SecurityFocus Microsoft Newsletter #394

Tue, 13 May 2008 15:24:15 -0700 

SecurityFocus Microsoft Newsletter #394

----------------------------------------

This issue is sponsored by Industry Brains

FREE SECURITY AUDIT RESOURCES
Take a Risk Assessment, get White Papers on the Latest Threats, listen to 
Malware Expert Webcasts.
http://newsletter.industrybrains.com/c?fe;1;766c3;210a3;4cc;0;da4


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying 
topics of interest for our community. We are proud to offer content from 
Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I.   FRONT AND CENTER
      1. Click Crime
      2. Just Who's Being Exploited?
II.  MICROSOFT VULNERABILITY SUMMARY
      1. Jenkins Software RakNet Autopatcher Multiple Unspecified SQL Injection 
Vulnerabilities
      2. Microsoft Windows Intelligent Input/Output (I2O) Multiple Local 
Privilege Escalation Vulnerabilities
      3. Microsoft Publisher Memory Object Handler Data Remote Code Execution 
Vulnerability
      4. Microsoft Windows CE JPEG And GIF Processing Multiple Arbitrary Code 
Execution Vulnerabilities
      5. Zarafa Multiple Remote Vulnerabilities
      6. Microsoft Outlook Web Access 'no-store' HTTP Directive Information 
Disclosure Weakness
      7. Microsoft Internet Explorer 'DisableCachingOfSSLPages' Security 
Weakness
      8. Apache HTTP Server 403 Error Cross-Site Scripting Vulnerability
      9. Microsoft May 2008 Advance Notification Multiple Vulnerabilities
      10. Microsoft Word CSS Handling Memory Corruption Remote Code Execution 
Vulnerability
      11. Microsoft Word RTF Malformed String Handling Memory Corruption Remote 
Code Execution Vulnerability
      12. Microsoft Malware Protection Engine Disk Space Exhaustion Remote 
Denial Of Service Vulnerability
      13. Microsoft Malware Protection Engine File Processing Remote Denial Of 
Service Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
      1. XP Hardening
      2. SecurityFocus Microsoft Newsletter #393
      3. Binding Windows Services to Specific Addresses Only
IV.  UNSUBSCRIBE INSTRUCTIONS
V.   SPONSOR INFORMATION

I.   FRONT AND CENTER
---------------------
1. Click Crime
By Mark Rasch
It has long been a crime not only to commit an illegal act, but also to attempt -- or conspire with others -- to commit one. http://www.securityfocus.com/columnists/471 

2.Just Who's Being Exploited?
By Jamie Reid
Last month's revelation that Tipping Point paid out a prize of $10,000 and a 
new laptop (MSRP: about $2000) at the CanSecWest conference, for the privilege 
of being the exclusive licensor of a heretofore unpublished vulnerability in 
Apple's Safari web browser to researcher, Charles Miller of Independent 
Security Evaluators, may lend some credence to this adage.
http://www.securityfocus.com/columnists/470


II.  MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Jenkins Software RakNet Autopatcher Multiple Unspecified SQL Injection 
Vulnerabilities
BugTraq ID: 29178
Remote: Yes
Date Published: 2008-05-12
Relevant URL: http://www.securityfocus.com/bid/29178
Summary:
RakNet Autopatcher is prone to multiple SQL-injection vulnerabilities because 
it fails to sufficiently sanitize user-supplied data before using it in SQL 
queries.

Exploiting these issues could allow an attacker to compromise the application, 
access or modify data, or exploit latent vulnerabilities in the underlying 
database.

Versions prior to RakNet 3.23 are vulnerable.

2. Microsoft Windows Intelligent Input/Output (I2O) Multiple Local Privilege 
Escalation Vulnerabilities
BugTraq ID: 29171
Remote: No
Date Published: 2008-05-12
Relevant URL: http://www.securityfocus.com/bid/29171
Summary:
Microsoft Windows is prone to multiple local privilege-escalation vulnerabilities. 
An attacker can exploit these issues to execute arbitrary code with 
kernel-level privileges. Successfully exploiting these issues will completely 
compromise affected computers.

These issues affect Windows XP prior to SP3.

3. Microsoft Publisher Memory Object Handler Data Remote Code Execution 
Vulnerability
BugTraq ID: 29158
Remote: Yes
Date Published: 2008-05-13
Relevant URL: http://www.securityfocus.com/bid/29158
Summary:
Microsoft Publisher is prone to a remote code-execution vulnerability.
An attacker could exploit this issue by enticing a victim to open a malicious Publisher file. 
Successfully exploiting this issue would allow the attacker to execute 
arbitrary code in the context of the currently logged-in user.

4. Microsoft Windows CE JPEG And GIF Processing Multiple Arbitrary Code 
Execution Vulnerabilities
BugTraq ID: 29147
Remote: Yes
Date Published: 2008-05-09
Relevant URL: http://www.securityfocus.com/bid/29147
Summary:
Microsoft Windows CE is prone to multiple vulnerabilities that allow attackers 
to execute arbitrary code. The issues stem from unspecified errors.

An attacker can exploit these issues to execute arbitrary code within the 
context of the affected components. Failed exploit attempts will likely result 
in denial-of-service conditions.

5. Zarafa Multiple Remote Vulnerabilities
BugTraq ID: 29122
Remote: Yes
Date Published: 2008-05-09
Relevant URL: http://www.securityfocus.com/bid/29122
Summary:
Zarafa is prone to multiple remote HTML-injection vulnerabilities and 
denial-of-service vulnerabilities.

An attacker can exploit these issues to crash the affected application, execute 
arbitrary HTML and script code within the context of the affected website, 
potentially steal cookie-based authentication credentials, or control how the 
site is rendered to the user; other attacks are also possible.

These issues affect versions prior to Zarafa Script 6.02.

6. Microsoft Outlook Web Access 'no-store' HTTP Directive Information 
Disclosure Weakness
BugTraq ID: 29121
Remote: No
Date Published: 2008-05-09
Relevant URL: http://www.securityfocus.com/bid/29121
Summary:
Microsoft Outlook Web Access is prone to a weakness that may allow sensitive 
information to be unintentionally stored on the local computer.

To exploit this issue, an attacker would need to exploit another vulnerability. 
Specifically, the attacker would need to be able to read the victim's cache.

7. Microsoft Internet Explorer 'DisableCachingOfSSLPages' Security Weakness
BugTraq ID: 29120
Remote: No
Date Published: 2008-05-09
Relevant URL: http://www.securityfocus.com/bid/29120
Summary:
Microsoft Internet Explorer is prone to a weakness that may allow attackers to 
extract potentially sensitive information.

Attackers with local access to a computer may exploit this issue to obtain 
potentially sensitive information from cached SSL-enabled web pages. 
Information obtained may aid in further attacks.

This issue affects Internet Explorer 7.

8. Apache HTTP Server 403 Error Cross-Site Scripting Vulnerability
BugTraq ID: 29112
Remote: Yes
Date Published: 2008-05-08
Relevant URL: http://www.securityfocus.com/bid/29112
Summary:
Apache HTTP server is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. 
An attacker may leverage this issue to execute arbitrary script code in the 
browser of an unsuspecting user in the context of the affected site. This may 
let the attacker steal cookie-based authentication credentials and launch other 
attacks.
UPDATE: Additional reports indicate that the default error page has the Content-Type set, rendering it not vulnerable. 
NOTE: Reportedly, Microsoft Internet Explorer fails to properly follow RFC-2616 
and uses content-sniffing to interpret UTF-7 data received in HTTP responses. 
After further analysis, we may rewrite this BID to be Internet 
Explorer-specific.

9. Microsoft May 2008 Advance Notification Multiple Vulnerabilities
BugTraq ID: 29108
Remote: Yes
Date Published: 2008-05-08
Relevant URL: http://www.securityfocus.com/bid/29108
Summary:
Microsoft has released advance notification that the vendor will be releasing 
four security bulletins on May 13, 2008. The highest severity rating for these 
issues is 'Critical'.

Successfully exploiting these issues may allow remote or local attackers to 
compromise affected computers.

Individual records will be created to document these vulnerabilities when the 
bulletins are released.

10. Microsoft Word CSS Handling Memory Corruption Remote Code Execution 
Vulnerability
BugTraq ID: 29105
Remote: Yes
Date Published: 2008-05-13
Relevant URL: http://www.securityfocus.com/bid/29105
Summary:
Microsoft Word is prone to a remote code-execution vulnerability.
An attacker could exploit this issue by enticing a victim to open a malicious Word file. 
Successfully exploiting this issue would allow the attacker to execute 
arbitrary code in the context of the currently logged-in user.

11. Microsoft Word RTF Malformed String Handling Memory Corruption Remote Code 
Execution Vulnerability
BugTraq ID: 29104
Remote: Yes
Date Published: 2008-05-13
Relevant URL: http://www.securityfocus.com/bid/29104
Summary:
Microsoft Word is prone to a remote code-execution vulnerability.
An attacker could exploit this issue by enticing a victim to open a malicious RTF file. 
Successfully exploiting this issue would allow the attacker to execute 
arbitrary code in the context of the currently logged-in user.

12. Microsoft Malware Protection Engine Disk Space Exhaustion Remote Denial Of 
Service Vulnerability
BugTraq ID: 29073
Remote: Yes
Date Published: 2008-05-13
Relevant URL: http://www.securityfocus.com/bid/29073
Summary:
Microsoft Malware Protection Engine is prone to a remote denial-of-service 
vulnerability because it fails to properly validate certain data structures 
when parsing specially crafted files.

Attackers can exploit this issue to cause an affected computer to stop 
responding or to restart. Successful attacks will deny service to legitimate 
users.

13. Microsoft Malware Protection Engine File Processing Remote Denial Of 
Service Vulnerability
BugTraq ID: 29060
Remote: Yes
Date Published: 2008-05-13
Relevant URL: http://www.securityfocus.com/bid/29060
Summary:
Microsoft Malware Protection Engine is prone to a remote denial-of-service 
vulnerability because it fails to properly validate user-supplied input when 
parsing specially crafted files.

Attackers can exploit this issue to cause an affected computer to stop 
responding or to restart. Successful attacks will deny service to legitimate 
users.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. XP Hardening
http://www.securityfocus.com/archive/88/492001

2. SecurityFocus Microsoft Newsletter #393
http://www.securityfocus.com/archive/88/491763

3. Binding Windows Services to Specific Addresses Only
http://www.securityfocus.com/archive/88/491595

IV.  UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to [EMAIL PROTECTED] from the subscribed 
address. The contents of the subject or message body do not matter. You will 
receive a confirmation request message to which you will have to answer. 
Alternatively you can also visit http://www.securityfocus.com/newsletters and 
unsubscribe via the website.

If your email address has changed email [EMAIL PROTECTED] and ask to be 
manually removed.

V.   SPONSOR INFORMATION
------------------------
This issue is sponsored by Industry Brains

FREE SECURITY AUDIT RESOURCES
Take a Risk Assessment, get White Papers on the Latest Threats, listen to 
Malware Expert Webcasts.
http://newsletter.industrybrains.com/c?fe;1;766c3;210a3;4cc;0;da4

Reply via email to