Info

Disclosure

Jan 13, 2009

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jan 13, 2009

Description

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Private
Disclosure: Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Unknown or Incomplete

References

Security Tracker: 1021560
CVE ID: 2008-4834 (see also: NVD)
Bugtraq ID: 33121
OVAL ID: 5863
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2009-01/0100.html
News Article: http://www.breakingpointsystems.com/community/blog/2009_microsoft_tuesday_coverage
http://www.informationweek.com/news/security/vulnerabilities/showArticle.jht ml?articleID=212900197
Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-09-001/
Microsoft Security Bulletin: MS09-001
CERT: TA09-013A

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/52691