MinorRev: Microsoft Security Bulletin MS03-048 - Cumulative Security Update for Internet Explorer (824145)

From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 11/14/03

  • Next message: Russ: "MinorRev: Microsoft Security Bulletin MS03-051 - Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution (813360)" 
    Date:         Fri, 14 Nov 2003 11:34:55 -0500
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    Reason for Revision:
    V1.1 November 12, 2003: Updated severity rating URL in Technical Details
    and added clarification text in Tested Versions.

    Microsoft Security Bulletin MS03-048:
    Cumulative Security Update for Internet Explorer (824145)

    Bulletin URL:
    http://www.microsoft.com/technet/security/bulletin/MS03-048.asp

    Summary:
     Version Number: V1.1
     Revision Date: 11-12-2003
     Impact of Vulnerability: Remote Code Execution
     Maximum Severity Rating: Critical
     Patch(es) Replaced: This update replaces the one that is provided in
    Microsoft Security Bulletin MS03-040, which is itself a cumulative
    update.
     Caveats: None
     CVE Number(s):
    CAN-2003-0814,CAN-2003-0815,CAN-2003-0816,CAN-2003-0817,CAN-2003-0823

    Tested Software:
     Affected Software:
     * Microsoft Windows 98
     * Microsoft Windows 98 Second Edition
     * Microsoft Windows Millennium Edition
     * Microsoft Windows NT(r) Workstation 4.0 Service Pack 6a
     * Microsoft Windows NT Server 4.0 Service Pack 6a
     * Microsoft Windows NT Server 4.0 Terminal Server Edition, Service Pack
    6
     * Microsoft Windows 2000 Service Pack 2, Service Pack 3, Service Pack 4
     * Microsoft Windows XP, Microsoft Windows XP Service Pack 1
     * Microsoft Windows XP 64-Bit Edition
     * Microsoft Windows XP 64-Bit Edition Version 2003
     * Microsoft Windows Server(r) 2003
     * Microsoft Windows Server 2003, 64-Bit Edition

     Affected Components:
     * Internet Explorer 6 Service Pack 1
    <http://www.ntbugtraq.com/link/9D8543E9-0E2B-46C9-B6C6-12DE03860465.asp>
     * Internet Explorer 6 Service Pack 1 (64-Bit Edition)
    <http://www.ntbugtraq.com/link/35F99CF5-3629-4E0E-BF60-24845D2D20C9.asp>
     * Internet Explorer 6 Service Pack 1 for Windows Server 2003
    <http://www.ntbugtraq.com/link/7D0D02DD-8940-48E0-B163-3FCDCB558F21.asp>
     * Internet Explorer 6 Service Pack 1 for Windows Server 2003 (64-Bit
    Edition)
    <http://www.ntbugtraq.com/link/8BEFA1EC-0C48-4B65-989D-58B0CE1E6F95.asp>
     * Internet Explorer 6
    <http://www.ntbugtraq.com/link/4C4D22F0-FBF7-4EA6-9CC2-27D104D4198E.asp>
     * Internet Explorer 5.5 Service Pack 2
    <http://www.ntbugtraq.com/link/E438AFD4-DF70-448C-8925-1075C8BE6C5E.asp>
     * Internet Explorer 5.01 Service Pack 4
    <http://www.ntbugtraq.com/link/C15E2DB3-14E2-43A4-A1A1-676374B66517.asp>
     * Internet Explorer 5.01 Service Pack 3
    <http://www.ntbugtraq.com/link/F4853D8F-F66C-4D8A-9979-3B4F540F90A8.asp>
     * Internet Explorer 5.01 Service Pack 2
    <http://www.ntbugtraq.com/link/221616D4-5893-4DA4-A223-B0DE548D6D83.asp>

     Software Not Affected:

    This email is sent to NTBugtraq automagically as a service to my
    subscribers. (v2.0)

    Cheers,
    Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

    -----
    Marcus Ranum's new book "The Myth of Homeland Security" is now out and
    is available from http://www.amazon.com/ranum In this hard-hitting
    review of the homeland security business, Ranum shows us how the problem
    is vastly harder than it's being made to sound, and how special
    interests, *** covering, and bureaucracy are threatening to derail any
    chance of making progress.
    -----

  • Next message: Russ: "MinorRev: Microsoft Security Bulletin MS03-051 - Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution (813360)"