Vulnerability Note VU#183397
Microsoft Windows 2000 System Monitor ActiveX Control contains buffer overflow
There is a buffer overflow in the System Monitor ActiveX control that ships with Windows 2000.
The System Monitor ActiveX control (sysmon.ocx) included with Windows 2000 contains a buffer overflow. For more information, see
The class id for this control is C4D2D8E0-D1DD-11CE-940F-008029004347.
Intruders who can script the control (e.g. by constructing a malicious web page or email message) can execute arbitrary code with the privileges of the victim.
Apply a patch as described in the Microsoft bulletin.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft||Affected||-||23 May 2002|
CVSS Metrics (Learn More)
Our thanks to Microsoft and Underground Security Systems Research and for the information contained in their advisories.
This document was written by Shawn V. Hernan.
- CVE IDs: CVE-2000-1034
- Date Public: 02 Nov 2000
- Date First Published: 23 May 2002
- Date Last Updated: 23 May 2002
- Document Revision: 4
If you have feedback, comments, or additional information about this vulnerability, please send us email.