Definition
New Search
Vulnerability in NNTP Could Allow Remote Code Execution
oval:org.mitre.oval:def:5021
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0 Windows 2000 Server Windows Server 2003 Exchange 2000 Server and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns possibly related to improper length validation and an "unchecked buffer" leading to off-by-one and heap-based buffer overflows.
Family:
windows
Status:
ACCEPTED
Platform(s):
- Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
- CVE-2004-0574
Product(s):
- Network News Transport Protocol (NNTP)