CVE-2008-3479

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2000 SP4

Description The issue is related to a heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) service, allowing remote attackers to read memory contents and execute arbitrary code via a crafted RPC call. This is due to improper processing of parameters to string APIs.

Recommendations For Microsoft Windows 2000 SP4, consider restricting access to the MSMQ service until a fix is available. As a temporary workaround, disabling the MSMQ service (mqsvc.exe) can help minimize the risk of exploitation.