Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3479

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-3479
Last Modified 31 Aug 2013 01:48:18
Published 14 Oct 2008 08:12:15
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3479

Summary

Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) service (mqsvc.exe) in Microsoft Windows 2000 SP4 allows remote attackers to read memory contents and execute arbitrary code via a crafted RPC call, related to improper processing of parameters to string APIs, aka "Message Queuing Service Remote Code Execution Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 2000


References

CERT - TA08-288A

BID - 31637

MS - MS08-065

SECUNIA - 32260

MISC - http://dvlabs.tippingpoint.com/advisory/TPTI-08-07

XF - win-ms08kb951071-update(45538)

XF - win-msmq-rpc-code-execution(45537)

VUPEN - ADV-2008-2816

SECTRACK - 1021052

HP - SSRT080143

HP - HPSBST02379


Last Updated: 27 May 2016 10:49:56