MS.IIS.HR.Align.Buffer.Overflow
Description
This indicates a buffer overrun vulnerability with the ALIGN attribute of HR tag in the HTML converters of various Microsoft operating systems.
An HTML converter is used to convert HTML data into Rich Text Format (RTF) form. Due to a buffer checking error, an attacker can send a specially-crafted message to a vulnerable HTML converter to execute arbitrary code on the target system.
Affected Products
Microsoft Windows 98/ME
Microsoft Windows NT 4.0
Microsoft Windows 2000/XP
Microsoft Windows Server 2003
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply appropriate patches or upgrade the system to the latest non-vulnerable version
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |