Secunia Warns of Windows 2000, XP Bug
Secunia's security advisory explains:
The vulnerability is caused due to a boundary error in the 'UpdateFrameTitleForDocument()' function of the CFrameWnd class in mfc42.dll. This can be exploited to cause a stack-based buffer overflow by passing an overly long title string argument to the affected function. Successful exploitation may allow execution of arbitrary code.
The security firm has confirmed the vulnerability in fully patched versions of Windows 2000 Professional SP4 and Windows XP SP2/SP3. Since no patch is available yet, Secunia advises restricting access to applications that allow user-controlled input to be passed to the vulnerable function.