[Description] The Windows XP tftp.exe software is vulnerable to a local Heap Based overflow, allowing to run arbitrary commands on the system as the user issuing the overflow. [Complete advisory] CIRT.DK Advisory 38 can be read at http://www.cirt.dk/ Regards CIRT.DK