MS.Windows.RPC.REMACT.Service.Access
Description
This indicates a possible attempt at exploiting a heap-based buffer-overflow vulnerability in the Distributed Component Object Model (DCOM) interface in the RPCSS Service.
The vulnerability can be triggered by a malformed DCERPC DCOM object activation request packet. Remote attackers may exploit this to execute arbitrary code on the vulnerable system.
Affected Products
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows 2000 Server
Impact
System compromise
Recommended Actions
Microsoft has released security update MS03-039 to fix this vulnerability.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |