Release DateNov 08, 2011 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attempt to exploit a Buffer Overflow vulnerability in the Microsoft Secure Sockets Layer(SSL) library.The vulnerability is due to inadequate input validation in the Private Communications Transport(PCT) protocol implementation of the Microsoft Secure Sockets Layer(SSL) library. A remote attacker can execute arbitrary code on a target system via a specially crafted PCT 1.0 handshake packet. |
Affected ProductsMicrosoft Windows NT 4.0 SP6aMicrosoft Windows 2000 SP2 through SP4 Microsoft Windows XP SP1 Microsoft Windows Server 2003 Microsoft NetMeeting Microsoft Windows 98 Microsoft Windows ME |
Recommended ActionsApply the appropriate patches from Microsoft or upgrade the system to the latest non-vulnerable version. |
Coverage IPS
VCM |
