Buffer Overflow in Windows Troubleshooter ActiveX Control (826232)

A security vulnerability exists in the Microsoft Local Troubleshooter ActiveX control in Windows 2000. The vulnerability exists because the ActiveX control (Tshoot.ocx) contains a buffer overflow that could allow an attacker to run code of their choice on a user's system. To exploit this vulnerability, the attacker would have to create a specially formed HTML based e-mail and send it to the user. Alternatively an attacker would have to host a malicious Web site that contained a Web page designed to exploit this vulnerability.
see http://www.microsoft.com/technet/security/bulletin/ms03-042.mspx