Description
Buffer overflow in the Windows Shell function in Microsoft Windows XP allows remote attackers to execute arbitrary code via an .MP3 or .WMA audio file with a corrupt custom attribute, aka "Unchecked Buffer in Windows Shell Could Enable System Compromise."
Products
- Microsoft Windows XP 64-bit
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Gold
- Microsoft Windows XP Gold Professional
- Microsoft Windows XP SP1 64-bit
- Microsoft Windows XP SP1 Home
- Microsoft windows xp_gold
- Microsoft Windows XP Gold Professional Edition
- Microsoft Windows Xp - Gold Professional Edition on X64
- Microsoft Windows XP (gold) 64-Bit Edition for Itanium systems, Version 2002
- Microsoft Windows XP (gold) 64-Bit Edition, Version 2003
- Microsoft windows xp_gold embedded
- Microsoft Windows XP (gold) Home Edition
- Microsoft windows xp_gold media_center
- Microsoft Windows XP Professional Gold
- Microsoft windows xp_gold tablet_pc
- Microsoft Windows XP (gold) x64 (64-bit)
- Microsoft Windows XP Service Pack 1 Home Edition
- Microsoft Windows XP Service Pack 2 Home Edition
- Microsoft Windows XP Service Pack 3 Home Edition
Questions to Ask Vendors
- Can you confirm whether your systems are affected by CVE-2002-1327, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2002-1327 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions
- Check out the advisory links provided below.
References