oval:org.mitre.oval:def:1452

Definition Id: oval:org.mitre.oval:def:1452
 
Oval ID: oval:org.mitre.oval:def:1452
Title: MSDTC Unchecked Buffer Permits Remote Code Execution or Privilege Elevation (Server 2003)
Description: The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer.
Family: windows Class: vulnerability
Reference(s): CVE-2005-2119
Version: 5
Platform(s): Microsoft Windows Server 2003
Product(s): MSDTC
Definition Synopsis: