oval:org.mitre.oval:def:2348

Definition Id: oval:org.mitre.oval:def:2348

Oval ID:	oval:org.mitre.oval:def:2348
Title:	Windows Project Professional URL Buffer Overflow
Description:	Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0848	Version:	3
Platform(s):	Microsoft Windows 98 Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP	Product(s):	Microsoft Project Professional 2002
Definition Synopsis:
Windows Project Professional 2002 Service Pack 1 is installed AND the version of mso.dll is less than 10.0.6735.0 AND NOT Patch KB873355 installed