VULHUB ™

The Windows 2000 ShellExecute() API is prone to a buffer overflow. When an unusually long string is passed to the third parameter, a buffer is overrun. This may result in a denial of service or potential code execution. This issue was reportedly fixed in Windows 2000 Service Pack 4, however, the vendor has not confirmed this.

The Windows 2000 ShellExecute() API is prone to a buffer overflow. When an unusually long string is passed to the third parameter, a buffer is overrun. This may result in a denial of service or potential code execution. This issue was reportedly fixed in Windows 2000 Service Pack 4, however, the vendor has not confirmed this.