VULHUB ™

Event Viewer is a 2000 troubleshooting tool used to view events recorded in the three logs recorded by the Event Log service. It is vulnerable to a buffer overflow attack caused by malformed system log entries. Upon opening the corrupted log and viewing the details of the event, the invalid data in the entry can trigger a buffer overflow condition. This will normally result in the termination of the Event Viewer, permitting a denial of service attack to be carried out on the Event Viewer tool. If the attacker has constructed a payload containing special "exploit code", it may be possible for arbitrary code to be executed. This code would run within the security context of the user running the Event Viewer.

Event Viewer is a 2000 troubleshooting tool used to view events recorded in the three logs recorded by the Event Log service. It is vulnerable to a buffer overflow attack caused by malformed system log entries. Upon opening the corrupted log and viewing the details of the event, the invalid data in the entry can trigger a buffer overflow condition. This will normally result in the termination of the Event Viewer, permitting a denial of service attack to be carried out on the Event Viewer tool. If the attacker has constructed a payload containing special "exploit code", it may be possible for arbitrary code to be executed. This code would run within the security context of the user running the Event Viewer.