MinorRev: Microsoft Security Bulletin MS03-051 - Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution (813360)
From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 11/14/03
- Previous message: Russ: "MinorRev: Microsoft Security Bulletin MS03-048 - Cumulative Security Update for Internet Explorer (824145)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 14 Nov 2003 11:43:53 -0500 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Reason for Revision:
V1.1 November 12, 2003: Updated information on what actions an attacker
could take if they were to successfully exploit this vulnerability.
Microsoft Security Bulletin MS03-051:
Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code
Execution (813360)
Bulletin URL:
http://www.microsoft.com/technet/security/bulletin/MS03-051.asp
Summary:
Version Number: V1.1
Revision Date: 11-12-2003
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Patch(es) Replaced: This update replaces the security updates contained
in the following bulletins: MS01-035 and MS02-053.
Caveats: None
CVE Number(s): CAN-2003-0822,CAN-2003-0824
Tested Software:
Affected Software:
* Microsoft Windows 2000 Service Pack 2, Service Pack 3
* Microsoft Windows XP, Microsoft Windows XP Service Pack 1
* Microsoft Office XP, Microsoft Office XP Service Release 1
Affected Components:
* Microsoft FrontPage Server Extensions 2000
<http://www.ntbugtraq.com/link/C84C3D10-A821-4819-BF58-D3BC70A77BFA.asp>
* Microsoft FrontPage Server Extensions 2000 (Shipped with Windows
2000)
<http://www.ntbugtraq.com/link/057D5F0E-0E2B-47D2-9F0F-3B15DD8622A2.asp>
* Microsoft FrontPage Server Extensions 2000 (Shipped with Windows XP)
<http://www.ntbugtraq.com/link/9B302532-BFAB-489B-82DC-ED1E49A16E1C.asp>
* Microsoft FrontPage Server Extensions 2002
<http://www.ntbugtraq.com/link/3E8A21D9-708E-4E69-8299-86C49321EE25.asp>
* Microsoft SharePoint Team Services 2002 (shipped with Office XP)
<http://www.ntbugtraq.com/link/5923FC2F-D786-4E32-8F15-36A1C9E0A340.asp>
Software Not Affected:
* Microsoft Windows Millennium Edition
* Microsoft Windows NT Workstation 4.0, Service Pack 6a
* Microsoft Windows NT Server 4.0, Service Pack 6a
* Microsoft Windows NT Server 4.0, Terminal Server Edition, Service
Pack 6
* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP 64-Bit Edition Version 2003
* Microsoft Windows Server 2003 (Windows SharePoint Services)
* Microsoft Windows Server 2003 64-Bit Edition (Windows SharePoint
Services)
* Microsoft Office System 2003
This email is sent to NTBugtraq automagically as a service to my
subscribers. (v2.2)
Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor
-----
Marcus Ranum's new book "The Myth of Homeland Security" is now out and
is available from http://www.amazon.com/ranum In this hard-hitting
review of the homeland security business, Ranum shows us how the problem
is vastly harder than it's being made to sound, and how special
interests, *** covering, and bureaucracy are threatening to derail any
chance of making progress.
-----
- Previous message: Russ: "MinorRev: Microsoft Security Bulletin MS03-048 - Cumulative Security Update for Internet Explorer (824145)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
