New Search

License Logging Server Heap Overflow Vulnerability

oval:org.mitre.oval:def:6300

The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator which triggers a heap-based buffer overflow in the LlsrLicenseRequestW method aka "License Logging Server Heap Overflow Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2009-2523
Product(s):
  • SMBv2