A security vulnerability exists in the Microsoft Local Troubleshooter ActiveX control in Windows 2000. The vulnerability exists because the ActiveX control (Tshoot.ocx) contains a buffer overflow that could allow an attacker to run code of their choice on a user's system. To exploit this vulnerability, the attacker would have to create a specially formed HTML based e-mail and send it to the user. Alternatively an attacker would have to host a malicious Web site that contained a Web page designed to exploit this vulnerability.
- Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)
- Active Directory Certificate Services Web Enrollment Elevation of Privilege Vulnerability (2518295)
- Microsoft Office Web Apps HTML Sanitisation Component XSS Vulnerability (2821818)
- Microsoft ISA Server DNS - Denial Of Service (MS03-009)
- Microsoft File Handling Component Remote Code Execution Vulnerability (2922229)