MS02-072: Unchecked Buffer in XP Shell Could Enable System Compromise (329390)
High Nessus Plugin ID 11194
SynopsisArbitrary code can be executed on the remote host through Windows Shell.
DescriptionThe remote version of Windows contains a flaw in the handling of audio files (MP3, WMA) in the Windows Shell component, that could allow an attacker to execute arbitrary code on the remote host with SYSTEM privileges.
SolutionMicrosoft has released a set of patches for Windows XP.