• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows WebDAV Mini-Redirector Heap Overflow Vulnerability

Microsoft Windows is prone to a heap-overflow vulnerability in the WebDAV Mini-Redirector component (also known as the Web Client service). This vulnerability may be triggered by a malicious WebDAV response. A successful exploit could let a remote attacker execute arbitrary code with SYSTEM privileges, completely compromising an affected computer.

To be affected, the Web Client service must be enabled on the computer. The Web Client service is disabled by default on Microsoft Windows Server 2003.