There’s a moderately critical remote buffer overflow vulnerability for Microsoft Windows XP. According to Secunia this one is unpatched.
From Secunia:
Description:
Jonathan Sarba has discovered a vulnerability in Microsoft Windows, which potentially can be exploited by malicious people to compromise a vulnerable system.The vulnerability is caused due to a boundary error in the “FindFile()” function of the CFileFind class in mfc42.dll and mfc42u.dll. This can be exploited to cause a heap-based buffer overflow by passing an overly long argument to the affected function.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is confirmed on a fully-patched Windows XP SP2 including mfc42.dll version 6.2.4131.0 and mfc42u.dll version 6.2.8071.0.
The following products are currently known to have vectors allowing exploitation:
* HP All-in-One Series Web Release software/driver installer version 2.1.0
* HP Photo & Imaging Gallery version 1.1Other versions and applications using the vulnerable library may also be affected.
Solution:
Restrict access to applications allowing user-controlled input to be passed to the vulnerable function.Applications using the vulnerable library should check the length of the user input before passing it to the affected function.
Tags: Microsoft Windows Buffer Overflow, Windows XP Vulnerability, Buffer Overflow
