SecurityFocus Microsoft Newsletter #295
----------------------------------------
This issue is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in
Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience. Using
interactive e-Learning technology, you can earn this esteemed degree, without
disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------
I. FRONT AND CENTER
1. Retain or restrain access logs?
II. MICROSOFT VULNERABILITY SUMMARY
1. wv2 Remote Buffer Overflow Vulnerability
2. Sendmail Malformed MIME Message Denial Of Service Vulnerability
3. IBM DB2 Universal Database Multiple Denial of Service Vulnerabilities
4. Microsoft Windows Routing and Remote Access Unspecified Remote Code
Execution Vulnerability
5. Microsoft Excel Unspecified Remote Code Execution Vulnerability
6. Microsoft Windows Malformed ART Image Remote Code Execution
Vulnerability
7. Microsoft Windows RPC Mutual Authentication Service Spoofing
Vulnerability
8. Microsoft Windows Media Player Malformed PNG Remote Code Execution
Vulnerability
9. WinSCP URI Handler Remote Arbitrary File Access Vulnerability
10. Microsoft PowerPoint Malformed Record Remote Code Execution
Vulnerability
11. Microsoft Exchange Server Outlook Web Access Script Injection
Vulnerability
12. Nullsoft SHOUTcast Multiple HTML Injection Vulnerabilities
13. FilZip Remote Directory Traversal Vulnerability
14. Microsoft Windows TCP/IP Protocol Driver Remote Buffer Overflow
Vulnerability
15. Microsoft JScript Memory Corruption Vulnerability
16. Microsoft Windows Routing and Remote Access RASMAN Registry Remote
Code Execution Vulnerability
17. Microsoft SMB Driver Local Denial Of Service Vulnerability
18. Microsoft Windows SMB Driver Local Privilege Escalation Vulnerability
19. 0verkill UDP Datagram Remote Denial of Service Vulnerability
20. GD Graphics Library Truncated GIF File Remote Denial of Service
Vulnerability
21. Kaspersky Internet Security Suite Multiple Local Vulnerabilities
22. Microsoft June Advance Notification Multiple Vulnerabilities
23. Microsoft Internet Explorer COM Object Instantiation Code Execution
Vulnerability Variant
24. Microsoft Windows Routing and Remote Access Remote Code Execution
Vulnerability
25. Microsoft Windows GDI WMF Handling Heap Overflow Vulnerability
26. Microsoft Internet Explorer Persistent Modal Dialog Window Address
Bar Spoofing Vulnerability
27. Microsoft Internet Explorer Multipart HTML File Handling Remote Code
Execution Vulnerability
28. Microsoft NetMeeting Remote Memory Corruption Denial of Service
Vulnerability
29. Microsoft Internet Explorer HTML Decoding Remote Code Execution
Vulnerability
30. Multiple Vendor Web Browser JavaScript Key Filtering Vulnerability
31. Microsoft DXImageTransform.Microsoft.Light ActiveX Control Remote
Code Execution Vulnerability
32. TIBCO Rendezvous HTTP Interface Remote Buffer Overflow Vulnerability
33. TIBCO Hawk Configuration Interface Local Buffer Overflow
Vulnerability
34. GD Graphics Library Remote Denial of Service Vulnerability
35. Microsoft Internet Explorer Frameset Denial of Service Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. Controlling specific USB devices on Windows XP
2. Logon audit
3. SecurityFocus Microsoft Newsletter #294
4. Logon audit
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Retain or restrain access logs?
By Mark Rasch
A recent proposal by the U.S. Department of Justice that would mandate Internet
Service Providers to retain certain records represents a dangerous trend of
turning private companies into proxies for law enforcement or intelligence
agencies against the interests of their clients or customers.
http://www.securityfocus.com/columnists/406
II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. wv2 Remote Buffer Overflow Vulnerability
BugTraq ID: 18437
Remote: Yes
Date Published: 2006-06-14
Relevant URL: http://www.securityfocus.com/bid/18437
Summary:
The wv2 library is susceptible to a remote buffer-overflow vulnerability. This
issue is due to the library's failure to properly bounds-check user-supplied
input before copying it to an insufficiently sized memory buffer.
This issue allows remote attackers to execute arbitrary machine code in the
context of applications that use the affected library to parse malicious
Microsoft Word files.
Version 0.2.2 of the wv2 library is vulnerable to this issue; other versions
may also be affected.
2. Sendmail Malformed MIME Message Denial Of Service Vulnerability
BugTraq ID: 18433
Remote: Yes
Date Published: 2006-06-14
Relevant URL: http://www.securityfocus.com/bid/18433
Summary:
Sendmail is prone to a denial-of-service vulnerability. This issue is due to a
failure in the application to properly handle malformed multi-part MIME
messages.
An attacker can exploit this issue to crash the sendmail process during
delivery.
3. IBM DB2 Universal Database Multiple Denial of Service Vulnerabilities
BugTraq ID: 18428
Remote: Yes
Date Published: 2006-06-14
Relevant URL: http://www.securityfocus.com/bid/18428
Summary:
IBM DB2 Universal Database is prone to multiple denial-of-service
vulnerabilities.
An attacker may be able to exploit these issues to cause the database to crash
or hang, effectively denying service to legitimate users.
These issues affect DB2 versions prior to 8 FixPak 12 also known as version 8.2
FixPak 5.
4. Microsoft Windows Routing and Remote Access Unspecified Remote Code
Execution Vulnerability
BugTraq ID: 18424
Remote: Yes
Date Published: 2006-06-14
Relevant URL: http://www.securityfocus.com/bid/18424
Summary:
Microsoft Windows Routing and Remote Access is prone to an unspecified remote
vulnerability. This issue is reportedly due to an integer-signedness error in
the affected component.
This issue likely allows remote attackers to execute arbitrary machine code on
affected computers with SYSTEM-level privileges. This facilitates the complete
compromise of affected computers.
It is not currently known if remote, anonymous attacks are possible on all
affected platforms.
This BID will be updated as further information is disclosed.
5. Microsoft Excel Unspecified Remote Code Execution Vulnerability
BugTraq ID: 18422
Remote: Yes
Date Published: 2006-06-14
Relevant URL: http://www.securityfocus.com/bid/18422
Summary:
Microsoft Excel is prone to an unspecified remote code-execution vulnerability.
Insufficient details are currently available to elaborate further.
Successfully exploiting this issue allows attackers to execute arbitrary code
in the context of targeted users.
Attackers are actively exploiting this vulnerability in targeted attacks and to
install malicious software.
This BID will be updated as further information becomes available.
6. Microsoft Windows Malformed ART Image Remote Code Execution Vulnerability
BugTraq ID: 18394
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18394
Summary:
Microsoft Windows is prone to remote code execution when processing malformed
AOL ART images. This issue is exposed when the malicious images are processed
by Internet Explorer or other applications that rely on Internet Explorer to
display AOL ART images. If exploited, this vulnerability could let a remote
attacker execute arbitrary code in the context of the victim user.
7. Microsoft Windows RPC Mutual Authentication Service Spoofing Vulnerability
BugTraq ID: 18389
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18389
Summary:
Microsoft Windows is susceptible to a vulnerability in the RPC component,
specifically when using the mutual authentication mechanism with the SSL
(Secure Socket Layer) protocol.
This issue is due to a flaw in the mutual authentication mechanism that can
occur when it attempts to validate the identity of an RPC service. This can
allow the attacker to spoof a valid RPC service that victims of the attack may
inadvertently access.
Exploitation of this issue could potentially expose the victim to other
attacks.
8. Microsoft Windows Media Player Malformed PNG Remote Code Execution
Vulnerability
BugTraq ID: 18385
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18385
Summary:
Microsoft Windows Media Player is prone to a remote code-execution
vulnerability. This vulnerability is related to handling of malicious PNG
images.
PNG images may be embedded in Windows Media Player skin files. Attackers may be
able to exploit this issue by causing the application to load a malicious skin
file, which could be hosted on an attacker-controlled web page or through email
attachments. If successful, an attacker could execute arbitrary code in the
context of the affected user.
Microsoft has stated that web-based attack scenarios are not possible with
Media Player 7.1 on Windows 2000 SP4 and Media Player XP on Windows XP SP2.
However, a victim may still be affected if they manually download and install a
malicious skin file on these platforms.
9. WinSCP URI Handler Remote Arbitrary File Access Vulnerability
BugTraq ID: 18384
Remote: Yes
Date Published: 2006-06-12
Relevant URL: http://www.securityfocus.com/bid/18384
Summary:
WinSCP is prone to an arbitrary file-access vulnerability.
An attacker can exploit this issue to upload arbitrary files to a victim user's
computer or to download arbitrary files from the victim's computer in the
context of the vulnerable application.
This issue affects version 3.8.1; earlier versions may also be vulnerable.
10. Microsoft PowerPoint Malformed Record Remote Code Execution Vulnerability
BugTraq ID: 18382
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18382
Summary:
Microsoft PowerPoint is prone to a remote code-execution vulnerability. The
issue is related to how the application processes malformed record data in
PowerPoint documents.
To exploit this issue, an attacker must entice a victim to open a malicious
PowerPoint file. If the exploit is successful, the attacker may execute
arbitrary code with the privileges of the currently logged-in user.
11. Microsoft Exchange Server Outlook Web Access Script Injection Vulnerability
BugTraq ID: 18381
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18381
Summary:
Microsoft Exchange Server Outlook Web Access is prone to a script-injection
vulnerability.
A remote attacker can exploit this issue by sending a malicious email message
to a vulnerable user.
12. Nullsoft SHOUTcast Multiple HTML Injection Vulnerabilities
BugTraq ID: 18376
Remote: Yes
Date Published: 2006-06-12
Relevant URL: http://www.securityfocus.com/bid/18376
Summary:
Nullsoft SHOUTcast is prone to multiple HTML-injection vulnerabilities because
it fails to properly sanitize user-supplied input before using it in
dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the
affected website, potentially allowing an attacker to steal cookie-based
authentication credentials or to control how the site is rendered to the user;
other attacks are also possible.
These issues affect version 1.9.5; other versions may also be vulnerable.
13. FilZip Remote Directory Traversal Vulnerability
BugTraq ID: 18375
Remote: Yes
Date Published: 2006-06-12
Relevant URL: http://www.securityfocus.com/bid/18375
Summary:
Reportedly, an attacker can carry out attacks similar to directory traversals.
These issues present themselves when the application processes malicious
archives.
A successful attack can allow the attacker to place potentially malicious files
and overwrite files on a computer in the context of the user running the
affected application. Successful exploits may aid in further attacks.
14. Microsoft Windows TCP/IP Protocol Driver Remote Buffer Overflow
Vulnerability
BugTraq ID: 18374
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18374
Summary:
Microsoft Windows is prone to a remote buffer-overflow vulnerability.
The vulnerability arises in the Microsoft Windows TCP/IP protocol driver when
IP Source Routing has been enabled.
A remote attacker may trigger a denial-of-service condition or may execute
arbitrary code, leading to a complete compromise.
15. Microsoft JScript Memory Corruption Vulnerability
BugTraq ID: 18359
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18359
Summary:
Microsoft JScript is prone to a remote memory-corruption vulnerability. This
issue is due to the software's failure to properly execute certain HTML script
content.
This issue allows remote attackers to execute arbitrary machine code in the
context of applications that use the JScript component to render
attacker-supplied script code.
Microsoft Internet Explorer and Outlook both use the affected component,
allowing attackers to exploit this issue by sending HTML email or by coercing
unsuspecting users to visit malicious websites.
16. Microsoft Windows Routing and Remote Access RASMAN Registry Remote Code
Execution Vulnerability
BugTraq ID: 18358
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18358
Summary:
Microsoft Windows Routing and Remote Access is prone to a memory-corruption
vulnerability. This issue is due to the software's failure to properly
bounds-check user-supplied network data before copying it to an insufficiently
sized memory buffer.
This issue allows remote attackers to execute arbitrary machine code on
affected computers with SYSTEM-level privileges. This facilitates the complete
compromise of affected computers.
Exploiting this issue on Microsoft Windows XP SP2 or Windows Server 2003
requires valid login credentials. Anonymous attacks are possible with Windows
2000 and Windows XP versions prior to SP2.
17. Microsoft SMB Driver Local Denial Of Service Vulnerability
BugTraq ID: 18357
Remote: No
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18357
Summary:
The Microsoft SMB driver is prone to a local denial-of-service vulnerability.
A local attacker can exploit this issue to create processes that cannot be
killed in affected operating systems, potentially denying service to legitimate
users and other software on affected computers. This may aid the attacker in
further attacks.
18. Microsoft Windows SMB Driver Local Privilege Escalation Vulnerability
BugTraq ID: 18356
Remote: No
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18356
Summary:
The Microsoft SMB driver is susceptible to a local privilege-escalation
vulnerability. This issue is due to a failure of the affected software to
properly bounds-check user-supplied input prior to copying it to
insufficiently-sized kernel memory.
A local attacker can exploit this issue to elevate privileges and gain complete
control of an affected computer.
19. 0verkill UDP Datagram Remote Denial of Service Vulnerability
BugTraq ID: 18353
Remote: Yes
Date Published: 2006-06-09
Relevant URL: http://www.securityfocus.com/bid/18353
Summary:
A denial-of-service vulnerability affects 0verkill. This issue is due to the
application's failure to properly handle certain UDP datagrams.
The vulnerability allows remote attackers from external networks to crash the
application, denying further service to legitimate users.
0verkill version 0.16 is vulnerable to this issue; other versions may also be
affected.
20. GD Graphics Library Truncated GIF File Remote Denial of Service
Vulnerability
BugTraq ID: 18347
Remote: Yes
Date Published: 2006-06-09
Relevant URL: http://www.securityfocus.com/bid/18347
Summary:
The GD Graphics Library is prone to a denial-of-service vulnerability.
Attackers can trigger an infinite-loop condition when the library tries to
handle truncated GIF image files.
This issue allows attackers to consume excessive CPU resources on computers
that use the affected software. This may deny service to legitimate users.
GD version 2.0.33 is vulnerable to this issue; other versions may also be
affected.
21. Kaspersky Internet Security Suite Multiple Local Vulnerabilities
BugTraq ID: 18341
Remote: No
Date Published: 2006-06-08
Relevant URL: http://www.securityfocus.com/bid/18341
Summary:
Kaspersky Internet Security Suite is prone to multiple local vulnerabilities.
These vulnerabilities allow local attackers to crash affected computers,
denying service to legitimate users. Attackers might also be able to gain
elevated privileges by executing arbitrary machine code in the context of the
kernel, but this has not been confirmed.
Kaspersky Internet Security Suite 5.0 is vulnerable to these issues; other
versions may also be affected.
22. Microsoft June Advance Notification Multiple Vulnerabilities
BugTraq ID: 18330
Remote: Yes
Date Published: 2006-06-08
Relevant URL: http://www.securityfocus.com/bid/18330
Summary:
Microsoft has released advance notification that they will be releasing twelve
security bulletins for Windows on June 13, 2006. The highest severity rating
for these issues is 'Critical'.
Further details about these issues are not currently available. Individual BIDs
will be created and this record will be removed when the security bulletins are
released.
23. Microsoft Internet Explorer COM Object Instantiation Code Execution
Vulnerability Variant
BugTraq ID: 18328
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18328
Summary:
Microsoft Internet Explorer is prone to a memory-corruption vulnerability that
is related to the instantiation of COM objects. This issue results from a
design error.
The vulnerability arises because of the way Internet Explorer tries to
instantiate certain COM objects as ActiveX controls, resulting in arbitrary
code execution. The affected objects are not intended to be instantiated
through Internet Explorer.
This BID is related to the issues described in BID 14511 (Microsoft Internet
Explorer COM Object Instantiation Buffer Overflow Vulnerability), BID 15061
(Microsoft Internet Explorer COM Object Instantiation Variant Vulnerability),
and BID 17453 (Microsoft Internet Explorer COM Object Instantiation Code
Execution Vulnerability). However, this issue affects a different set of COM
objects that were not addressed in the previous BIDs.
24. Microsoft Windows Routing and Remote Access Remote Code Execution
Vulnerability
BugTraq ID: 18325
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18325
Summary:
Microsoft Windows Routing and Remote Access is prone to a memory-corruption
vulnerability. This issue is due to the software's failure to properly
bounds-check user-supplied network data before copying it to an insufficiently
sized memory buffer.
This issue allows remote attackers to execute arbitrary machine code on
affected computers with SYSTEM-level privileges. This facilitates the complete
compromise of affected computers.
Exploiting this issue on Microsoft Windows XP SP2 or Windows Server 2003
requires valid login credentials. Anonymous attacks are possible with Windows
2000 and Windows XP versions prior to SP2.
25. Microsoft Windows GDI WMF Handling Heap Overflow Vulnerability
BugTraq ID: 18322
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18322
Summary:
The Microsoft Windows GDI Graphics Rendering Engine is prone to a heap-overflow
vulnerability. This issue is exposed when the component loads a specially
crafted WMF (Windows Metafile) image.
If this issue is exploited, a malicious WMF or EMF file could potentially
corrupt heap-based memory with attacker-supplied data. This could lead to the
execution of arbitrary code and to a complete system compromise.
An attacker could exploit the issue by enticing the victim user to visit a
malicious web page that contains the image or to open an email attachment that
consists of the image.
This vulnerability is limited to Windows 98/98SE/ME systems.
26. Microsoft Internet Explorer Persistent Modal Dialog Window Address Bar
Spoofing Vulnerability
BugTraq ID: 18321
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18321
Summary:
Microsoft Internet Explorer is prone to address-bar spoofing. Attackers may
exploit this via a malicious web page to spoof the contents of a page that the
victim may trust. This vulnerability may be useful in phishing or other attacks
that rely on content spoofing.
27. Microsoft Internet Explorer Multipart HTML File Handling Remote Code
Execution Vulnerability
BugTraq ID: 18320
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18320
Summary:
Internet Explorer is prone to remote code execution.
An attacker could exploit this issue to execute code in the context of the user
visiting a malicious web page.
28. Microsoft NetMeeting Remote Memory Corruption Denial of Service
Vulnerability
BugTraq ID: 18311
Remote: Yes
Date Published: 2006-06-07
Relevant URL: http://www.securityfocus.com/bid/18311
Summary:
Microsoft NetMeeting is prone to a remote memory-corruption vulnerability. This
issue is due to the application's failure to properly handle malformed network
traffic.
This issue allows remote attackers to crash affected applications or to consume
excessive CPU resources. Due to the nature of this issue, attackers might be
able to exploit this issue to execute arbitrary machine code in the context of
the vulnerable application, but this has not been confirmed.
Microsoft NetMeeting version 3.01 is vulnerable to this issue; other versions
may also be affected.
29. Microsoft Internet Explorer HTML Decoding Remote Code Execution
Vulnerability
BugTraq ID: 18309
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18309
Summary:
Internet Explorer is vulnerable to remote code execution.
An attacker could exploit this issue to execute code in the context of the user
visiting a malicious web page.
30. Multiple Vendor Web Browser JavaScript Key Filtering Vulnerability
BugTraq ID: 18308
Remote: Yes
Date Published: 2006-06-06
Relevant URL: http://www.securityfocus.com/bid/18308
Summary:
Multiple web browsers are prone to a JavaScript key-filtering vulnerability.
This issue is due to the failure of the browsers to securely handle keystroke
input from users.
This issue is demonstrated to allow attackers to divert keystrokes from one
input form in a webpage to a hidden file-upload dialog in the same page. This
may allow remote attackers to initiate file uploads from unsuspecting users.
Other attacks may also be possible.
Exploiting this issue requires that users manually type the full path of files
that attackers wish to download. This may require substantial typing from
targeted users, so attackers will likely use keyboard-based games, blogs, or
other similar pages to entice users to enter the required keyboard input to
exploit this issue.
Reportedly, Mozilla Suite, Mozilla Firefox, Mozilla SeaMonkey, Netscape
Navigator, and Microsoft Internet Explorer are all vulnerable to this issue.
31. Microsoft DXImageTransform.Microsoft.Light ActiveX Control Remote Code
Execution Vulnerability
BugTraq ID: 18303
Remote: Yes
Date Published: 2006-06-13
Relevant URL: http://www.securityfocus.com/bid/18303
Summary:
The DXImageTransform.Microsoft.Light ActiveX control is prone to remote code
execution.
An attacker could exploit this issue to execute code in the context of the user
visiting a malicious web page.
32. TIBCO Rendezvous HTTP Interface Remote Buffer Overflow Vulnerability
BugTraq ID: 18301
Remote: Yes
Date Published: 2006-06-06
Relevant URL: http://www.securityfocus.com/bid/18301
Summary:
TIBCO Rendezvous is prone to a remote buffer-overflow vulnerability. This issue
is due to the application's failure to properly check boundaries of
user-supplied command-line argument data before copying it to an insufficiently
sized memory buffer.
Attackers may exploit this issue to execute arbitrary machine code in the
context of the affected application, facilitating the remote compromise of
affected computers. The affected component may be installed as a service with
administrative privileges on Microsoft Windows computers.
TIBCO Hawk versions prior to 4.6.1, TIBCO Runtime Agent versions prior to 5.4,
and TIBCO Rendezvous versions prior to 7.5.1 are vulnerable to this issue.
33. TIBCO Hawk Configuration Interface Local Buffer Overflow Vulnerability
BugTraq ID: 18300
Remote: No
Date Published: 2006-06-06
Relevant URL: http://www.securityfocus.com/bid/18300
Summary:
TIBCO Hawk is susceptible to a local buffer-overflow vulnerability. This issue
is due to the application's failure to properly check boundaries of
user-supplied command-line argument data before copying it to an insufficiently
sized memory buffer.
Attackers may exploit this issue to execute arbitrary machine code with
elevated privileges. This is a vulnerability only if the affected software is
installed with setuid-privileges on UNIX computers or if it is installed as a
service running with administrative privileges on Microsoft Windows computers.
TIBCO Hawk versions prior to 4.6.1 and TIBCO Runtime Agent versions prior to
5.4 are vulnerable to this issue.
34. GD Graphics Library Remote Denial of Service Vulnerability
BugTraq ID: 18294
Remote: Yes
Date Published: 2006-06-06
Relevant URL: http://www.securityfocus.com/bid/18294
Summary:
The GD Graphics Library is prone to a denial-of-service vulnerability.
Attackers can trigger an infinite-loop condition when the library tries to
handle malformed image files.
This issue allows attackers to consume excessive CPU resources on computers
that use the affected software. This may deny service to legitimate users.
GD version 2.0.33 is vulnerable to this issue; other versions may also be
affected.
35. Microsoft Internet Explorer Frameset Denial of Service Vulnerability
BugTraq ID: 18277
Remote: Yes
Date Published: 2006-06-05
Relevant URL: http://www.securityfocus.com/bid/18277
Summary:
Microsoft Internet Explorer is affected by a denial-of-service vulnerability.
This issue arises because the application fails to handle exceptional
conditions in a proper manner.
An attacker may exploit this issue by enticing a user to visit a malicious site
and then to click anywhere on the page. This results in a denial-of-service
condition in the application.
Internet Explorer version 6 is vulnerable to this issue; earlier versions may
also be affected.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Controlling specific USB devices on Windows XP
http://www.securityfocus.com/archive/88/437076
2. Logon audit
http://www.securityfocus.com/archive/88/436536
3. SecurityFocus Microsoft Newsletter #294
http://www.securityfocus.com/archive/88/436524
4. Logon audit
http://www.securityfocus.com/archive/88/436523
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to
[EMAIL PROTECTED] from the subscribed address. The
contents of the subject or message body do not matter. You will receive a
confirmation request message to which you will have to answer. Alternatively
you can also visit http://www.securityfocus.com/newsletters and unsubscribe via
the website.
If your email address has changed email [EMAIL PROTECTED] and ask to
be manually removed.
V. SPONSOR INFORMATION
------------------------
This issue is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in
Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience. Using
interactive e-Learning technology, you can earn this esteemed degree, without
disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
---------------------------------------------------------------------------
