• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Virtual Machine Handle Validation Vulnerability

A vulnerability has been reported that involves inadequate validation of supplied input. Specifically the vulnerability is the result of inadequate validation of handles.

Several functions in JDBC will accept handles as input parameters but fail to properly validate the supplied data. Supplying malformed data to these input parameters could cause the application that is hosting the virtual machine to fail.

Execution of arbitrary code through this vulnerability may also be possible, but has not been confirmed.

This vulnerability may be related to one of the Virtual Machine issues reported in Bugtraq ID 5670, however it is not clear at this time.