iDefense Security Advisory 09.11.07 - Remote exploitation of a stack based buffer overflow vulnerability in Microsoft Corp's Microsoft Windows 2000 Agent service could allow an attacker to execute arbitrary code with the privileges of the logged in user. The vulnerability exists within the Agent Service (agentsvr.exe). Due to improper handling of specially crafted URLs, an attack can cause stack based buffer overflow. iDefense has confirmed the existence of this vulnerability in the Agent service included in Windows 2000. Microsoft reports that newer versions of the Agent service are not vulnerable.
1b09178d90eb13abe427829422d154cb73153fac8556c0b6ef96121e7b1afce5