[VulnWatch] 5 Windows vulnerabilities for October 2003 (4 critical, 1 important)

From: Chris Wysopal (weld_at_vulnwatch.org)
Date: 10/15/03

  • Next message: Chris Wysopal: "[VulnWatch] 2 Microsoft Exchange Server Bulletins (1 critical, 1 moderate)"
    Date: Wed, 15 Oct 2003 20:10:45 +0000 (GMT)
    To: vulnwatch@vulnwatch.org
    
    

    Microsoft has moved to a monthly bulletin schedule.

    *Critical*

    Vulnerability in Authenticode Verification Could Allow Remote Code
    Execution (823182)
    http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-041.asp

    Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code
    Execution (826232)
    http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-042.asp

    Buffer Overrun in Messenger Service Could Allow Code Execution (828035)
    http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-043.asp

    Buffer Overrun in Windows Help and Support Center Could Lead to System
    Compromise (825119)
    http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-044.asp

    *Important*

    Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code
    Execution (824141)
    http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-045.asp


  • Next message: Chris Wysopal: "[VulnWatch] 2 Microsoft Exchange Server Bulletins (1 critical, 1 moderate)"

    Relevant Pages

    • write "on the fly" into the OutputBuffer with engEvalString(...)?
      ... My goal is, that the client sends some MATLAB-commands to the server, which evaluates these commands and sends the result and/or the current status back. ... It rather looks like "engEvalString" writes all the temporary output and the result of the called function in that moment into the buffer when the execution of the function is done. ...
      (comp.soft-sys.matlab)
    • Re: Freeze and Resume execution
      ... > What I'd like it to throw an exception when the buffer is full and then ... > next time the generator is called to continue execution as after a ... Any state machine? ... have chance to modify some variables, then resume execution from the ...
      (comp.lang.python)
    • Re: AWR Sample Report
      ... PX Deq: Execute Reply ... AM time period the "PX Deq: Execution Msg" wait event is the top wait ... In previous versions this wait was classified under the "buffer busy ... being read into the buffer cache by another session. ...
      (comp.databases.oracle.server)
    • [Full-Disclosure] Fwd: [VulnWatch] 5 Windows vulnerabilities for October 2003 (4 critical, 1 importa
      ... Execution ... Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code ...
      (Full-Disclosure)
    • Re: cache invalidate in user space
      ... buffer - which makes content of the D-cache filled by that dummy ... But for future it slows down execution. ... With the PowerPC architecture you have a bunch of cache control instructions ...
      (comp.os.linux.embedded)