First published: Fri Dec 22 2006(Updated: )
Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MB_SERVICE_NOTIFICATION message with crafted data, which sends a HardError message to Client/Server Runtime Server Subsystem (CSRSS) process, which is not properly handled when invoking the UserHardError and GetHardErrorText functions in WINSRV.DLL.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows Vista | =beta | |
Microsoft Windows 2003 Server | =web-sp1_beta_1 | |
Microsoft Windows 2003 Server | =datacenter_edition-sp1_beta_1 | |
Microsoft Windows 2003 Server | =standard | |
Microsoft Windows XP | =sp1 | |
Microsoft Windows 2003 Server | =web | |
Microsoft Windows XP | =gold | |
Microsoft Windows 2000 | ||
Microsoft Windows 2000 | =sp4 | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows XP | ||
Microsoft Windows XP | =sp1 | |
Microsoft Windows Vista | =beta2 | |
Microsoft Windows 2000 | =sp2 | |
Microsoft Windows 2003 Server | =standard-sp1_beta_1 | |
Microsoft Windows 2003 Server | =web-sp1 | |
Microsoft Windows 2000 | =sp1 | |
Microsoft Windows Vista | ||
Microsoft Windows 2003 Server | =sp1 | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows XP | ||
Microsoft Windows 2003 Server | =enterprise_edition-sp1 | |
Microsoft Windows 2003 Server | =standard-sp1 | |
Microsoft Windows Vista | =beta1 | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows 2003 Server | =enterprise_edition-sp1_beta_1 | |
Microsoft Windows 2003 Server | =datacenter_edition | |
Microsoft Windows 2003 Server | =datacenter_edition-sp1 | |
Microsoft Windows 2000 | =sp3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.