header-logo
Suggest Exploit
vendor:
rundll32.exe
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: rundll32.exe
Affected Version From: Windows XP SP1
Affected Version To: Other versions might also be affected
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Buffer Overflow Vulnerability in rundll32.exe

rundll32.exe has been reported prone to a buffer overflow vulnerability. The condition has been reported to be triggered when an excessive string is passed to the vulnerable application as a routine name for a module. Exploitation of this issue may be hindered, due to the fact that user-supplied data is converted to Unicode.

Mitigation:

Ensure that user-supplied data is properly validated and filtered before being passed to the vulnerable application.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8114/info

rundll32.exe has been reported prone to a buffer overflow vulnerability. The condition has been reported to be triggered when an excessive string is passed to the vulnerable application as a routine name for a module.

Exploitation of this issue may be hindered, due to the fact that user-supplied data is converted to Unicode.

It should be noted that although this issue has been reported to affect rundll32.exe that is shipped with Windows XP SP1, other versions might also be affected.

rundll32.exe advpack32.dll,<'A'x499>

Navigation

Suggest Exploit

Services By CQR