[Full-disclosure] -Advisory- # -Thu Mar 16 02:49:34 EST 2006- # Directory Transversal in Microsoft Word

---

• From: naverxp@xxxxxxxxxxxx
• Date: Thu, 16 Mar 2006 07:49:39 +0000 (GMT)

---

-Advisory- # -Thu Mar 16 02:49:34 EST 2006- # Directory Transversal in Microsoft Word




8========D~~~~~~~~~~~~~~~~~~~
1. Background
8========D~~~~~~~~~~~~~~~~~~~
There is no background commentary about the vulnerability.
8========D~~~~~~~~~~~~~~~~~~~
2. History
8========D~~~~~~~~~~~~~~~~~~~
23-1-2006 - Vendor Notification.
16-3-2006 - Public Disclosure.
8========D~~~~~~~~~~~~~~~~~~~
3. CVE Information
8========D~~~~~~~~~~~~~~~~~~~
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-419858 to this issue

8========D~~~~~~~~~~~~~~~~~~~
Appendix A Vendor Information
8========D~~~~~~~~~~~~~~~~~~~
http://www.microsoft.com

8========D~~~~~~~~~~~~~~~~~~~
Appendix B References
8========D~~~~~~~~~~~~~~~~~~~
RFC 5699

8========D~~~~~~~~~~~~~~~~~~~
Contact
8========D~~~~~~~~~~~~~~~~~~~
John Goh naverxp@xxxxxxxxxxxx

CISSP GSAE CEH CSFA SSP-CNSA GWAS

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

---

• Prev by Date: [Full-disclosure] [Advisory] ~ x Thu Mar 16 02:49:27 EST 2006 x ~ Local Privilege Escalation Vulnerability in Microsoft Windows 2000
• Next by Date: [Full-disclosure] -ADVISORY- $ +Thu Mar 16 02:47:23 EST 2006+ $ DoS Vulnerability in ISC INN
• Previous by thread: [Full-disclosure] [Advisory] ~ x Thu Mar 16 02:49:27 EST 2006 x ~ Local Privilege Escalation Vulnerability in Microsoft Windows 2000
• Next by thread: [Full-disclosure] -ADVISORY- $ +Thu Mar 16 02:47:23 EST 2006+ $ DoS Vulnerability in ISC INN
• Index(es):
  • Date
  • Thread

---

Relevant Pages [Full-disclosure] [ADVISORY] # =Thu Mar 16 21:01:59 EST 2006= # Heap Overflow in Ethereal ... 16/3/2006 - Public Disclosure. ... CVE INFORMATION ... The Common Vulnerabilities and Exposures project has assigned the name CVE-2006-820356 to this issue ... (Full-Disclosure) [Full-disclosure] -advisory- $ -Thu Mar 16 13:26:19 EST 2006- $ Local Privilege ... This issue had no identified background. ... WORKAROUND ... CVE INFORMATION ... The Common Vulnerabilities and Exposures project has assigned the name CVE-2006-533731 to this issue ... (Full-Disclosure) [Full-disclosure] -Advisory- % x Thu Mar 16 13:27:25 EST 2006 x % Heap Overflow in ISC D ... Workaround ... CVE Information ... The Common Vulnerabilities and Exposures project has assigned the name CVE-2006-557111 to this issue ... (Full-Disclosure) [Full-disclosure] !ADVISORY! % [Thu Mar 16 13:57:05 EST 2006] % Buffer Overflow in ISC OpenReg ... WORKAROUND ... CVE INFORMATION ... The Common Vulnerabilities and Exposures project has assigned the name CVE-2006-930780 to this issue ... (Full-Disclosure) [Full-disclosure] ADVISORY + =Thu Mar 16 21:05:06 EST 2006= + Directory Transversal in Microsoft ... WORKAROUND ... \o CVE INFORMATION ... The Common Vulnerabilities and Exposures project has assigned the name CVE-2006-531876 to this issue ... (Full-Disclosure)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > Full-Disclosure  > 2006-03