A flaw found in Microsoft's software could be used to cause a denial-of-service attack, although the bug isn't viewed as being severe.

The vulnerability, which was found by security vendor Secunia, could be exploited through a buffer overflow attack. A buffer overflow occurs when excess data flows into an area of memory, spilling over so that it overwrites data in adjacent areas or causes unintended code to execute.

For the attack to occur, a user would have to be lured into visiting a malicious website with a overly long URL, or else opening an Internet shortcut that leads to such a site.

Secunia rated the vulnerability as "less critical," the second-lowest severity rating on its five-level scale. The flaw could be used to crash applications, but a hacker might not be able to run malicious code thanks to a prevention mechanism in Windows, the company said.

The problem affects the Home and Professional editions of Microsoft Windows XP Service Pack 2, and four versions of Windows Server 2003: Datacenter, Enterprise, Standard and Web edition, Secunia said.