34 KBMicrosoft Security Bulletins
August 2006
Prior Updates:
2007
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2006
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2005
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2004
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
Login to learn more about how Juniper Networks products can protect you from these vulnerabilities. (If you don't already have a login, see Requesting Support.)
August 2006
Microsoft Security Bulletin MS06-040
Vulnerability in Server Service Could Allow Remote Code Execution (921883)
Severity: CriticalVulnerabilities:
- Buffer Overrun in Server Service Vulnerability - CVE-2006-3439
There is a remote code execution vulnerability in Server Service that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
Microsoft Security Bulletin MS06-041
Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683)
Severity: CriticalVulnerabilities:
- Winsock Hostname Vulnerability - CVE-2006-3440
There is a remote code execution vulnerability in Winsock that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. For an attack to be successful the attacker would have to force the user to open a file or visit a website that is specially crafted to call the affected Winsock API. - DNS Client Buffer Overrun Vulnerability - CVE-2006-3441
There is a remote code execution vulnerability in the DNS Client service that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
Microsoft Security Bulletin MS06-042
Cumulative Security Update for Internet Explorer (918899)
Severity: CriticalVulnerabilities:
- Redirect Cross-Domain Information Disclosure Vulnerability - CVE-2006-3280
An information disclosure vulnerability exists in Internet Explorer in the way that a redirect is handled. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow for information disclosure if a user viewed the Web page. An attacker who successfully exploited this vulnerability could read file data from a Web page in another Internet Explorer domain. This other Web page must use gzip encoding or some other compression type supported by Internet Explorer for any information disclosure to occur. This other Web page must also be cached on the client side for a successful exploit. - HTML Layout and Positioning Memory Corruption Vulnerability - CVE-2006-3450
A remote code execution vulnerability exists in the way Internet Explorer interprets HTML with certain layout positioning combinations. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. - CSS Memory Corruption Vulnerability - CVE-2006-3451
A remote code execution vulnerability exists in the way Internet Explorer handles chained Cascading Style Sheets (CSS). An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. - HTML Rendering Memory Corruption Vulnerability - CVE-2006-3637
A remote code execution vulnerability exists in the way Internet Explorer interprets HTML with certain layout combinations. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. - COM Object Instantiation Memory Corruption Vulnerability - CVE-2006-3638
A remote code execution vulnerability exists in the way Internet Explorer instantiates COM objects that are not intended to be instantiated in Internet Explorer. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. - Source Element Cross-Domain Vulnerability - CVE-2006-3639
A remote code execution and information disclosure vulnerability exists in Internet Explorer in the way that a redirect is handled. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow for information disclosure if a user viewed the Web page. An attacker who successfully exploited this vulnerability could read file data from a Web page in another Internet Explorer domain. On Windows 2000 Service Pack 4 and Windows XP Service Pack 1 an attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. - Window Location Information Disclosure Vulnerability - CVE-2006-3640
An information disclosure vulnerability exists in Internet Explorer where script can be persisted across navigations and used to gain access to the location of a Window in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow for information disclosure if a user viewed the Web page. An attacker who successfully exploited this vulnerability could gain access to the Window location of a Web page in another domain or Internet Explorer zone. - FTP Server Command Injection Vulnerability - CVE-2004-1166
An elevation of privilege vulnerability exists in the way Internet Explorer interprets line feeds and everything after a line feed character in FTP links. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow the attacker to issue FTP server commands if a user clicked on an FTP link. An attacker who successfully exploited this vulnerability could issue FTP server commands as the user to FTP servers.
Microsoft Security Bulletin MS06-043
Vulnerability in Microsoft Windows Could Allow Remote Code Execution (920214)
Severity: CriticalVulnerabilities:
- MHTML Parsing Vulnerability - CVE-2006-2766
There is a remote code execution vulnerability in Windows because it incorrectly parses the MHTML protocol. An attacker could exploit the vulnerability by constructing a specially crafted Web page or HTML e-mail that could potentially lead to remote code execution if a user visited a specially crafted Web site or clicked a link in a specially crafted e-mail message. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
Microsoft Security Bulletin MS06-044
Vulnerability in Microsoft Management Console Could Allow Remote Code Execution (917008)
Severity: CriticalVulnerabilities:
- MMC Redirect Cross-Site Scripting Vulnerability - CVE-2006-3643
There is a remote code execution vulnerability in Windows Management Console that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
Microsoft Security Bulletin MS06-045
Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398)
Severity: ImportantVulnerabilities:
- Folder Guid Code Execution Vulnerability - CVE-2006-3281
A remote code execution vulnerability exists in Windows Explorer because of the way that Windows Explorer handles Drag and Drop events. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow an attacker to save a file on the user’s system if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. User interaction is required to exploit this vulnerability
Microsoft Security Bulletin MS06-046
Vulnerability in HTML Help Could Allow Remote Code Execution (922616)
Severity: CriticalVulnerabilities:
- Buffer Overrun in HTML Help Vulnerability - CVE-2006-3357
A vulnerability exists in the HTML Help ActiveX control that could allow remote code execution on an affected system. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited that page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. - HTML Help Click Method Vulnerability - CVE-2006-3651
A vulnerability exists in the HTML Help ActiveX control that could allow remote code execution on an affected system. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited that page. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Microsoft Security Bulletin MS06-047
Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645)
Severity: CriticalVulnerabilities:
- Visual Basic for Applications Vulnerability - CVE-2006-3649
A remote code execution vulnerability exists in Visual Basic for Applications (VBA) in the way it checks a documents properties that a host application passes to it when opening a document. This vulnerability could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
Microsoft Security Bulletin MS06-048
Vulnerability in Microsoft Office Could Allow Remote Code Execution (922968)
Severity: CriticalVulnerabilities:
- Microsoft PowerPoint Mso.dll Vulnerability - CVE-2006-3590
A remote code execution vulnerability exists in PowerPoint and could be exploited when a malformed a file containing a malformed shape container is parsed by PowerPoint. Such a file might be included in an e-mail attachment or hosted on a malicious web site. An attacker could exploit the vulnerability by constructing a specially crafted PowerPoint file that could allow remote code execution. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights. - Microsoft PowerPoint Malformed Record Vulnerability - CVE-2006-3449
A remote code execution vulnerability exists in PowerPoint and could be exploited when a malformed a file containing a malformed record is parsed by PowerPoint. Such a file might be included in an e-mail attachment or hosted on a malicious web site. An attacker could exploit the vulnerability by constructing a specially crafted PowerPoint file that could allow remote code execution. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
Microsoft Security Bulletin MS06-049
Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958)
Severity: ImportantVulnerabilities:
- Windows 2000 Kernel Elevation of Privilege Vulnerability - CVE-2006-3444
There is a privilege elevation vulnerability in Windows 2000 caused by improper validation of system inputs. This vulnerability could allow a logged on user to take complete control of the system.
Microsoft Security Bulletin MS06-050
Vulnerability in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)
Severity: ImportantVulnerabilities:
- Hyperlink COM Object Buffer Overflow Vulnerability - CVE-2006-3086
A remote code execution vulnerability exists in the Hyperlink Object Library. This problem exists because of an unchecked buffer while handling hyperlinks. An attacker could exploit the vulnerability by constructing a malicious hyperlink which could potentially lead to remote code execution if a user clicks a malicious link within a Web site, Office file or e-mail message. An attacker who successfully exploited this vulnerability could take complete control of the affected system. User interaction is required to exploit this vulnerability. - Hyperlink Object Function Vulnerability - CVE-2006-3438
A remote code execution vulnerability exists in the Hyperlink Object Library. This problem exists when the Hyperlink Object Library uses a malformed function while handling hyperlinks. An attacker could exploit the vulnerability by constructing a malicious hyperlink which could potentially lead to remote code execution if a user clicks a malicious link within a Web site, Office file, or e-mail message. An attacker who successfully exploited this vulnerability could take complete control of the affected system. User interaction is required to exploit this vulnerability.
Microsoft Security Bulletin MS06-051
Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422)
Severity: CriticalVulnerabilities:
- User Profile Elevation of Privilege Vulnerability - CVE-2006-3443
There is a privilege elevation vulnerability in the way that Windows 2000 starts applications. This vulnerability could allow a logged on user to take complete control of the system.