| Name | ms08_049 |
| CVE | CVE-2008-1457 |
| Exploit Pack | CANVAS |
| Description | EventSystem Service Overflow |
| Notes | CVE Name: CVE-2008-1457 VENDOR: Microsoft Notes: Due to the fact that the svchost.exe instance where the EventSystem service is running is DEP protected, and that all loaded DLLs have GS cookies and SafeSEH enabled, the stack overflow can only be exploit when DEP is AlwaysOff (at least at the current state of our knowledge) Repeatability: One Shot MSRC: http://www.microsoft.com/technet/security/bulletin/ms08-049.mspx MSADV: MS08-049 CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1457 Date public: 08/12/2008 CVSS: 9.0 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |