oval:org.mitre.oval:def:3966

Definition Id: oval:org.mitre.oval:def:3966

Oval ID:	oval:org.mitre.oval:def:3966
Title:	RPCSS DCOM Buffer Overflow (Server 2003)
Description:	Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0528	Version:	1
Platform(s):	Microsoft Windows Server 2003	Product(s):	Distributed Component Object Model (DCOM)
Definition Synopsis:
Software section Windows Server 2003 or Windows XP 64-Bit Edition Version 2003 Windows Server 2003 is installed OR Windows XP 64-bit Windows XP is installed AND 64-Bit version of Windows is installed AND the version of rpcrt4.dll is less than 5.2.3790.76 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled