Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trend Micro HouseCall 6.5 Scan


  • Please log in to reply

#1
DudeMan270

DudeMan270

    Member

  • Member
  • PipPip
  • 11 posts
I was following the malware guide but when I scanned with TM I was not able to fix any of the vulnerabilities. Here is a copied and pasted list.

Detected vulnerabilities

11 February 2002 Cumulative Patch for Internet Explorer

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability allows a remote attacker to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concaten...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Malware exploiting this vulnerability: unknown
This vulnerability allows a remote attacker to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated when buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 is triggered.;A remote attacker could read arbitrary files via malformed requests to the GetObject function because Internet Explorer 5.01, 5.5 and 6.0 bypass some of GetObject\'s security checks.;File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows the modification of the displayed name of the file through Content-Disposition and Content-Type HTML header fields, which could allow an attacker to trick a user into believing that a file is safe to download.;Because Internet Explorer 5.01, 5.5 and 6.0 does not properly handle the Content-Type HTML header field, a remote attacker is allowed to modify which application is used to process a document.;Internet Explorer 5.5 and 6.0 bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made, which could allow a remote attacker to compromise user system through the said vulnerability.;Internet Explorer 5.5 and 6.0 allows the reading of certain files and spoofing of the URL in the address bar through the Document.open function, which could allow a remote attacker to compromise user system through the said vulnerability.;This vulnerability allows a remote attacker to read arbitrary files by specifying a local file as an XML Data Source. This is caused by the XMLHTTP control found in Microsoft XML Core Services 2.6 and later not properly handling Internet Explorer Security Zone settings.
More information about this vulnerability and its elimination.

28 March 2002 Cumulative Patch for Internet Explorer

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability enables a remote attacker to run scripts in the Local Computer zone. This is done via a script that is embedded in a cookie that would be sav...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Malware exploiting this vulnerability: unknown
This vulnerability enables a remote attacker to run scripts in the Local Computer zone. This is done via a script that is embedded in a cookie that would be saved to the user?s system.;This vulnerability enables a remote attacker to invoke an executable on the user?s system via an HTML web page that includes an object tag.
More information about this vulnerability and its elimination.

Unchecked Buffer in Windows Shell Could Enable System Compromise

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability enables a remote attacker to execute arbitrary code by creating an .MP3 or .WMA file that contains a corrupt custom attribute. This is caused by...
More information about this vulnerability and its elimination.
Affected programs and services: Windows XP Home Edition
Windows XP Professional
Windows XP Tablet PC Edition
Windows XP Media Center Edition
Malware exploiting this vulnerability: unknown
This vulnerability enables a remote attacker to execute arbitrary code by creating an .MP3 or .WMA file that contains a corrupt custom attribute. This is caused by a buffer overflow in the Windows Shell function in Microsoft Windows XP.
More information about this vulnerability and its elimination.

Unchecked Buffer in Locator Service Could Lead to Code Execution

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability enables local users to execute arbitrary code through an RPC call. This is caused by a buffer overflow in the RPC Locator service for Wi...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT 4.0
Microsoft Windows NT 4.0
Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Malware exploiting this vulnerability: unknown
This vulnerability enables local users to execute arbitrary code through an RPC call. This is caused by a buffer overflow in the RPC Locator service for Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP.
More information about this vulnerability and its elimination.

Unchecked Buffer In Windows Component Could Cause Server Compromise

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability enables a remote attacker to execute arbitrary code through a WebDAV request to IIS 5.0. This is caused by a buffer overflow in NT...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT 4.0
Microsoft Windows NT 4.0
Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Malware exploiting this vulnerability: unknown
This vulnerability enables a remote attacker to execute arbitrary code through a WebDAV request to IIS 5.0. This is caused by a buffer overflow in NTDLL.DLL on Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP.
More information about this vulnerability and its elimination.

Buffer Overrun In RPC Interface Could Allow Code Execution

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability enables a remote attacker to execute arbitrary code through a malformed message. This is caused by a buffer overflow in certain DCOM inter...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT 4.0
Microsoft Windows NT 4.0 Terminal Services Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Malware exploiting this vulnerability: unknown
This vulnerability enables a remote attacker to execute arbitrary code through a malformed message. This is caused by a buffer overflow in certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003.
More information about this vulnerability and its elimination.

Buffer Overrun In RPCSS Service Could Allow Code Execution

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability could allow a remote attacker to execute arbitrary code via a malformed RPC request with a long filename parameter. This is caused by a heap-bas...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0
Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Malware exploiting this vulnerability: unknown
This vulnerability could allow a remote attacker to execute arbitrary code via a malformed RPC request with a long filename parameter. This is caused by a heap-based buffer overflow found in the Distributed Component Object Model (DCOM) interface in the RPCSS Service.;This vulnerability could allow a remote attacker to cause a denial of service attack, which could allow local attackers to gain privileges via certain messages sent to the __RemoteGetClassObject interface.;This vulnerability could allow a remote attacker to execute arbitrary code via a malformed activation request packet with modified length fields. This is caused by a heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service.;This vulnerability could allow a remote attacker to cause a denial of service attack. This is caused by two threads processing the same RPC request, which will lead to its using memory after it has been freed.;This vulnerability could allow a remote attacker to cause a denial of service attack via a queue registration request. This is caused by a buffer overflow in the Microsoft Message Queue Manager.
More information about this vulnerability and its elimination.

Cumulative Patch for Internet Explorer (828750)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
These vulnerabilities, which are due to Internet Explorer not properly determining an object type returned from a Web server in a popup window or during XML data binding...
More information about this vulnerability and its elimination.
Affected programs and services: Internet Explorer 5.01
Internet Explorer 5.5
Internet Explorer 6.0
Internet Explorer 6.0 for Windows Server 2003
Malware exploiting this vulnerability: unknown
These vulnerabilities, which are due to Internet Explorer not properly determining an object type returned from a Web server in a popup window or during XML data binding, respectively, could allow an attacker to run arbitrary code on a user\'s system.
More information about this vulnerability and its elimination.

Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability allows a remote attacker to execute arbitrary code without user approval. This is caused by the authenticode capability in Microsoft Windows NT through Se...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT Workstation 4.0
Service Pack 6a
Microsoft Windows NT Server 4.0
Service Pack 6a
Microsoft Windows NT Server 4.0
Terminal Server Edition
Service Pack 6
Microsoft Windows 2000
Service Pack 2
Microsoft Windows 2000
Service Pack 3
Service Pack 4
Microsoft Windows XP Gold
Service Pack 1
Microsoft Windows XP 64-bit Edition
Microsoft Windows XP 64-bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-bit Edition
Malware exploiting this vulnerability: unknown
This vulnerability allows a remote attacker to execute arbitrary code without user approval. This is caused by the authenticode capability in Microsoft Windows NT through Server 2003 not prompting the user to download and install ActiveX controls when system is low on memory.
More information about this vulnerability and its elimination.

Buffer Overrun in Messenger Service Could Allow Code Execution (828035)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability allows a remote attacker to execute arbitrary code on the affected system. This is caused of a buffer overflow in the Messenger Service f...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT Workstation 4.0
Service Pack 6a
Microsoft Windows NT Server 4.0
Service Pack 6a
Microsoft Windows NT Server 4.0
Terminal Server Edition
Service Pack 6
Microsoft Windows 2000
Service Pack 2
Service Pack 3
Service Pack 4
Microsoft Windows XP Gold
Service Pack 1
Microsoft Windows XP 64-bit Edition
Microsoft Windows XP 64-bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-bit Edition
Malware exploiting this vulnerability: unknown
This vulnerability allows a remote attacker to execute arbitrary code on the affected system. This is caused of a buffer overflow in the Messenger Service for Windows NT through Server 2003.
More information about this vulnerability and its elimination.

Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability is due to a buffer overrun in the ListBox and ComboBox controls found in User32.dll. Any program that implements the ListBox control or the ComboBox control...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT Workstation 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Service Pack 2
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Gold
Service Pack 1
Microsoft Windows XP 64 bit Edition
Microsoft Windows XP 64 bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64 bit Edition
Malware exploiting this vulnerability: unknown
This vulnerability is due to a buffer overrun in the ListBox and ComboBox controls found in User32.dll. Any program that implements the ListBox control or the ComboBox control could allow arbitrary code to be executed at the same privilege level. This vulnerability cannot be exploited remotely.
More information about this vulnerability and its elimination.

Cumulative Security Update for Internet Explorer (832894)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability could allow an attacker to access information from other Web sites, access files on a user\'s system, and run arbitrary code on a user\'s system, wherein thi...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT Workstation 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition
Service Pack 6
Microsoft Windows 2000 Service Pack 2
Service Pack 3
Service Pack 4
Microsoft Windows XP
Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003
64-Bit Edition
Internet Explorer 6 Service Pack 1
Internet Explorer 6 Service Pack 1 (64-Bit Edition)
Internet Explorer 6 for Windows Server 2003
Internet Explorer 6 for Windows Server 2003 (64-Bit Edition)
Internet Explorer 6
Internet Explorer 5.5 Service Pack 2
Internet Explorer 5.01 Service Pack 4
Internet Explorer 5.01 Service Pack 3
Internet Explorer 5.01 Service Pack 2
Malware exploiting this vulnerability: unknown
This vulnerability could allow an attacker to access information from other Web sites, access files on a user\'s system, and run arbitrary code on a user\'s system, wherein this is executed under the security context of the currently logged on user.;This vulnerability could allow an attacker to save a file on the user?s system. This is due to dynamic HTML events related to the drag-and-drop of Internet Explorer.;This vulnerability, which is due to the incorrect parsing of URLs which contain special characters, could allow an attacker to trick a user by presenting one URL in the address bar, wherein it actually contains the content of another web site of the attacker?s choice.
More information about this vulnerability and its elimination.

MS04-011

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
More information about this vulnerability and its elimination.
Affected programs and services: unknown
Malware exploiting this vulnerability: unknown
More information about this vulnerability and its elimination.

MS04-012

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
More information about this vulnerability and its elimination.
Affected programs and services: unknown
Malware exploiting this vulnerability: unknown
More information about this vulnerability and its elimination.

Vulnerability in Help and Support Center Could Allow Remote Code Execution

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability exists in the Help and Support Center (HCP) and is due to the way it handles HCP URL validation. This vulnerability could allow an attacke...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows XP
Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Malware exploiting this vulnerability: unknown
This vulnerability exists in the Help and Support Center (HCP) and is due to the way it handles HCP URL validation. This vulnerability could allow an attacker to remotely execute arbitrary code with Local System privileges.
More information about this vulnerability and its elimination.

Vulnerability in Task Scheduler Could Allow Code Execution

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability lies in an unchecked buffer within the Task Scheduler component. When exploited, it allows the attacker to execute arbitrary code on the affected mach...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 2
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP
Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Internet Explorer 6 when installed on Windows NT 4.0 SP6a
Malware exploiting this vulnerability: unknown
This vulnerability lies in an unchecked buffer within the Task Scheduler component. When exploited, it allows the attacker to execute arbitrary code on the affected machine with the same privileges as the currently logged on user.
More information about this vulnerability and its elimination.

Vulnerability in HTML Help Could Allow Code Execution

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
An attacker who successfully exploits this vulnerability could gain the same privileges as that of the currently logged on user. If the user is logged in with administrative privileges, the at...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT Workstation 4.0
Service Pack 6a
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Service Pack 2
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP and Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Microsoft Windows 98
Microsoft Windows 98 Second Edition (SE)
Microsoft Windows Millennium Edition (ME)
Malware exploiting this vulnerability: unknown
An attacker who successfully exploits this vulnerability could gain the same privileges as that of the currently logged on user. If the user is logged in with administrative privileges, the attacker could take complete control of the system. User accounts with fewer privileges are at less risk than users with administrative privileges.
More information about this vulnerability and its elimination.

Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability lies in the way the affected components process JPEG image files. An unchecked buffer within this process is the cause of the vulnera...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows XP and Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Microsoft Project 2002 (All Versions)
Microsoft Project 2003 (All Versions)
Microsoft Visio 2002 (All Versions)
Microsoft Visio 2003 (All Versions)
Microsoft Office XP Service Pack 3
Microsoft Office System 2003
Visual Basic .NET Standard 2002
Visual C# .NET Standard 2002
Visual C++ .NET Standard 2002
Visual Basic .NET Standard 2003
Visual C# .NET Standard 2003
Visual C++ .NET Standard 2003
Visual J# .NET Standard 2003
Visual Studio .NET 2002
Visual Studio .NET 2003
Microsoft .NET Framework
Version 1.0 SDK
Microsoft Picture It! 2002 (All Versions)
Microsoft Greetings 2002
Microsoft Picture It! version 7.0 (All Versions)
Microsoft Digital Image Pro version 7.0
Microsoft Picture It! version 9 (All Versions
including Picture It! Library)
Digital Image Pro version 9
Digital Image Suite version 9
Microsoft Producer for Microsoft Office PowerPoint (All Versions)
Platform SDK Redistributable: GDI+
Malware exploiting this vulnerability: unknown
This vulnerability lies in the way the affected components process JPEG image files. An unchecked buffer within this process is the cause of the vulnerability.;This remote code execution vulnerability could allow a malicious user or a malware to take complete control of the affected system if the affected user is currently logged on with administrative privileges. The malicious user or malware can execute arbitrary code on the system giving them the ability to install or run programs and view or edit data with full privileges. Thus, this vulnerability can conceivably be used by a malware for replication purposes.
More information about this vulnerability and its elimination.

Vulnerability in NetDDE Could Allow Remote Code Execution (841533)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
An unchecked buffer exists in the NetDDE services that could allow remote code execution. An attacker who is able to successfully exploit this vulnerability is capable of gaining complete control over an affected syste...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP and Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Microsoft Windows 98
Microsoft Windows 98 Second Edition (SE)
and Microsoft Windows Millennium Edition (ME)
Malware exploiting this vulnerability: unknown
An unchecked buffer exists in the NetDDE services that could allow remote code execution. An attacker who is able to successfully exploit this vulnerability is capable of gaining complete control over an affected system. However, the NetDDe services are not automatically executed, and so would then have to be manually started for an attacker to exploit this vulnerability. This vulnerability also allows attackers to perform a local elevation of privilege, or a remote denial of service (DoS) attack.
More information about this vulnerability and its elimination.

Security Update for Microsoft Windows (840987)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This cumulative release from Microsoft covers four newly discovered vulnerabilities: Windows Management Vulnerability, Virtual DOS Machine Vulnerability...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP and Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Microsoft Windows 98
Microsoft Windows 98 Second Edition (SE)
and Microsoft Windows Millennium Edition (ME)
Malware exploiting this vulnerability: unknown
This cumulative release from Microsoft covers four newly discovered vulnerabilities: Windows Management Vulnerability, Virtual DOS Machine Vulnerability, Graphics Rendering Engine Vulnerability, and Windows Kernel Vulnerability.
More information about this vulnerability and its elimination.

Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This is another privately reported vulnerability about Windows Compressed Folders. There is vulnerability on the way that Windows processes Compressed (Zipped) Folders that could lead to remote code ex...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows XP and Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Malware exploiting this vulnerability: unknown
This is another privately reported vulnerability about Windows Compressed Folders. There is vulnerability on the way that Windows processes Compressed (Zipped) Folders that could lead to remote code execution. Windows can not properly handle the extraction of the ZIP folder with a very long file name. Opening a specially crafted compressed file, a stack-based overflow occurs, enabling the remote user to execute arbitrary code.
More information about this vulnerability and its elimination.

Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This security bulletin focuses on the following vulnerabilities: Shell Vulnerability (CAN-2004-0214), and Program Group Converter Vulnerability (CAN-2004-0572). Shell vulnerability exists on the way Windows Shell launches applications that could ena...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP and Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Microsoft Windows 98
Microsoft Windows 98 Second Edition (SE)
and Microsoft Windows Millennium Edition (ME)
Malware exploiting this vulnerability: unknown
This security bulletin focuses on the following vulnerabilities: Shell Vulnerability (CAN-2004-0214), and Program Group Converter Vulnerability (CAN-2004-0572). Shell vulnerability exists on the way Windows Shell launches applications that could enable remote malicious user or malware to execute arbitrary code. Windows Shell function does not properly check the length of the message before copying to the allocated buffer. Program Group Converter is an application used to convert Program Manager Group files that were produced in Windows 3.1, Windows 3.11, Windows for Workgroups 3.1, and Windows for Workgroups 3.11 so that they can still be used by later operating systems. The vulnerability lies in an unchecked buffer within the Group Converter Utility.
More information about this vulnerability and its elimination.

Vulnerability in HyperTerminal Could Allow Code Execution (873339)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
A remote code execution vulnerability exists in HyperTerminal because of a buffer overrun. If a user is logged on with administrator privileges, an attacker could exploit the vulnerability by constructing a malicious HyperTermi...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Malware exploiting this vulnerability: unknown
A remote code execution vulnerability exists in HyperTerminal because of a buffer overrun. If a user is logged on with administrator privileges, an attacker could exploit the vulnerability by constructing a malicious HyperTerminal session file that could potentially allow remote code execution and then persuade a user to open this file. This malicious file may enable the attacker to gain complete control of the affected system. This vulnerability could also be exploited through a malicious Telnet URL if HyperTerminal had been set as the default Telnet client.
More information about this vulnerability and its elimination.

Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This security update addresses and resolves two windows vulnerabilites, both of which may enable the current user to take control of the affected system. Both of these vulnerabilites require that the curernt user be able to log on locally and execute progra...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Malware exploiting this vulnerability: unknown
This security update addresses and resolves two windows vulnerabilites, both of which may enable the current user to take control of the affected system. Both of these vulnerabilites require that the curernt user be able to log on locally and execute programs. They cannot be exploited remotely, or by anonymous users. A privilege elevation vulnerability exists in the way that the Windows Kernel launches applications. This vulnerability could allow the current user to take complete control of the system. A privilege elevation vulnerability exists in the way that the LSASS validates identity tokens. This vulnerability could allow the current user to take complete control of the affected system.
More information about this vulnerability and its elimination.

Vulnerability in HTML Help Could Allow Code Execution

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This update resolves a newly-discovered, publicly reported vulnerability. A vulnerability exists in the HTML Help ActiveX control in Windows that could allow info...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Malware exploiting this vulnerability: unknown
This update resolves a newly-discovered, publicly reported vulnerability. A vulnerability exists in the HTML Help ActiveX control in Windows that could allow information disclosure or remote code execution on an affected system.
More information about this vulnerability and its elimination.

Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This update resolves several newly-discovered, privately reported and public vulnerabilities. An attacker who successfully exploited the most severe of these vulnerabilities could take compl...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Microsoft Windows 98
Microsoft Windows 98 Second Edition (SE)
Microsoft Windows Millennium Edition (ME)
Malware exploiting this vulnerability: unknown
This update resolves several newly-discovered, privately reported and public vulnerabilities. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, install programs, view, change, or delete data, or create new accounts that have full privileges.
More information about this vulnerability and its elimination.

Vulnerability in the Indexing Service Could Allow Remote Code Execution

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This update resolves a newly-discovered, privately reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then ...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Malware exploiting this vulnerability: unknown
This update resolves a newly-discovered, privately reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full privileges. While remote code execution is possible, an attack would most likely result in a denial of service condition.
More information about this vulnerability and its elimination.

Vulnerability in Windows Could Allow Information Disclosure (888302)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This is an information disclosure vulnerability. An attacker who successfully exploits this vulnerability could remotely read the user names for users who have an ope...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Malware exploiting this vulnerability: unknown
This is an information disclosure vulnerability. An attacker who successfully exploits this vulnerability could remotely read the user names for users who have an open connection to an available shared resource.
More information about this vulnerability and its elimination.

Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This remote code execution vulnerability exists in the way Windows handles drag-and-drop events. An attacker could exploit the vulnerability by constructing a malicious Web page that could p...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Malware exploiting this vulnerability: unknown
This remote code execution vulnerability exists in the way Windows handles drag-and-drop events. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow an attacker to save a file on the user?s system if a user visited a malicious Web site or viewed a malicious e-mail message.
More information about this vulnerability and its elimination.

Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This remote code execution vulnerability exists in the processing of PNG image formats. An attacker who successfully exploits this vulnerability could take comp...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft MSN Messenger 6.0
Microsoft MSN Messenger 6.1
Microsoft Windows 95
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Media Player 9 Series
Microsoft Windows Messenger version 5.0
Microsoft Windows Millennium Edition
Microsoft Windows Messenger version 4.7.0.2009
Microsoft Windows Messenger version 4.7.0.3000
Malware exploiting this vulnerability: unknown
This remote code execution vulnerability exists in the processing of PNG image formats. An attacker who successfully exploits this vulnerability could take complete control of an affected system.
More information about this vulnerability and its elimination.

Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This remote code execution vulnerability exists in Server Message Block (SMB). It allows an attacker who successfully exploits this vulnerability to take com...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Malware exploiting this vulnerability: unknown
This remote code execution vulnerability exists in Server Message Block (SMB). It allows an attacker who successfully exploits this vulnerability to take complete control of the affected system.
More information about this vulnerability and its elimination.

Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This privilege elevation vulnerability exists in the way that the affected operating systems and programs access memory when they process COM structured storage files. This v...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Exchange 2000 Server Service Pack 3
Microsoft Exchange Server 2003
Microsoft Exchange Server 2003 Service Pack 1
Microsoft Exchange Server 5.0 Service Pack 2
Microsoft Exchange Server 5.5 Service Pack 4
Microsoft Office 2003
Microsoft Office 2003 Service Pack 1
Microsoft Office XP
Microsoft Office XP Service Pack 2
Microsoft Office XP Service Pack 3
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Malware exploiting this vulnerability: unknown
This privilege elevation vulnerability exists in the way that the affected operating systems and programs access memory when they process COM structured storage files. This vulnerability could grant a currently logged-on user to take complete control of the system.;This remote code execution vulnerability exists in OLE because of the way that it handles input validation. An attacker could exploit the vulnerability by constructing a malicious document that could potentially allow remote code execution.
More information about this vulnerability and its elimination.

Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
A remote code execution vulnerability exists in the Hyperlink Object Library. This problem exists because of an unchecked buffer while handling hyperlinks. An attacker could exploit the vulnera...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Malware exploiting this vulnerability: unknown
A remote code execution vulnerability exists in the Hyperlink Object Library. This problem exists because of an unchecked buffer while handling hyperlinks. An attacker could exploit the vulnerability by constructing a malicious hyperlink which could potentially lead to remote code execution if a user clicks a malicious link within a Web site or e-mail message.
More information about this vulnerability and its elimination.

Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
A remote code execution vulnerability exists in the Windows Shell because of the way that it handles application association. If a user is logged on with administrative privileges, an attacker w...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Malware exploiting this vulnerability: unknown
A remote code execution vulnerability exists in the Windows Shell because of the way that it handles application association. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of the affected system. However, user interaction is required to exploit this vulnerability.
More information about this vulnerability and its elimination.

Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This security bulletin resolves newly-discovered, privately-reported vulnerabilities affecting Windows. An attacker who successfully exploited the most severe of these vulnera...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Malware exploiting this vulnerability: unknown
This security bulletin resolves newly-discovered, privately-reported vulnerabilities affecting Windows. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
More information about this vulnerability and its elimination.

Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This security bulletin resolves newly discovered, privately-reported vulnerabilities affecting Windows. An attacker who successfully exploited the most severe of these vulnera...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Malware exploiting this vulnerability: unknown
This security bulletin resolves newly discovered, privately-reported vulnerabilities affecting Windows. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. However, an attacker who successfully exploited the most severe of these vulnerabilities would most likely cause the affected system to stop responding.
More information about this vulnerability and its elimination.

Vulnerability in HTML Help Could Allow Remote Code Execution (896358)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
HTML Help is the standard help system for the Windows platform. Authors can use it to create online Help files for a software application or content for a multimedia title or a Web site. Thi...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Malware exploiting this vulnerability: unknown
HTML Help is the standard help system for the Windows platform. Authors can use it to create online Help files for a software application or content for a multimedia title or a Web site. This vulnerability in HTML Help could allow attackers to execute arbitrary code on the affected system via a specially crafted Compiled Windows Help (CHM) file, because it does not completely validate input data.
More information about this vulnerability and its elimination.

Vulnerability in Server Message Block Could Allow Remote Code Execution (896422)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
A remote code execution vulnerability exists in the Microsoft?s implementation of the Server Message Block (SMB) protocol, which could allow an attacker to execute arbitrary codes to take complete control over a ...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Malware exploiting this vulnerability: unknown
A remote code execution vulnerability exists in the Microsoft?s implementation of the Server Message Block (SMB) protocol, which could allow an attacker to execute arbitrary codes to take complete control over a target system. This vulnerability could be exploited over the Internet. An attacker would have to transmit a specially crafted SMB packet to a target system to exploit it. However, failure to successfully exploit the vulnerability could only lead to a denial of service.
More information about this vulnerability and its elimination.

Vulnerability in Web Client Service Could Allow Remote Code Execution (896426)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
A vulnerability exists in the way that Windows processes Web Client requests, which could allow a remote attacker to execute arbitrary code and take complete con...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Malware exploiting this vulnerability: unknown
A vulnerability exists in the way that Windows processes Web Client requests, which could allow a remote attacker to execute arbitrary code and take complete control over the affected system.
More information about this vulnerability and its elimination.

Vulnerability in Microsoft Agent Could Allow Spoofing (890046)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability could enable an attacker to spoof trusted Internet content because security prompts can be disguised by a Microsoft Agent character.
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Malware exploiting this vulnerability: unknown
This vulnerability could enable an attacker to spoof trusted Internet content because security prompts can be disguised by a Microsoft Agent character.
More information about this vulnerability and its elimination.

Vulnerability in Telnet Client Could Allow Information Disclosure (896428)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability in the Microsoft Telnet client could allow an attacker to gain sensitive information about the affected system and read the session variables of use...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows Services for UNIX 2.2 on Windows 2000
Microsoft Windows Services for UNIX 3.0 on Windows 2000
Microsoft Windows Services for UNIX 3.5 on Windows 2000
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Malware exploiting this vulnerability: unknown
This vulnerability in the Microsoft Telnet client could allow an attacker to gain sensitive information about the affected system and read the session variables of users who have open connections to a malicious Telnet server.
More information about this vulnerability and its elimination.

Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
This vulnerability could allow a remote attacker to execute arbitrary codes on the affected system via a malicious image file in a Web site or email message. This vulnerabil...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows 2000 Service Pack 4
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Malware exploiting this vulnerability: unknown
This vulnerability could allow a remote attacker to execute arbitrary codes on the affected system via a malicious image file in a Web site or email message. This vulnerability exists because of the way Microsoft Color Management Module handles ICC profile format tag validation.
More information about this vulnerability and its elimination.

Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
An unchecked buffer in the Plug and Play service results in this vulnerability. Once successfully exploited, this vulnerability permits an attacker to have complete virtual control of an...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Service Pack 1
Malware exploiting this vulnerability: unknown
An unchecked buffer in the Plug and Play service results in this vulnerability. Once successfully exploited, this vulnerability permits an attacker to have complete virtual control of an affected system. This vulnerability involves a remote code execution and local elevation of privilege. It can be exploited over the Internet.
More information about this vulner
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP