Microsoft Security Bulletin MS04-037 - Vulnerability in Windows Shell Could Allow Remote Code Execution (841356). If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. However, user interaction is required to exploit these vulnerabilities.
ef95a3ed5d31bffeedd4ac822b7d01bbfc20d8a0bc19f0302adf9f68df418478Microsoft Security Bulletin MS04-031 - Vulnerability in NetDDE Could Allow Remote Code Execution (841533). An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. However, the NetDDE services are not started by default and would have to be manually started, or started by an application that requires NetDDE, for an attacker to attempt to remotely exploit this vulnerability.
4ac78afe5a06625a0861a4ab6c335b3d28117ab77454d84120ad07fe0d94891aMicrosoft Security Bulletin MS04-031 - Vulnerability in NetDDE Could Allow Remote Code Execution (841533). An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. However, the NetDDE services are not started by default and would have to be manually started, or started by an application that requires NetDDE, for an attacker to attempt to remotely exploit this vulnerability.
4ac78afe5a06625a0861a4ab6c335b3d28117ab77454d84120ad07fe0d94891aMicrosoft Security Advisory MS03-007 - A critical buffer overflow vulnerability in Windows 2000's WebDAV protocol allows remote code execution via IIS as the LocalSystem user. This vulnerability is being exploited in the wild. URLScan, a part of the IIS Lockdown Tool, will block this attack.
228598fd496fa3d0bbdf98a8f5094d8923d56e083bc7b109b4eca59861da6d9dMicrosoft Security Advisory MS02-071 Version 2.0 - The Windows message WM_TIMER allows local users to execute code with LocalSystem privileges, giving the attacker complete control over the system.
00eb8126d183ba4ca4e54a096a5e82c52b2c665d7641910e0cf9d5577da523e6Microsoft Security Advisory MS03-005 - A buffer overflow in the Windows XP Windows Redirector allows local users to gain increased privileges provided they are able to log onto the system interactively.
8bfdb49825e91a5de6549e055b50782a186b046a126f241d61d6f888147ccc6dMicrosoft Security Advisory MS03-004 - A large patch for IE 5.01, 5.5, 6.0 has been released which fixes two newly discovered vulnerabilities, one of which allows malicious web sites to execute remote code on client browsers by misusing a dialog box. A cross-domain vulnerability in Internet Explorer's showHelp() functionality can be tricked into invoking executables already present on a user's local system, downloading malicious code onto a user's local system, and allowing attackers to download users data.
b362e647344b3d8fd63fe7d03e850546c8bde19ce683f1a987e257d371541666Microsoft Security Advisory MS03-003 - A flaw in how Outlook 2002 handles V1 Exchange Server Certificates causes Outlook to sometimes accidently sends messages in plain text even though it tells the user it has been sent encrypted.
5268f1316955e4d3d27b9cd497735fe01c5636da127e8c3646195213ab851658Microsoft Security Advisory MS03-001 - A buffer overflow in the Microsoft Windows Locator Service in Windows NT, 2000, and XP allows remote attackers to execute commands on Windows 2000 and NT domain controllers by default, and any other server which has the locator service enabled.
5e5ba03153b589c0275c98e4d61e201733836557a267dfc1f55554c12a2f6cc2Microsoft Security Advisory MS02-072 - The Windows Shell has a serious buffer overflow in the routine that extracts attribute information from audio files which allows remote attackers to execute code with privileges of the user if you move your mouse pointer over an evil mp3 or wma file on a website, HTML email, or windows share. An HTML email could cause the vulnerable code to be invoked when a user opened or previewed the email.
d86a95f6a915a23475420a215b6ed7ac33bc04fa7b4378da86a89d551b5dec4eMicrosoft Security Advisory MS02-070 - A flaw in the implementation of SMB Signing in Windows 2000 and Windows XP enables attackers to silently downgrade the SMB Signing settings on an affected system, causing either or both systems to send unsigned data regardless of the signing policy the administrator had set. Although this vulnerability could be exploited to expose any SMB session to tampering, the most serious case would involve changing group policy information as it was being disseminated from a Windows 2000 domain controller to a newly logged-on network client. Doing this, the attacker can take actions such as adding users to the local Administrators group or installing and running code of his choice on the system.
96e6063a616fc74df791bacd1467819287ac6ed0f6d2d0080f21a501e53a28eaMicrosoft Security Advisory MS02-069 - Eight serious vulnerabilities were discovered in Microsoft VM which allow remote code execution via HTML email and malicious web pages.
f4af9d4c01a18e7ea7461b5d3985e9a101361a16870c806c84743c038cceefabMicrosoft Security Advisory MS02-068 - This is a cumulative patch for Internet Explorer 5.5 and 6.0 which includes all previous patches and a new one to fix a flaw in Internet Explorer's cross-domain security model which allows a website in one domain to access information in another, including the user's local system. Exploiting the vulnerability could enable an attacker to read any file on the users computer. In addition, the attacker could invoke an executable already present on the system. This vulnerability can be exploited via email or web page.
f9652f1cc78d6779742cc557433ca8ba1e8f1b60a890eb8f0b439d57a95d7967Microsoft Security Advisory MS02-067 - A vulnerability exists in Outlook 2002 in its processing of e-mail headers allows remote attackers to crash the mail reader. The Outlook 2002 client would continue to fail so long as the specially malformed e-mail message remained on the e-mail server.
7ba0d0ae3667f10901c30100fca8fae5fd814cfbe87554a001045ad5d0a8fd2fMicrosoft Security Advisory MS02-066 - Six new vulnerabilities were discovered in IE 5.01, 5.5 and 6.0 including a three bugs that allow remote attackers to view any file on the system or run executables, a PNG buffer overrun, information disclosure, read temp files with cookie info.
7b641110114c4f1ba5bb73219dd4dd18037c8aba3c6209c9dab0787223b9a130Microsoft Security Advisory - Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution. Both web servers and web clients are at risk from the vulnerability: Web servers are at risk if a vulnerable version of MDAC is installed and running on the server. To exploit the vulnerability against such a web server, an attacker would need to establish a connection with the server and then send a specially malformed HTTP request to it, that would have the effect of overrunning the buffer with the attacker's chosen data. The code would run in the security context of the IIS service (which, by default, runs in the LocalSystem context). Web clients are at risk in almost every case, as the RDS Data Stub is included with all current versions of Internet Explorer and there is no option to disable it. To exploit the vulnerability against a client, an attacker would need to host a web page that, when opened, would send an HTTP reply to the user's system and overrun the buffer with the attacker's chosen data. The web page could be hosted on a web site or sent directly to users as an HTML Mail. The code would run in the security context of the user.
6befe459e6dbfe443c23c4464aabd9bce1694963db34252a389d0b9e741f1db4Microsoft Security Advisory MS02-063 - A buffer overflow in all versions of Windows PPTP are vulnerable to remote denial of service attacks.
69f968bef7b630c760fbaebfa34c8219f97c8b1b1cca60d818d60cd5ecf60db7Microsoft Security Advisory MS02-062 - Four vulnerabilities have been found in Microsoft IIS 4.0, 5.0, and 5.1 which allow privilege elevation, denial of service, bypass upload permissions, and cross site scripting on the admin page.
a2967ba6e1a6b2fd057c457e3dbcd833166beca202b663b0c1b4e92306d95694Microsoft Security Advisory MS02-064 - On Windows 2000, the default permissions provide the Everyone group with Full access on the system root folder (typically, C:\). In most cases, the system root is not in the search path. However, under certain conditions - for instance, during logon or when applications are invoked directly from the Windows desktop via Start | Run - it can be, allowing users to make trojans that other users execute.
1216c825445c9a208c39bc93c9c94e146553beb71516ba0e00744b827f2d5645Microsoft Security Advisory MS02-061 - Microsoft SQL Server 7.0 and 2000 contain stored procedures which allow low privileged users who are able to authenticate to a SQL server to delete, insert or update all the web tasks created by other users. In addition, the attacker can run already created web tasks in the context of the creator of the web task, usually the SQL Server Agent service account.
b64e0c0e18bee283ad6b70b6b0638fbfd75ccd565bbd4d21fec435e3209cbf49Microsoft Security Advisory MS02-060 - A security vulnerability is present in the Windows XP version of Help and Support Center allows attackers to construct web pages that, when opened, deletes files on the users hard drive.
7fd300a5f568ea4dbdca3c00aab247ea5f22c0354638b8fd443cb1de1f00538dMicrosoft Security Advisory MS02-059 - A flaw in Microsoft Word and Excel's external updates can lead to information disclosure. A vulnerability exists because it is possible to maliciously use field codes and external updates to steal information from a user without the user being aware. Certain events can trigger field code and external update to be updated, such as saving a document or by the user manually updating the links. A specially crafted field code or external update can be used to trigger an update without any indication to the user, allowing attackers to create documents that, when opened, would update themselves to include the contents of a file from the user's local computer.
3c394c60eefd40045fbec1e9b03a88f1507434bed7c4a0b450028ad3a778056eMicrosoft Security Advisory MS02-058 - A vulnerability in S/MIME parsing allows Outlook Express to run code of the attackers choice. While creating a digitally signed email and editing it to introduce specific data, then sending it to another user, an attacker can exploit the bug.
381fe6cc2a71e90f90c589641a28ff19abeb2a32a3f3964429f2b63358329863Microsoft Security Advisory MS02-057 - The Sun Microsystems RPC library in Microsoft's Services for UNIX (SFU) 3.0 on the Interix SDK contains three vulnerabilities, some of which allow remote code execution.
5acec35c4cedcc8aff24a306b384a7772763962d930ae71f8b073f37ff63e2fbMicrosoft Security Advisory MS02-056 - A Cumulative Patch for SQL Server 7.0, Microsoft Data Engine (MSDE) 1.0, Microsoft SQL Server 2000, and Microsoft Desktop Engine (MSDE) 2000 fix four vulnerabilities, some of which allow attackers to take complete control over the system.
3bf76166be49ef8d4f9d411cefac284e9a953d42055775e31b63ba8cd2072d44
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed