iDefense Security Advisory 04.08.08 - Remote exploitation of an integer overflow vulnerability in multiple versions of Microsoft Corp.'s Windows operating system could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in Windows 2000 SP4 and Windows XP SP2.
03d39e0c171617bc6bed7fb6be3e14daf1be8b9c372dfa5615c0ba6aa4d0858e