MajorRev: Microsoft Security Bulletin MS03-042 - Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code Execution (826232)

From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 10/30/03

  • Next message: Russ: "MajorRev: Microsoft Security Bulletin MS03-045 - Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)" 
    Date:         Thu, 30 Oct 2003 00:21:14 -0500
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    Reason for Revision:
    V2.0 October 29, 2003: A revised version of the security patch for
    Windows 2000 has been released to correct the issue documented by
    Knowledge Base Article 830846.

    Microsoft Security Bulletin MS03-042:
    Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow
    Code Execution (826232)

    Bulletin URL:
    http://www.microsoft.com/technet/security/bulletin/MS03-042.asp

    Summary:
      Version Number: V2.0
      Revision Date: 10-29-2003
      Impact of Vulnerability: Remote Code Execution
      Maximum Severity Rating: Critical
      Patch(es) Replaced: None
      Caveats: None
      CVE Number(s): CAN-2003-0662

    Tested Software:
      Affected Software:
      * Microsoft Windows 2000, Service Pack 2, Service Pack 3, Service Pack
    4
    <http://www.ntbugtraq.com/link/FC1FD84B-B3A4-43F5-804B-A2608EC56163.asp>

      Software Not Affected:
      * Microsoft Windows NT 4.0 <LI>Microsoft Windows NT Server 4.0,
    Terminal Server Edition <LI>Microsoft Windows Millennium Edition
    <LI>Microsoft Windows XP <LI>Microsoft Windows Server 2003

    This email is sent to NTBugtraq automatically as a service to my
    subscribers. (v2.0)

    Cheers,
    Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

    -----
    Marcus Ranum's new book "The Myth of Homeland Security" is now out and
    is available from http://www.amazon.com/ranum In this hard-hitting
    review of the homeland security business, Ranum shows us how the problem
    is vastly harder than it's being made to sound, and how special
    interests, *** covering, and bureaucracy are threatening to derail any
    chance of making progress.
    -----

  • Next message: Russ: "MajorRev: Microsoft Security Bulletin MS03-045 - Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)"