| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS07-020 | Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168) | Microsoft Windows | Critical | 11-04-2007 |
Technical Information
Brief overview of the risk:
A remote code execution vulnerability exists in Microsoft Agent in the way that it handles certain specially crafted URLs.
Detailed Information on the risk:
MS07-020 patches a URL parsing bug in Microsoft Agent Services that can lead to Denial of Service or Remote Code Execution. The exploit vector in this case would most likely be a maliciously crafted web page.Further information on this exploit is available at : MS07-020
Affected Software
Microsoft Windows 2000 Service Pack 4Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition Microsoft Windows XP Professional x64 Edition
Service Pack 2
Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
Microsoft Server 2003 Service Pack 2
Microsoft Windows Server 2003 x64 Edition with Service Pack 1
Microsoft Windows Server 2003 x64 Edition with Service Pack 2
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 with SP2 for Itanium-based Systems