MS04-022: Vulnerability in Task Scheduler Could Allow Code Execution

My Océ

Contact Océ

MS04-022: Vulnerability in Task Scheduler Could Allow Code Execution

This update resolves a newly-discovered, privately reported vulnerability. A
remote code execution vulnerability exists in the Task Scheduler because of
an unchecked buffer.

If a user is logged on with administrative privileges, an attacker who
successfully exploited this vulnerability could take complete control of an
affected system, including installing programs; viewing, changing, or deleting
data; or creating new accounts with full privileges. However, user interaction
is required to exploit this vulnerability. Users whose accounts are configured
to have fewer privileges on the system would be at less risk than users who
operate with administrative privileges.

Océ systems	Vulnerability	Recommended action
Océ TDS300 1.x Océ TDS400 1.x 2.x Océ TDS600 3.x 4.x Océ TDS800 1.x 2.x Océ TCS400 2.x	Not vulnerable	None
Océ DPS400 Océ VP2105	Not vulnerable	None
Océ VP2090 Océ VP2110 Océ VP3090	Not vulnerable	None
Océ 900C Océ 950C	Not vulnerable	None
Océ 910C Océ 960C Océ 1000C	These systems may be influenced by this security issue	Automatic System Update »

Océ Corporate Site

Home \| Products \| Software \| Services \| Solutions \| Support \| Supplies

Privacy policy \| Terms of use \| Other Océ websites »

	© 2008 Océ

	All rights reserved