Publicado
2004-08-31
·
Atualizado
2017-07-11
·
CVE-2004-1649
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Microsoft Msinfo32.exe (affected versions not specified)
Description
A buffer overflow issue exists in Microsoft Msinfo32.exe, potentially allowing local users to execute arbitrary code. This can be achieved by providing a long filename in the
msinfo file command line parameter. It is noted that this issue might not cross security boundaries.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Msinfo32.Exe