Free buffer software for windows

Note Although HyperTerminal ships as part of several Microsoft products, it was developed by Hilgraeve, Inc. Additional information on the vulnerability and a patch for their full version product, HyperTerminal Private Edition, is available from the Hilgraeve Web site, at http://www.hilgraeve.com.

For more information about these vulnerabilities, please see Microsoft Security Bulletin MS00-079.

Clip Art Gallery and Clip Gallery Live use a special file format ? the .CIL format ? for downloading these clips. Under certain circumstances, a very long field embedded in a clip art .CIL file could cause a buffer overrun in the Clip Art Gallery software. When the buffer overrun occurs, the software could crash or could cause the execution of arbitrary code on a users computer. The primary danger in this vulnerability is that the buffer overrun would occur when a user opens an attachment that includes a specially formed clip art file, or downloads a .CIL file from a malicious hackers Web page.

Impact of vulnerability: Run Code of Attackers Choice

Maximum Severity Rating: Critical

Recommendation: Customers who did not install the updates when they were originally released should install the upgraded updates immediately; customers who installed the original updates should consider installing the upgraded updates.

Affected Software:

• Microsoft MSN Chat Control
• Microsoft MSN Messenger 4.5 and 4.6, which includes the MSN Chat control
• Microsoft Exchange Instant Messenger 4.5 and 4.6, which includes the MSN Chat control

The vulnerability exists because a component of the SNMP agent service that interprets incoming commands contains an unchecked buffer (a temporary data storage area that has a limited capacity). By sending a malformed request, it is possible to carry out a buffer overrun attack against an affected system.

Note The SNMP service is neither installed nor running by default in any version of Windows.

For more information about this vulnerability, read Microsoft Security Bulletin MS02-006.

An attacker who successfully exploited this vulnerability could gain the same level of privileges over the system as the program that initiated the broadcast request. The actions an attacker could carry out would be dependent on the permissions under which the program using MDAC ran. If the program ran with limited privileges, an attacker would be limited accordingly; however, if the program ran under the local system context, the attacker would have the same level of permissions.

Since the original version of MDAC on your system may have changed from updates available on the Microsoft Web site, we recommend using the following tool to determine the version of MDAC you have on your system: Microsoft Knowledge Base article 301202 "HOW TO: Check for MDAC Version" discusses this tool and explains how to use it. Also, Microsoft Knowledge Base article 231943 discusses the release history of the different versions of MDAC.

Mitigating factors:

• For an attack to be successful an attacker would have to simulate a SQL server that is on the same IP subnet as the target system.
• When a client system on a network tries to see a list of computers that are running SQL Server and that reside on the network, it sends a broadcast request to all the devices that are on the network. A target system must initiate such a broadcast request to be vulnerable to an attack. An attacker would have no way of launching this first step but would have to wait for anyone to enumerate computers that are running SQL Server on the same subnet. Also, a system is not vulnerable by having these SQL management tools installed.
• Code executed on the client system would only run under the privileges of the client program that made the broadcast request.