SecurityFocus Microsoft Newsletter #304

Thu, 17 Aug 2006 07:06:49 -0700 

SecurityFocus Microsoft Newsletter #304
----------------------------------------

Are Your IIS Web Servers Under Attack?
Monitor IIS activity and block all unwanted traffic. ThreatSentry Host IPS + Application Firewall protects IIS against new and progressive attack techniques and delivers affordable defense-in-depth. $399 per server. Free 30-day trial. 

http://newsletter.industrybrains.com/c?fe;3;53120;4d8;250;1e60;da4

------------------------------------------------------------------
I.   FRONT AND CENTER
      1. Dynamic Linking in Linux and Windows, part two
II.  MICROSOFT VULNERABILITY SUMMARY
      1. Zen Cart Multiple SQL Injection Vulnerabilities
      2. PHProjekt Multiple Remote File Include Vulnerabilities
      3. Microsoft Internet Explorer MSOE.DLL Denial Of Service Vulnerability
4. Microsoft Internet Explorer CHTSKDIC.DLL Denial Of Service Vulnerability 5. Microsoft Internet Explorer IMSKDIC.DLL Denial Of Service Vulnerability 
      6. Microsoft Windows PNG File IHDR Block Denial of Service Vulnerability
      7. ImageMagick SGI Image File Remote Heap Buffer Overflow Vulnerability
      8. Novell eDirectory eMBoxClient.JAR Information Disclosure Vulnerability
      9. Novell eDirectory Unspecified Nessus Denial of Service Vulnerability
      10. 04WebServer Multiple Vulnerabilities
11. Opera Web Browser IRC Chat Client Remote Denial of Service Vulnerability 
      12. RETIRED: Microsoft Windows Help Multiple Remote Vulnerabilities
      13. ScatterChat ECB Mode Cryptographic Module Weakness
      14.  IPCheck Server Monitor Directory Traversal Vulnerability
      15. YaBBSE Index.PHP Cross-Site Scripting Vulnerability
      16. IrfanView ANI Image File Denial Of Service Vulnerability
      17. OpenMPT Multiple Remote Code Execution Vulnerabilities
      18. Apache CGI Script Source Code Information Disclosure Vulnerability
      19. Drupal Bibliography Multiple Input Validation Vulnerabilities
20. eIQNetworks Enterprise Security Analyzer Monitoring.EXE Multiple Buffer Overflow Vulnerabilities 
      21. Microsoft Management Console Zone Bypass Vulnerability
22. Microsoft Visual Basic for Applications Document Check Buffer Overflow Vulnerability 
      23. Microsoft Windows Server Service Remote Buffer Overflow Vulnerability
24. Microsoft Hyperlink Object Library Function Remote Buffer Overflow Vulnerability 
      25. Microsoft Windows DNS Client Buffer Overrun Vulnerability
26. CA eTrust Antivirus WebScan Malicious Update Code Execution Vulnerability 
      27. EasyCafe Security Restriction Bypass Vulnerability
28. Microsoft Internet Explorer Source Element Cross-Domain Information Disclosure Vulnerability 
      29. Computer Associates Virus Definition Downgrade Vulnerability
      30. XChat Remote Denial of Service Vulnerability
31. Microsoft Windows 2000 Kernel Local Privilege Escalation Vulnerability 32. Microsoft Windows Unhandled Exception Remote Code Execution Vulnerability 
      33. Microsoft Windows User Profile Privilege Escalation Vulnerability
34. Microsoft Windows GDI32.DLL WMF Remote Denial of Service Vulnerability 35. Microsoft Internet Explorer IFrame Refresh Denial of Service Vulnerability 
      36. Microsoft Powerpoint Remote Code Execution Vulnerability
37. Microsoft Internet Explorer COM Object Instantiation Code Execution Vulnerability 38. Microsoft Internet Explorer Window Location Cross-Domain Information Disclosure Vulnerability 
      39. Microsoft Winsock Gethostbyname Buffer Overflow Vulnerability
40. Microsoft Internet Explorer Chained Cascading Style Sheets Remote Code Execution Vulnerability 41. Microsoft Internet Explorer HTML Layout and Positioning Remote Code Execution Vulnerability 
III. MICROSOFT FOCUS LIST SUMMARY
      1. Licensed Software Audit
      2. Workstation Shutdown / Logoff Policy
      3. Local Security Policy screen can't retrieve sec policy information
      4. Impact of removing administrative rights in an enterprise running XP
IV.  UNSUBSCRIBE INSTRUCTIONS
V.   SPONSOR INFORMATION

I.   FRONT AND CENTER
---------------------
1. Dynamic Linking in Linux and Windows, part two
By Reji Thomas and Bhasker Reddy
This article discusses the shared libraries concept in both Windows and Linux, and offers a walk through various data structures to explain how dynamic linking is done in these operating systems. 
http://www.securityfocus.com/infocus/1873


II.  MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Zen Cart Multiple SQL Injection Vulnerabilities
BugTraq ID: 19542
Remote: Yes
Date Published: 2006-08-15
Relevant URL: http://www.securityfocus.com/bid/19542
Summary:
Zen Cart is prone to multiple SQL injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful attack could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. 

These issues affect version 1.3.0.2; earlier versions may also be vulnerable.

2. PHProjekt Multiple Remote File Include Vulnerabilities
BugTraq ID: 19541
Remote: Yes
Date Published: 2006-08-16
Relevant URL: http://www.securityfocus.com/bid/19541
Summary:
Multiple remote file include vulnerabilities affect PHProjekt. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it in a PHP 'include()' function call. An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. Version 5.1 of PHProjekt is vulnerable to this issue; previous versions may be affected as well. 

3. Microsoft Internet Explorer MSOE.DLL Denial Of Service Vulnerability
BugTraq ID: 19530
Remote: Yes
Date Published: 2006-08-15
Relevant URL: http://www.securityfocus.com/bid/19530
Summary:
Microsoft Internet Explorer is prone to a denial-of-service vulnerability. This issue occurs because the application fails to load a DLL library when instantiated as an ActiveX control.
An attacker may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users, and may cause arbitrary code to run within the context of the application. 

4. Microsoft Internet Explorer CHTSKDIC.DLL Denial Of Service Vulnerability
BugTraq ID: 19529
Remote: Yes
Date Published: 2006-08-15
Relevant URL: http://www.securityfocus.com/bid/19529
Summary:
Microsoft Internet Explorer is prone to a denial-of-service vulnerability because the application fails to load a DLL library when instantiated as an ActiveX control.
An attacker may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users and may cause arbitrary code to run within the context of the user running the application. 

5. Microsoft Internet Explorer IMSKDIC.DLL Denial Of Service Vulnerability
BugTraq ID: 19521
Remote: Yes
Date Published: 2006-08-15
Relevant URL: http://www.securityfocus.com/bid/19521
Summary:
Microsoft Internet Explorer is prone to a denial-of-service vulnerability. This issue occurs because the application fails to load a DLL library when instantiated as an ActiveX control.
An attacker may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users and may cause arbitrary code to run within the context of the application. 

6. Microsoft Windows PNG File IHDR Block Denial of Service Vulnerability
BugTraq ID: 19520
Remote: Yes
Date Published: 2006-08-15
Relevant URL: http://www.securityfocus.com/bid/19520
Summary:
Microsoft Windows is reportedly prone to a remote denial-of-service vulnerability because the PNG-rendering portion of the operating system fails to handle malicious PNG (Portable Network Graphics) files. This issue may cause Windows Explorer to consume excessive resources and crash, denying service to legitimate users. 

7. ImageMagick SGI Image File Remote Heap Buffer Overflow Vulnerability
BugTraq ID: 19507
Remote: Yes
Date Published: 2006-08-14
Relevant URL: http://www.securityfocus.com/bid/19507
Summary:
ImageMagick is prone to a remote heap buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
This issue allows attackers to execute arbitrary machine code in the context of applications that use the ImageMagick library.
ImageMagick versions in the 6.x series, up to version 6.2.8, are vulnerable to this issue. 

8. Novell eDirectory eMBoxClient.JAR Information Disclosure Vulnerability
BugTraq ID: 19499
Remote: Yes
Date Published: 2006-08-11
Relevant URL: http://www.securityfocus.com/bid/19499
Summary:
The Novell eDirectory Server is prone to an information-disclosure vulnerability because the application fails to protect sensitive information from unprivileged users.
The flaw presents itself in eDirectory version 8.7.3.8; other versions may also be affected. 

9. Novell eDirectory Unspecified Nessus Denial of Service Vulnerability
BugTraq ID: 19498
Remote: Yes
Date Published: 2006-08-11
Relevant URL: http://www.securityfocus.com/bid/19498
Summary:
The Novell eDirectory Server is prone to an unspecified denial-of-service vulnerability. The system experiences high CPU usage when it is subjected to a Nessus scan. The flaw presents itself in eDirectory version 8.7.3.8; other versions may also be affected. 

10. 04WebServer Multiple Vulnerabilities
BugTraq ID: 19496
Remote: Yes
Date Published: 2006-08-14
Relevant URL: http://www.securityfocus.com/bid/19496
Summary:
Multiple remote vulnerabilities affect 04WebServer. Some issues are due to the application's failure to properly sanitize user-supplied input. An attacker may leverage these issues to carry out cross-site scripting attacks and bypass certain security checks. 

04WebServer 1.83 and prior versions are vulnerable.

11. Opera Web Browser IRC Chat Client Remote Denial of Service Vulnerability
BugTraq ID: 19491
Remote: Yes
Date Published: 2006-08-14
Relevant URL: http://www.securityfocus.com/bid/19491
Summary:
Opera Web Browser IRC chat client is prone to a remote denial-of-service vulnerability. A successful attack can allow the attacker to trigger a crash in the client and deny service to legitimate users. This issue affects Opera Web Browser 9. Other versions may be vulnerable as well. 

12. RETIRED: Microsoft Windows Help Multiple Remote Vulnerabilities
BugTraq ID: 19490
Remote: Yes
Date Published: 2006-08-12
Relevant URL: http://www.securityfocus.com/bid/19490
Summary:
The Microsoft Windows Help File viewer (winhlp32.exe) is prone to multiple remote vulnerabilities.
These vulnerabilities present themselves when the application handles specially crafted Windows Help (.hlp) files.
A successful attack may let the attacker crash the application or execute arbitrary code in the context of a vulnerable user who opens a malicious file.
Specific information regarding affected versions of Microsoft Windows is currently unavailable.
Update: Since help files can inherently execute arbitrary malicious code, this BID is being retired. 

13. ScatterChat ECB Mode Cryptographic Module Weakness
BugTraq ID: 19485
Remote: Yes
Date Published: 2006-08-11
Relevant URL: http://www.securityfocus.com/bid/19485
Summary:
ScatterChat Instant Messenger is prone to a cryptographic weakness that may allow an attacker to detect patterns in encrypted client communications.
Information obtained may help the attacker conduct further attacks on the system. 

14.  IPCheck Server Monitor Directory Traversal Vulnerability
BugTraq ID: 19473
Remote: Yes
Date Published: 2006-08-10
Relevant URL: http://www.securityfocus.com/bid/19473
Summary:
IPCheck Server Monitor is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks. 

Version  5.3.2.609 is vulnerable; other versions may also be affected.

15. YaBBSE Index.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 19460
Remote: Yes
Date Published: 2006-08-10
Relevant URL: http://www.securityfocus.com/bid/19460
Summary:
A cross-site scripting vulnerability affects YaBBSE because the application fails to properly sanitize user-supplied input before including it in dynamically generated web content. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks. 

16. IrfanView ANI Image File Denial Of Service Vulnerability
BugTraq ID: 19452
Remote: No
Date Published: 2006-08-09
Relevant URL: http://www.securityfocus.com/bid/19452
Summary:
IrfanView is prone to a denial-of-service vulnerability. A remote attacker may crash the application, resulting in denial-of-service conditions to legitimate users. This issue may potentially be exploited to execute arbitrary machine code, but this has not been 
confirmed.
Version 3.98.0 is vulnerable to this issue; other versions may also be affected. 

17. OpenMPT Multiple Remote Code Execution Vulnerabilities
BugTraq ID: 19448
Remote: Yes
Date Published: 2006-08-09
Relevant URL: http://www.securityfocus.com/bid/19448
Summary:
OpenMPT is prone to multiple remote code-execution vulnerabilities because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
These issues allow remote attackers to execute arbitrary machine code in the context of affected servers. This facilitates the remote compromise of affected computers. 

These versions are affected:

- 1.17.02.43 and earlier
- SVN versions 157 and earlier.

18. Apache CGI Script Source Code Information Disclosure Vulnerability
BugTraq ID: 19447
Remote: Yes
Date Published: 2006-08-09
Relevant URL: http://www.securityfocus.com/bid/19447
Summary:
Apache is prone to an information-disclosure vulnerability because it fails to properly handle exceptional conditions.
An attacker can exploit this issue to retrieve script source code. Information obtained may aid in further attacks.
Versions 2.2.2 for Microsoft Windows is vulnerable to this issue; other versions may also be affected. 

19. Drupal Bibliography Multiple Input Validation Vulnerabilities
BugTraq ID: 19441
Remote: Yes
Date Published: 2006-08-09
Relevant URL: http://www.securityfocus.com/bid/19441
Summary:
Drupal Bibliography module is prone to multiple input-validation vulnerabilities, incuding multiple cross-site scripting and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful exploit of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, or even exploit vulnerabilities in the underlying database implementation. Other attacks are also possible.
Versions prior to 4.6 and 4.7 are vulnerable; other versions may also be affected.
20. eIQNetworks Enterprise Security Analyzer Monitoring.EXE Multiple Buffer Overflow Vulnerabilities 
BugTraq ID: 19424
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19424
Summary:
eIQnetworks Enterprise Security Analyzer is prone to multiple remote buffer-overflow vulnerabilities.
These issues can facilitate a remote compromise due to arbitrary code execution. 

Enterprise Security Analyzer versions prior to 2.5.0 are vulnerable.

21. Microsoft Management Console Zone Bypass Vulnerability
BugTraq ID: 19417
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19417
Summary:
Microsoft Management Console (MMC) is prone to a cross-zone scripting vulnerability because the operating system fails to properly restrict access to MMC components, allowing the MMC files to be referenced from the Internet Zone in some cases.
This vulnerability could let an attacker execute arbitrary code, completely compromising the computer.
22. Microsoft Visual Basic for Applications Document Check Buffer Overflow Vulnerability 
BugTraq ID: 19414
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19414
Summary:
A vulnerability has been discovered in Microsoft Visual Basic for Applications. The vulnerability occurs due to insufficient bounds checking when checking the properties of malicious documents. As a result, a malformed document may be able to trigger a buffer-overflow within the affected application, effectively allowing for the execution of arbitrary code. Microsoft Office, Access, Visio, Word, and Works are also reportedly attack vectors, since they employ VBA when handling certain document types. Email is another potential attack vector for this vulnerability, but merely opening an email would not trigger the issue; replying or forwarding the message could potentially trigger it. 

Microsoft has reported that this issue is being exploited in the wild.

23. Microsoft Windows Server Service Remote Buffer Overflow Vulnerability
BugTraq ID: 19409
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19409
Summary:
Microsoft Windows Server Service is prone to a remote buffer-overflow vulnerability. This vulnerability arises when the service processes a malicious message in RPC communications.
A successful attack may result in arbitrary code execution with SYSTEM privileges leading to a full compromise. Attack attempts may result in denial-of-service conditions as well. 

Microsoft has reported that this issue is being exploited in the wild.
Update (August 14, 2006): A worm named 'W32.Wargbot' that exploits this issue to spread is currently in the wild.
24. Microsoft Hyperlink Object Library Function Remote Buffer Overflow Vulnerability 
BugTraq ID: 19405
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19405
Summary:
Microsoft's Hyperlink Object Library is prone to a buffer-overflow vulnerability. This issue is due to the library's failure to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successfully exploiting this issue allows attackers to execute arbitrary machine code in the context of applications that use the affected library. This facilitates the remote compromise of affected computers. Failed exploit attempts will likely crash targeted applications.
This issue is different from the one described in BID 18500 (Microsoft HLINK.DLL Link Memory Corruption Vulnerability). 

25. Microsoft Windows DNS Client Buffer Overrun Vulnerability
BugTraq ID: 19404
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19404
Summary:
Microsoft Windows is prone to a remotely exploitable buffer overrun condition in the DNS client.
This issue is exposed when a client handles a malicious response from a DNS server. Attackers may leverage this to execute arbitrary code and launch a complete compromise of the affected computer. 

26. CA eTrust Antivirus WebScan Malicious Update Code Execution Vulnerability
BugTraq ID: 19403
Remote: Yes
Date Published: 2006-08-07
Relevant URL: http://www.securityfocus.com/bid/19403
Summary:
CA eTrust Antivirus WebScan is prone to a remote code-execution vulnerability because it fails to properly validate parameters supplied to the WebScan ActiveX control.
An attacker could exploit this vulnerability to cause WebScan to install malicious application files from an attacker-specified source. This could result in the execution of arbitrary code.
This issue affects version 1.1.0.1047 and earlier; other versions may also be affected. 

27. EasyCafe Security Restriction Bypass Vulnerability
BugTraq ID: 19401
Remote: Yes
Date Published: 2006-08-07
Relevant URL: http://www.securityfocus.com/bid/19401
Summary:
EasyCafe is prone to a vulnerability that lets attackers bypass security restrictions.
This issue occurs because the application fails to prevent an attacker from gaining unauthorized access to a client computer. An attacker can exploit this issue to gain unauthorized access to the client's computer. Other attacks are also possible. Version 2.1.7 to 2.2.14 are vulnerable to this issue; other versions may also be affected.
28. Microsoft Internet Explorer Source Element Cross-Domain Information Disclosure Vulnerability 
BugTraq ID: 19400
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19400
Summary:
Microsoft Internet Explorer is prone to an information-disclosure vulnerability because it fails to properly enforce cross-domain policies.
This issue may allow attackers to access arbitrary websites in the context of a targeted user's browser session. This may allow attackers to perform actions in web applications with the privileges of exploited users or to gain access to potentially sensitive information. This may aid attackers in further attacks. 

29. Computer Associates Virus Definition Downgrade Vulnerability
BugTraq ID: 19399
Remote: Yes
Date Published: 2006-08-07
Relevant URL: http://www.securityfocus.com/bid/19399
Summary:
A flaw in the Computer Associates WebScan product reportedly could cause the application's virus definitions to be downgraded to a previous version. This presents a security risk because the virus definitions in question may be out of date and may not effectively detect newer variants of malicious code. 

30. XChat Remote Denial of Service Vulnerability
BugTraq ID: 19398
Remote: Yes
Date Published: 2006-08-07
Relevant URL: http://www.securityfocus.com/bid/19398
Summary:
XChat is prone to a remote denial-of-service vulnerability because it fails to properly handle unexpected data from malicious IRC users.
This issue allows remote attackers to crash affected IRC clients, denying service to legitimate users. To exploit this issue, attackers send malformed data to unsuspecting users.
XChat version 2.6.7 for Windows is vulnerable to this issue; other versions and platforms may also be affected.
NOTE: The vendor refutes this issue, stating that the exploit has no affect on XChat.
31. Microsoft Windows 2000 Kernel Local Privilege Escalation Vulnerability BugTraq ID: 19388 
Remote: No
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19388
Summary:
A local privilege-escalation vulnerability affects Microsoft Windows 2000. This vulnerability affects the Windows kernel; local attackers may exploit it to completely compromise an affected computer. 

32. Microsoft Windows Unhandled Exception Remote Code Execution Vulnerability
BugTraq ID: 19384
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19384
Summary:
Microsoft Windows is prone to a remote code-execution vulnerability. This vulnerability is caused by an error in how chained exceptions are unloaded by the operating system. This vulnerability could be exploited by a malicious web page. A successful exploit would completely compromise the affected computer.
Specific details about this vulnerability are not available at this time. This BID will be updated if more information becomes available. 

33. Microsoft Windows User Profile Privilege Escalation Vulnerability
BugTraq ID: 19375
Remote: No
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19375
Summary:
Microsoft Windows is prone to a local privilege-escalation vulnerability. The vulnerability is caused by an insecure search path for the WinLogon facility. If exploited, this could let an attacker run an arbitrary DLL with elevated privileges.
This issue is reported to affect Windows 2000 in the default configuration. Other Windows operating systems are not affected unless the configuration settings related to this vulnerability are changed from the default. 

34. Microsoft Windows GDI32.DLL WMF Remote Denial of Service Vulnerability
BugTraq ID: 19365
Remote: Yes
Date Published: 2006-08-06
Relevant URL: http://www.securityfocus.com/bid/19365
Summary:
Microsoft Windows is reportedly prone to a remote denial-of-service vulnerability. This issue occurs because the application fails to handle Malicious WMF file. This issue may cause Windows Explorer to crash, denying service to legitimate users. 

35. Microsoft Internet Explorer IFrame Refresh Denial of Service Vulnerability
BugTraq ID: 19364
Remote: Yes
Date Published: 2006-08-06
Relevant URL: http://www.securityfocus.com/bid/19364
Summary:
Microsoft Internet Explorer is prone to a denial-of-service vulnerability when handling malicious HTML files. Successfully exploiting this issue allows attackers to consume excessive CPU resources in the affected browser and eventually cause Internet Explorer to crash, causing a denial-of-service. 

36. Microsoft Powerpoint Remote Code Execution Vulnerability
BugTraq ID: 19341
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19341
Summary:
Microsoft PowerPoint is prone to a remote code-execution vulnerability.
This issue occurs when the application handles malformed record data within a presentation file.
A successful exploit of this issue will let attackers execute arbitrary code in the context of the targeted user.
37. Microsoft Internet Explorer COM Object Instantiation Code Execution Vulnerability 
BugTraq ID: 19340
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19340
Summary:
Microsoft Internet Explorer is prone to a memory-corruption vulnerability that is related to the instantiation of COM objects. This issue stems from a design error.
The vulnerability arises because of the way Internet Explorer tries to instantiate certain COM objects as ActiveX controls, resulting in arbitrary code execution. The affected objects are not intended to be instantiated through Internet Explorer.
38. Microsoft Internet Explorer Window Location Cross-Domain Information Disclosure Vulnerability 
BugTraq ID: 19339
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19339
Summary:
Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability.
This vulnerability may let a malicious website access properties of a site in an arbitrary external domain. Attackers could exploit this issue to gain access to sensitive information that is associated with the external domain. 

39. Microsoft Winsock Gethostbyname Buffer Overflow Vulnerability
BugTraq ID: 19319
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19319
Summary:
The Microsoft Winsock API is prone to a buffer-overflow vulnerability.
This issue can occur when the API is invoked via a malicious file or web page that is sufficient to trigger the vulnerability. If the exploit is successful, attacker-supplied code will execute, completely compromising the affected computer.
40. Microsoft Internet Explorer Chained Cascading Style Sheets Remote Code Execution Vulnerability 
BugTraq ID: 19316
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19316
Summary:
Microsoft Internet Explorer is prone to remote code-execution vulnerability. This issue is related to how the browser handles chained CSS (Cascading Style Sheets). An attacker could exploit this issue to execute arbitrary code in the context of the user visiting a malicious web page.
This issue affects Internet Explorer on Windows 2000, Windows XP (excluding XP SP2), and Windows Server 2003.
41. Microsoft Internet Explorer HTML Layout and Positioning Remote Code Execution Vulnerability 
BugTraq ID: 19312
Remote: Yes
Date Published: 2006-08-08
Relevant URL: http://www.securityfocus.com/bid/19312
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability. This vulnerability is related to how the browser renders HTML with certain layout and positioning combinations. An attacker could exploit this issue to execute arbitrary code in the context of the user visiting a malicious web page.
This issue affects Internet Explorer on Windows 2000, Windows XP, and Windows Server 2003. 

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Licensed Software Audit
http://www.securityfocus.com/archive/88/443369

2. Workstation Shutdown / Logoff Policy
http://www.securityfocus.com/archive/88/443340

3. Local Security Policy screen can't retrieve sec policy information
http://www.securityfocus.com/archive/88/443100

4. Impact of removing administrative rights in an enterprise running XP
http://www.securityfocus.com/archive/88/441275

IV.  UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to [EMAIL PROTECTED] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email [EMAIL PROTECTED] and ask to be manually removed. 

V.   SPONSOR INFORMATION
------------------------
Are Your IIS Web Servers Under Attack?
Monitor IIS activity and block all unwanted traffic. ThreatSentry Host IPS + Application Firewall protects IIS against new and progressive attack techniques and delivers affordable defense-in-depth. $399 per server. Free 30-day trial. 

http://newsletter.industrybrains.com/c?fe;3;53120;4d8;250;1e60;da4



---------------------------------------------------------------------------
---------------------------------------------------------------------------

Reply via email to