=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2006/VULN494
_____________________________________________________________________

DATE                      : 13/09/2006

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows XP running Pragmatic General Multicast.

======================================================================

http://www.microsoft.com/technet/security/Bulletin/MS06-052.mspx

----------------------------------------------------------------------

MS06-052 - Vulnerability in Pragmatic General Multicast (PGM) Could Allow
            Remote Code Execution (919007)


Affected Software:
         - Microsoft Windows XP Service Pack 2
         - Microsoft Windows XP Service Pack 1

Full MS06-052 advisory:
         - http://www.microsoft.com/technet/security/Bulletin/MS06-052.mspx

Vulnerability Details

PGM Code Execution Vulnerability - CVE-2006-3442:

         There is a remote code execution vulnerability that could allow an
         attacker to send a specially crafted multicast message to an affected
         system and execute code on the affected system. The MSMQ service, which
         is the Windows service needed to allow PGM communications is not
         installed by default.

======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================