Name of the Vulnerable Software and Affected Versions dbc wnt.exe (affected versions not specified)

Description The issue concerns a vulnerable function in the dbc wnt.exe module, located at address 0x4017d4, which reads the value of the NET MBX environment variable into a stack buffer without controlling the size of the copied data. This allows a local attacker to execute arbitrary code and bypass the "closed environment" protection mechanism.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.