New Search

Windows NT getCanonicalPath Heap Corruption Denial of Service

oval:org.mitre.oval:def:319

The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath as demonstrated on the IBM JVM using a long string to the java.io.getCanonicalPath Java method.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows NT
Class:
vulnerability
Reference(s):
  • CVE-2003-0525
Product(s):
  • Windows NT 4.0