MS03-019: DoS or Code of Choice

From: Joe Blatz (sd_wireless_at_YAHOO.COM)
Date: 05/28/03

  • Next message: scheidell_at_SECNAP.NET: "SECNAP Security Advisory: Invalid HTML processing in GoldMine(tm)"
    Date:         Wed, 28 May 2003 14:45:16 -0700
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    The bulletin mailed by MS says:

    "Title: Flaw in ISAPI Extension for Windows Media
    Services Could Cause Denial of Service (817772)"

    and

    "Impact: Allow an attacker to execute code of their
    choice"

    The bulletin at
    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-019.asp
    (wraped URL) indicates it's a DoS only.

    Looks like a mistake in the emailed bulletin?

    __________________________________
    Do you Yahoo!?
    Yahoo! Calendar - Free online calendar with sync to Outlook(TM).
    http://calendar.yahoo.com

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Delivery co-sponsored by TruSecure
    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    FREE 14-DAY TRIAL of New Threat & Vulnerability Notification Service

    TruSecure's new IntelliShield(tm) web-based threat and vulnerability
    service isn't your typical alert service. Supported by TruSecure's vast
    intelligence resources - including the ICSA Labs - IntelliShield's early
    warning, analysis, decision support, and threat management tools provide
    organizations with unmatched intelligence to better protect critical
    information assets. Experience it for yourself - just click below to begin
    your FREE, NO OBLIGATION 14-day trial today!

    http://www.trusecure.com/offer/s0074/

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo


  • Next message: scheidell_at_SECNAP.NET: "SECNAP Security Advisory: Invalid HTML processing in GoldMine(tm)"