oval:org.mitre.oval:def:1222

Definition Id: oval:org.mitre.oval:def:1222

Oval ID:	oval:org.mitre.oval:def:1222
Title:	MSDTC Invalid Memory Access Vulnerability (Win2K)
Description:	Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2006-0034	Version:	6
Platform(s):	Microsoft Windows 2000	Product(s):
Definition Synopsis:
Windows 2000 Service Pack 4 (or later) is installed Windows 2000 is installed AND Win2K/XP/2003 service pack 4 (or later) is installed AND the version of Msdtctm.dll is less than 2000.2.3535.0