RE: Microsoft Windows Security Bulletin Summary October

From: Thor Larholm (thor_at_pivx.com)
Date: 10/16/03

Next message: Sintelli SINTRAQ: "Cross-Site Scripting Vulnerability in Wrensoft Zoom Search Engine"

Previous message: Brett Moore: "Listbox And Combobox Control Buffer Overflow"
Maybe in reply to: Giovanni Campagnoli: "Microsoft Windows Security Bulletin Summary October"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 15 Oct 2003 16:00:15 -0700
To: "Giovanni Campagnoli" <bioia@yahoo.com>, <bugtraq@securityfocus.com>

Add to that MS03-046 and MS03-047.

Critical:
Vulnerability in Exchange Server Could Allow Arbitrary Code Execution (829436) http://www.microsoft.com/technet/security/bulletin/MS03-046.asp

Moderate:
Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack (828489) http://www.microsoft.com/technet/security/bulletin/MS03-047.asp

Regards
Thor Larholm
PivX Solutions, LLC - Senior Security Researcher
http://pivx.com/larholm/ - PivX Security Mailing List

-----Original Message-----
From: Giovanni Campagnoli [mailto:bioia@yahoo.com]
Sent: Wednesday, October 15, 2003 12:10 PM
To: bugtraq@securityfocus.com
Subject: Microsoft Windows Security Bulletin Summary October

The new Security Bulletin is available at :

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/winoct03.asp

In this last security bulletin Microsoft has patched 4
remote buffer overflow.

Microsoft Security Bulletin MS03-041 - Vulnerability
in Authenticode Verification Could Allow Remote Code
Execution (823182)
Microsoft Security Bulletin MS03-042 - Buffer Overflow
in the Windows Troubleshooter ActiveX Control Could
Allow Code Execution (826232)
Microsoft Security Bulletin MS03-043 - Buffer Overrun
in Messenger Service Could Allow Code Execution
(828035)
Microsoft Security Bulletin MS03-044 - Buffer Overrun
in Windows Help and Support Center Could Lead to
System Compromise (825119)

Giovanni Campagnoli

=====
---------------------------------------------------------------------------------
L'intelligenza sulla terra è costante, la popolazione sempre in aumento
---------------------------------------------------------------------------------

__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com

Next message: Sintelli SINTRAQ: "Cross-Site Scripting Vulnerability in Wrensoft Zoom Search Engine"

Previous message: Brett Moore: "Listbox And Combobox Control Buffer Overflow"
Maybe in reply to: Giovanni Campagnoli: "Microsoft Windows Security Bulletin Summary October"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

[security bulletin] SSRT4743, SSRT4884 rev.1 - HP Tru64 UNIX TCP/IP remote Denial of Service (DoS)
... The information in this Security Bulletin should be acted upon ... in the HP Tru64 UNIX TCP/IP including ICMP, ... # sysconfig -q inet icmp_tcpseqcheck ...
(Bugtraq)
HP-UX security bulletins digest
... Security Bulletin Digest Split ... To subscribe or unsubscribe to a specific security bulletin digest, ... to the current Security Patch Matrix. ...
(Bugtraq)
security bulletins digest
... Subject: security bulletins digest ... Login using your IT Resource Center User ID and Password. ... Digest Name: daily security bulletins digest ... The information in the following Security Bulletin should be acted ...
(Bugtraq)
Re: [Full-disclosure] HP Radia Notify Daemon: Multiple Buffer Overflow Vulnerabilities
... There are no restrictions for distribution of this Security ... The information in this Security Bulletin should be acted upon ... OpenView Radia Management Applications - Radia Notify Daemon ...
(Full-Disclosure)
HPSBTU01210 SSRT4743, SSRT4884 rev.0 - HP Tru64 UNIX TCP/IP remote Denial of Service (DoS)
... There are no restrictions for distribution of this Security ... The information in this Security Bulletin should be acted upon ... in the HP Tru64 UNIX TCP/IP including ICMP, ... # sysconfig -q inet icmp_tcpseqcheck ...
(Bugtraq)