Still can’t find any information on or first-hand accounts of an exploit. Note that this is not a “buffer overflow”. Instead it is a problem with the “general buffer management function”.
Generally, buffer overflows allow the person exploiting the vulnerability to put arbitrary code on the stack for execution. In this case, the problem is that, when over-writing sensitive data on the heap, the buffer managment code writes 0’s too far out.
The key here is that the buffer being managed is on the heap. It is my understanding that heap-based exploits are much more difficult than stack-based ones.
Bottom line: you’re probably looking at a DoS at the most.
Oh, and “
UsePrivilegeSeperation yes” will help minimize the damage of this sort of problem in the future.