Microsoft » Windows 2003 Server : Security Vulnerabilities, CVEs, Published In May 2006 (Code Execution)
Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability.
Max CVSS
7.5
EPSS Score
93.54%
Published
2006-05-10
Updated
2019-04-30
1 vulnerabilities found