Windows Task Scheduler buffer overflow

Added: 09/05/2006
CVE: CVE-2004-0212
BID: 10708
OSVDB: 7798

Background

The Windows Task Scheduler is used to schedule commands to run at specified times.

Problem

A buffer overflow vulnerability in the Task Scheduler could allow command execution when a specially crafted .job file is processed.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 04-022.

References

http://archives.neohapsis.com/archives/bugtraq/2004-07/0133.html

Limitations

Exploit works on Windows XP SP0 and SP1.

A user must download the job file into a folder and open the folder in Windows Explorer in order for the exploit to succeed.

Platforms

Windows XP

Back to exploit index