Microsoft Windows contains a heap overflow vulnerability in the BrowserWriteErrorLogEntry function when processing Browser Election requests. Successful exploitation could allow execution of arbitrary code with System level privileges.
Microsoft Windows XP SP3 and prior and Windows Server 2003 SP 2 and prior
Remote Code Execution
Remote Unauthenticated Privilege Escalation. This remote vulnerability allows an unauthenticated attacker to execute code on the server with System level privileges.
BeyondTrust Prevention and Detection:
- BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
Apply appropriate patch from MS11-019.