1.What is it ?

The windows regsvr32.exe, used for registering ActiveX,COM etc
components has a commandline stack overflow.On passing a large string
on the commandline the program causes an access viation.For ex. on
issuing the command

c:\>regsvr32.exe (About 1200 A's).dll

A messagebox pops up saying LoadLibrary("AAAAAAAAAAAAAA......AAA") failed
after which an access violation occcurs on a Windows 2000 Pro SP0.

2.Systems Affected

The problem is confirmed on the follwing systems:
1.Windows 2000 Professional SP0
2.Windows XP Professional SP0
3.Windows XP Professional SP1

3. The problem

The problem is in a routine in regsvr32.exe which displays the
MessageBox saying "LoadLibrary failed for (THE INPUT FILE NAME) File
name or extension is too long".The buffer with the file name overwrites
the stack completely.

4. Expoitable ?

The problem is completely exploitable in Windows 2000 Professional but is
difficult on Windows XP due to unicode storage of the string,the instruction
pointer is compelety overwritten.The only problem would be the annoying
message box which first pops up before an access violation occurs.