Microsoft Security Bulletin MS03-046 for Windows

Name: Microsoft Security Bulletin MS03-046
Rating: 4.9 (1 reviews)
Author: Microsoft

Used Microsoft Security Bulletin MS03-046 for Windows?

Download.com has chosen not to provide a direct-download link for this product and offers this page for informational purposes only.

Developer’s Description

By Microsoft

Vulnerability in Exchange Server Could Allow Arbitrary Code Execution

In Exchange Server 5.5, a security vulnerability exists in the Internet Mail Service that could allow an unauthenticated attacker to connect to the SMTP port on an Exchange server and issue a specially-crafted extended verb request that could allocate a large amount of memory. This could shut down the Internet Mail Service or could cause the server to stop responding because of a low memory condition.

In Exchange 2000 Server, a security vulnerability exists that could allow an unauthenticated attacker to connect to the SMTP port on an Exchange server and issue a specially-crafted extended verb request. That request could cause a denial of service that is similar to the one that could occur on Exchange 5.5. Additionally, if an attacker issues the request with carefully chosen data, the attacker could cause a buffer overrun that could allow the attacker to run malicious programs of their choice in the security context of the SMTP service.