[VulnWatch] 3 new Microsoft security bulletins

From: Chris Wysopal (weld_at_vulnwatch.org)
Date: 01/13/04

  • Next message: Peter Winter-Smith: "[VulnWatch] RapidCache Multiple Vulnerabilities"
    Date: Tue, 13 Jan 2004 18:58:11 +0000 (GMT)
    To: vulnwatch@vulnwatch.org
    
    

    Critical:

    Vulnerability in Microsoft Internet Security and Acceleration Server 2000
    H.323 Filter Could Allow Remote Code Execution (816458)
    http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS04-001.asp

    Important:

    Buffer Overrun in MDAC Function Could Allow Code Execution (832483)
    http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS04-003.asp

    Moderate:

    Vulnerability in Exchange Server 2003 Could Lead to Privilege Escalation
    (832759)
    http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS04-002.asp


  • Next message: Peter Winter-Smith: "[VulnWatch] RapidCache Multiple Vulnerabilities"

    Relevant Pages

    • [UNIX] XPDF Multiple Buffer Overflow Vulnerabilities (JPXStream.cc, Stream.cc)
      ... resulting in code execution is theoretical and dependent on the process ... DCTStream::Baseline Heap Overflow Vulnerability: ... The vulnerability specifically exists due to insufficient input validation ... data from within the PDF file. ...
      (Securiteam)
    • SecurityFocus Microsoft Newsletter #238
      ... It won't affect you unless you run Linux, OSX, some BSDs, or Windows... ... Mozilla Suite And Firefox Favicon Link Tag Remote Script Cod... ... MPlayer MMST Stream ID Remote Buffer Overflow Vulnerability ... A remote script code execution vulnerability affects Mozilla Suite and Mozilla Firefox. ...
      (Focus-Microsoft)
    • BlueMe Bluetooth v5.0 iOS - Code Execution Vulnerability
      ... BlueMe Bluetooth v5.0 iOS - Code Execution Vulnerability ... The Vulnerability Laboratory Research Team discovered a remote code execution vulnerability in the official HyTech Professionals BlueMe v5.0 iOS mobile bluetooth application. ...
      (Bugtraq)
    • Bluetooth Text Chat v1.0 iOS - Code Execution Vulnerability
      ... Bluetooth Text Chat v1.0 iOS - Code Execution Vulnerability ... BlueTooth Text Chat is a simple way to chat with near by users. ... The vulnerability laboratory research team discovered a remote code execution web vulnerability in the official Bluetooth Text Chat v1.0 iOS mobile application. ...
      (Bugtraq)
    • FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability
      ... FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability ... The Vulnerability Laboratory discovered a code execution web vulnerability in the official Gummy Bear Studios FTP Drive + HTTP Server v1.0.4 iOS mobile web-application. ... vulnerability is estimated as critical with a cvss (common vulnerability scoring system) count of 9.0|9.1. ...
      (Bugtraq)