Vulnerability Note VU#640488
Microsoft Windows contains an unchecked buffer in the NetDDE services
A vulnerability in the Network Dynamic Data Exchange service for Microsoft Windows could allow an attacker to compromise the affected system.
Microsoft's Network Dynamic Data Exchange (NetDDE) is a communication protocol that allows two Windows applications to communicate with each other over a network. A buffer management flaw exists in the way that this service handles certain malformed messages. This flaw results in a vulnerability that could allow an attacker to compromise the system. According to Microsoft security bulletin MS04-031:
A remote code execution vulnerability exists in the NetDDE services because of an unchecked buffer. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, the NetDDE services are not started by default and would have to be manually started for an attacker to attempt to remotely exploit this vulnerability.
This bulletin also states:
A remote unauthenticated attacker may be able to execute arbitrary code with administrative privileges on the affected system. Microsoft reports that this vulnerability could also be used to attempt to perform a local elevation of privilege or remote denial of service.
Apply a patch from the vendor
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||13 Oct 2004|
CVSS Metrics (Learn More)
Thanks to John Heasman of Next Generation Security Software Ltd for reporting this vulnerability.
This document was written by Chad R Dougherty based on information provided by Microsoft.
- CVE IDs: CAN-2004-0206
- Date Public: 12 Oct 2004
- Date First Published: 13 Oct 2004
- Date Last Updated: 24 Jan 2005
- Severity Metric: 16.88
- Document Revision: 12
If you have feedback, comments, or additional information about this vulnerability, please send us email.