Microsoft RPCSS DCOM Interface Long Filename Heap Corruption Vulnerability

Microsoft has reported a remotely exploitable heap corruption vulnerability in RPC. This issue exists in the RPCSS Service and is related to code that handles RPC messages for DCOM activation, specifically in the filename parameter. This issue could be exploited by a remote attacker to execute arbitrary code with SYSTEM privileges.


Privacy Statement
Copyright 2010, SecurityFocus