A
vulnerability has been identified in Microsoft Windows, which could be
exploited by local attackers to obtain elevated privileges. This issue
is due to a double-free error within the Windows Server Library
(WINSRV.DLL) and the Client Server Run-Time Subsystem (CSRSS) when
calling a MessageBox API with malformed parameters and a
"MB_SERVICE_NOTIFICATION" flag set, which could allow malicious users
to crash a vulnerable system or execute arbitrary commands with SYSTEM
privileges.
Affected Products
Microsoft Windows Vista Home
Microsoft Windows Vista Business
Microsoft Windows Vista Enterprise
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Service Pack 1
Microsoft Windows Server 2003 Service Pack 1