A security vulnerability exists in the Microsoft Local Troubleshooter ActiveX control in Windows 2000. The vulnerability exists because the ActiveX control (Tshoot.ocx) contains a buffer overflow that could allow an attacker to run code of their choice on a user's system. To exploit this vulnerability, the attacker would have to create a specially formed HTML based e-mail and send it to the user. Alternatively an attacker would have to host a malicious Web site that contained a Web page designed to exploit this vulnerability.
- Microsoft JScript and VBScript Scripting Engines Information Disclosure Vulnerability (2475792)
- Microsoft OneNote Information Disclosure Vulnerability (2816264)
- Microsoft RDP flaws could allow sniffing and DOS(Q324380)
- Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2813170)
- Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (979559)