Microsoft Products Contain Multiple Vulnerabilities
http://jvnrss.ise.chuo-u.ac.jp/jtg/trn/en/TRTA06-220A.html
JVNRSS based Status Tracking Notes: Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Office, Works Suite, Visual Basic for Applications, and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.JVNRSS Feasibility Study Teamjvn@jvn.jpTRTA06-220A2006-11-25T03:24+00:002006-08-09T22:11+00:002006-11-25T03:24+00:00MS Windows (Windows Kernel) Privilege Escalation Exploit (MS06-049)
http://www.securityfocus.com/bid/
a proof-of-concept code for this vulnerability (CVE-2006-3444,MS06-049)
#Cid: ms06-049.c
#Cid: 19388.c
#Tested: Windows 2000 PRO SP4 [CN]
#Tested: Windows 2000 PRO SP4 Rollup 1 [CN]
#Tested: Windows 2000 PRO SP4 [EN]
#Tested: Windows 2000 PRO SP4 Rollup 1 [EN]
http://www.microsoft.com/technet/security/bulletin/ms06-049.mspxhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34442006-09-212006-09-212006-09-21Microsoft Windows NetpIsRemote() Remote Overflow (Exploit, MS06-040, Windows 2003)
http://www.securityfocus.com/bid/
a proof-of-concept code for this vulnerability
#Tested: Windows Server 2003 SP0
#Cid: netapi_win2003.pm
http://www.microsoft.com/technet/security/bulletin/MS06-040.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-09-132006-09-132006-09-13Microsoft Re-Releases Windows Server Service Security Bulletin MS06-040
http://www.us-cert.gov/current/archive/2006/09/12/archive.html#WSS2rel
Microsoft has released a new version of Security Bulletin MS06-040 and the associated security updates.
US-CERThttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://www.kb.cert.org/vuls/id/6507692006-09-12T18:45-04:002006-09-12T18:45-04:002006-09-12T18:45-04:00Cumulative Security Update for Internet Explorer (918899)
http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx?jvntrev=3
Bulletin and Internet Explorer 6 Service Pack 1, Internet Explorer 5.01 Service Pack 4, and Internet Explorer 6 for Microsoft Windows Server 2003 security updates have been re-released to address a vulnerability documented in the Vulnerability Details section as Long URL Buffer Overflow - CVE-2006-3873.
MicrosoftMS06-042http://www.microsoft.com/technet/security/bulletin/ms06-042.mspxhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-38732006-09-122006-09-122006-09-12Vulnerability in Server Service Could Allow Remote Code Execution (921883)
http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx?jvntrev=1
The update has been revised and re-released for Microsoft Windows 2003 and Microsoft Windows XP Professional x64 Edition to address the issues identified in Microsoft Knowledge Base Article 924054 (Programs that request lots of contiguous memory may fail after you install security update 921883 (MS06-040) on a Windows Server 2003 Service Pack 1-based computer or a Windows XP Professional x64 Edition-based computer).
MicrosoftMS06-040http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx2006-09-122006-09-122006-09-12Microsoft Windows NetpIsRemote() Remote Overflow (Exploit, MS06-040)
http://www.securityfocus.com/bid/
a proof-of-concept code for this vulnerability
#Tested: Windows XP SP1
#Tested: Windows 2000 SP4
#Cid: ms06_040_remote_overflow_082706
http://www.microsoft.com/technet/security/bulletin/MS06-040.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-272006-08-272006-08-27Increase in TCP Port 139 scanning activity
http://www.jpcert.or.jp/at/2006/at060012.txt
JPCERT/CCJPCERT-AT-2006-00122006-08-24T05:39+00:002006-08-24T05:39+00:002006-08-24T05:39+00:00Internet Explorer Compressed Content URL Heap Overflow Vulnerability #2
http://research.eeye.com/html/advisories/published/AD20060912.html
Long URL Buffer Overflow Vulnerability(CVE-2006-3873,MS06-042)
Vulnerability Reported
eEye Digital SecurityEEYEB-AD20060912http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3873http://www.microsoft.com/technet/security/Bulletin/MS06-042.mspx2006-08-242006-08-242006-08-24Cumulative Security Update for Internet Explorer (918899)
http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx?jvntrev=2
Bulletin reissued and updated with additional information and vulnerability details affecting Internet Explorer 6 Service Pack 1 customers.
MicrosoftMS06-042http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx2006-08-242006-08-242006-08-24ThreatCON (2) => (1)
https://tms.symantec.com/
Symantec2006-08-22T07:52+00:002006-08-22T07:52+00:002006-08-22T07:52+00:00Long URLs to sites using HTTP 1.1 and compression Could Cause Internet Explorer 6 Service Pack 1 to Unexpectedly Exit
http://www.microsoft.com/technet/security/advisory/923762.mspx
Long URL Buffer Overflow Vulnerability(CVE-2006-3869,MS06-042)
MicrosoftMicrosoft Security Advisory (923762)http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx2006-08-222006-08-222006-08-22AlertCon (2) => (1)
https://gtoc.iss.net/issEn/delivery/gtoc/index.jsp
Internet Security Systemshttp://www.us-cert.gov/cas/techalerts/TA06-220A.html2006-08-21T12:25-04:002006-08-21T12:25-04:002006-08-21T12:25-04:00Microsoft Windows CanonicalizePathName() Remote Code Execution (Exploit, MS06-040)
http://www.securityfocus.com/bid/
a proof-of-concept code for this vulnerability
#Cid: netapi_ms06_040.c
http://www.microsoft.com/technet/security/bulletin/MS06-040.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-192006-08-192006-08-19Internet Explorer Compressed Content URL Heap Overflow Vulnerability
http://research.eeye.com/html/advisories/published/AD20060824.html
Long URL Buffer Overflow Vulnerability(CVE-2006-3869,MS06-042,VU#821156)
Vulnerability Reported
eEye Digital SecurityEEYEB-AD20060824http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3869http://www.microsoft.com/technet/security/Bulletin/MS06-042.mspxhttp://www.kb.cert.org/vuls/id/8211562006-08-172006-08-172006-08-17Cumulative Security Update for Internet Explorer (918899)
http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx?jvntrev=1
Bulletin caveats updated with additional information affecting some Internet Explorer 6 Service Pack 1 customers.
MicrosoftMS06-042http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx2006-08-152006-08-152006-08-15Mocbot Spam Analysis
http://www.lurhq.com/mocbot-spam.html
The recent Mocbot variant found exploiting the vulnerability described in MS06-040 is not especially unique. Many different malware variants use IRC as a command-and-control (C&C) channel. In this article we explore the Mocbot C&C in order to gain a better understanding of the reason for Mocbot's existence.
LURHQ Corporationhttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://www.kb.cert.org/vuls/id/6507692006-08-152006-08-152006-08-15Mitigating Exploitation of the MS06-040 Service Buffer Vulnerability
http://www.cisco.com/warp/public/707/cisco-sr-20060814-ms06-040-vulnerability.shtml
Cisco devices provide several countermeasures for the MS06-040 leavingcisco.com vulnerability. The most preventative control is provided by Cisco Security Agent (CSA) at the end host level.
Cisco SystemsCisco Security Response Document ID: 70997http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx2006-08-14T23:00+00:002006-08-14T23:00+00:002006-08-14T23:00+00:00MS06-040: BOLO -- Be On the LookOut
http://isc.sans.org/diary.php?storyid=1597
Over the weekend there was a botnet doing fairly wide scale scanning for hosts affected by the vulnerabilities in the MS06-040 advisory.
SANShttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://www.kb.cert.org/vuls/id/6507692006-08-14T17:48+00:002006-08-14T17:48+00:002006-08-14T17:48+00:00Exploit Code Published Affecting the Server Service
http://www.microsoft.com/technet/security/advisory/922437.mspx?jvntrev=1
Exploit for MS06-040
Advisory updated to detail activity related to Win32/Graweg.
Microsoft is aware of public reports regarding an attack known as Win32/Graweg exploiting the vulnerability addressed by security update MS06-040. Microsoft's initial investigation of Win32/Graweg verified that it only affects users running Windows 2000 that have not applied the update detailed in MS06-040. Microsoft has activated its emergency response process and is continuing to investigate this issue.
MicrosoftMicrosoft Security Advisory (922437)2006-08-13T20:42-07:002006-08-13T20:42-07:002006-08-13T20:42-07:00MS06-040 wgareg / wgavm update
http://isc.sans.org/diary.php?storyid=1593
We have received samples and infection reports from several sources.
SANShttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://www.kb.cert.org/vuls/id/6507692006-08-13T13:37+00:002006-08-13T13:37+00:002006-08-13T13:37+00:00Mocbot/MS06-040 Analysis
http://www.lurhq.com/mocbot-ms06040.html
LURHQ's Threat Intelligence Group has detected a Mocbot variant in the wild utilizing the MS06-040 vulnerability in order to spread in a worm-like fashion.
LURHQ Corporationhttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://www.kb.cert.org/vuls/id/6507692006-08-122006-08-122006-08-12IRC-Mocbot!MS06-040
http://vil.nai.com/vil/Content/v_140394.htm
McAfeehttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://www.kb.cert.org/vuls/id/6507692006-08-122006-08-122006-08-12W32.Wargbot
http://securityresponse.symantec.com/avcenter/venc/data/w32.wargbot.html
Exploit for MS06-040
Symantec2006-08-122006-08-122006-08-12WORM_IRCBOT.JL
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_IRCBOT.JL
Exploit for MS06-040
Trend Microhttp://www.microsoft.com/technet/security/bulletin/MS06-040.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-122006-08-122006-08-12WORM_IRCBOT.JK
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_IRCBOT.JK
Exploit for MS06-040
Trend Microhttp://www.microsoft.com/technet/security/bulletin/MS06-040.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-122006-08-122006-08-12Exploit Code Published Affecting the Server Service
http://www.microsoft.com/technet/security/advisory/922437.mspx
Exploit for MS06-040
MicrosoftMicrosoft Security Advisory (922437)2006-08-11T13:57-07:002006-08-11T13:57-07:002006-08-11T13:57-07:00MS06-040 Exploit: More Hype Than Threat
http://www.lurhq.com/ms06040exploit.html
Multiple sources are sounding alarms based on the MS06-040 exploit, predicting an imminent worm outbreak of Blaster-like proportions.
LURHQ Corporationhttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://www.kb.cert.org/vuls/id/6507692006-08-112006-08-112006-08-11MS06-040 exploit(s) publicly available
http://isc.sans.org/diary.php?storyid=1582
As almost everyone predicted, it didn't take long to have MS06-040 (vulnerability in the Server service) publicly available.
SANShttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://www.kb.cert.org/vuls/id/6507692006-08-112006-08-112006-08-11TROJ_MDROPPER.BI
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_MDROPPER.BI
Exploit for MS06-047
Trend Microhttp://www.microsoft.com/technet/security/bulletin/ms06-047.mspx2006-08-112006-08-112006-08-11Exploit for MS06-040 (vulnerability in the Server service) publicly available
http://www.niscc.gov.uk/niscc/docs/al-20060810-00546.html
A vulnerability in the Microsoft Server service, addressed in Microsoft Security Bulletin MS06-040, is being exploited.
NISCC20060810-00546http://www.microsoft.com/technet/security/bulletin/MS06-040.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-10T15:48+00:002006-08-10T15:48+00:002006-08-10T15:48+00:00RE: [Full-disclosure] Exploit for MS06-040 Out?
http://archives.neohapsis.com/archives/fulldisclosure/
a proof-of-concept code for this vulnerability (CVE-2006-3439,MS06-040)
#Cid: netapi_ms06_040.pm
Full-disclosurehttp://www.microsoft.com/technet/security/bulletin/MS06-040.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-10T02:57-05:002006-08-10T02:57-05:002006-08-10T02:57-05:00Retina MS06-040 NetApi32 Scanner
http://www.eeye.com/html/resources/downloads/audits/NetApi.html
eEye Digital Security has created a standalone vulnerability scanner to help identify systems vulnerable to this flaw. This scanner will identify the vulnerability on all systems with the exception of Windows NT.
eEye Digital Securityhttp://www.microsoft.com/technet/security/bulletin/MS06-040.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-10T01:19-05:002006-08-10T01:19-05:002006-08-10T01:19-05:00Microsoft IE6 urlmon.dll Long URL Buffer Overflow vulnerability
http://www.nsfocus.com/english/homepage/research/0608.htm
Long URL Buffer Overflow Vulnerability(CVE-2006-3869,MS06-042)
Vulnerability Reported
NSFocus CorporationNSFOCUS Security Advisory(SA2006-08)http://www.microsoft.com/japan/technet/security/bulletin/MS06-042.mspxhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-38692006-08-102006-08-102006-08-10Public Exploit Code for a Vulnerability in Microsoft Server Service
http://www.us-cert.gov/current/archive/2006/08/10/archive.html#pcmss
US-CERT is aware of publicly available exploit code for a buffer overflow vulnerability in the Microsoft Windows Server service. This vulnerability can be exploited by sending a specially crafted packet to an affected system.
US-CERThttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://www.kb.cert.org/vuls/id/6507692006-08-102006-08-102006-08-10RE: [Full-disclosure] Exploit for MS06-040 Out?
http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0242.html
a proof-of-concept code for this vulnerability (CVE-2006-3439,MS06-040)
#Cid: ms06_040.tgz
Full-disclosurehttp://www.microsoft.com/technet/security/bulletin/MS06-040.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-09T13:24-05:002006-08-09T13:24-05:002006-08-09T13:24-05:00Microsoft exploits on Reboot Wednesday
http://isc.sans.org/diary.php?storyid=1574
SANS Internet Storm Centerhttp://www.us-cert.gov/cas/techalerts/TA06-220A.html2006-08-09T11:55+00:002006-08-09T11:55+00:002006-08-09T11:55+00:00Microsoft Products Vulnerabilities
http://www.jpcert.or.jp/at/2006/at060011.txt
JPCERT/CCJPCERT-AT-2006-0011http://jvn.jp/cert/JVNTA06-220Ahttp://www.us-cert.gov/cas/techalerts/TA06-220A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-041.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-042.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-043.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-044.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-045.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-046.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-047.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-048.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-049.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-050.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-051.mspx2006-08-09T02:38+00:002006-08-09T02:38+00:002006-08-09T02:38+00:00DHS Recommends Security Patch to Protect Against a Vulnerability Found In Windows Operating Systems
http://www.dhs.gov/dhspublic/display?content=5789
The Department of Homeland Security (DHS) is recommending that Windows Operating Systems users apply Microsoft security patch MS06-040 as quickly as possible. This security patch is designed to protect against a vulnerability that, if exploited, could enable an attacker to remotely take control of an affected system and install programs, view, change, or delete data, and create new accounts with full user rights.
Department of Homeland Securityhttp://www.microsoft.com/technet/security/bulletin/MS06-040.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-092006-08-092006-08-09Microsoft Products Contain Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA06-220A.html
Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Office, Works Suite, Visual Basic for Applications, and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
US-CERTTA06-220Ahttp://www.us-cert.gov/cas/techalerts/TA06-220A.htmlhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3439http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3440http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3441http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3280http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3450http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3451http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3637http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3639http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3638http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2766http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3643http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3649http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3590http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3449http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-36482006-08-08T17:07-04:002006-08-08T17:07-04:002006-08-08T17:07-04:00AlertCon (1) => (2)
https://gtoc.iss.net/issEn/delivery/gtoc/index.jsp
Internet Security Systemshttp://www.us-cert.gov/cas/techalerts/TA06-220A.html2006-08-09T05:00+09:002006-08-09T05:00+09:002006-08-09T05:00+09:00Active Exploitation of a Vulnerability in Microsoft Server Service
http://www.us-cert.gov/current/archive/2006/08/08/archive.html#msvuls
US-CERT is aware of active exploitation of a buffer overflow vulnerability in the Microsoft Windows Server service. If a remote attacker sends a specially crafted packet to a vulnerable Windows system, that attacker may be able to execute arbitrary code with SYSTEM privileges.
US-CERThttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://www.kb.cert.org/vuls/id/6507692006-08-082006-08-082006-08-08Microsoft DNS Client Integer Overflow Vulnerability
http://xforce.iss.net/xforce/alerts/id/235
X-Force has discovered a flaw in the Microsoft DNS client software. By sending malicious DNS responses to a Windows machine, attackers can trigger a heap corruption and gain control of the affected host.
Internet Security Systemshttp://www.microsoft.com/technet/security/bulletin/ms06-041.mspxhttp://xforce.iss.net/xforce/xfdb/28013http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-082006-08-082006-08-08Microsoft DNS Client ATMA Buffer Overflow Vulnerability
http://xforce.iss.net/xforce/alerts/id/234
X-Force has discovered a flaw in the Microsoft DNS client software. By sending malicious DNS responses to a Windows machine, attackers can trigger a heap corruption and gain control of the affected host.
Internet Security Systemshttp://www.microsoft.com/technet/security/bulletin/ms06-041.mspxhttp://xforce.iss.net/xforce/xfdb/24586http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-082006-08-082006-08-08Microsoft DNS Client Character String Buffer Overflow Vulnerability
http://xforce.iss.net/xforce/alerts/id/233
X-Force has discovered a flaw in the Microsoft DNS client software. By sending malicious DNS responses to a Windows machine, attackers can trigger a heap corruption and gain control of the affected host.
Internet Security Systemshttp://www.microsoft.com/technet/security/bulletin/ms06-041.mspxhttp://xforce.iss.net/xforce/xfdb/28240http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-082006-08-082006-08-08Microsoft Server Service Buffer Overflow Vulnerability
http://xforce.iss.net/xforce/alerts/id/232
The Microsoft Server Service is vulnerable to remote code execution. By sending malicious requests to the named pipe for the Server Service, attackers can trigger a stack overflow and gain control of the affected host.
Internet Security Systemshttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://xforce.iss.net/xforce/xfdb/28002http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34392006-08-082006-08-082006-08-08Microsoft Security Bulletin Summary for August, 2006
http://www.microsoft.com/technet/security/bulletin/ms06-aug.mspx
Included in this advisory are updates for newly discovered vulnerabilities.
MicrosoftMS06-AUGhttp://www.microsoft.com/technet/security/bulletin/ms06-040.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-041.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-042.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-043.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-044.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-045.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-046.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-047.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-048.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-049.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-050.mspxhttp://www.microsoft.com/technet/security/bulletin/ms06-051.mspx2006-08-082006-08-082006-08-08Microsoft PowerPoint Malformed Record Memory Corruption Vulnerability
http://secway.org/advisory/AD20060808.txt
Microsoft PowerPoint Malformed Records Vulnerability(CVE-2006-3449,MS06-048)
Vulnerability Reported
This vulnerability allows remote attackers to execute arbitrary code in the context of the logged in user. An array boundary condition may be violated by a malicious .PPT file in order to redirect execution into attacker-supplied data. Exploitation requires that the attacker coerce or persuade the victim to open a malicious .PPT file.
Sowhat of Nevis Labshttp://www.microsoft.com/technet/security/bulletin/MS06-048.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34492006-07-142006-07-142006-07-14Microsoft Internet Explorer CSS Class Ordering Memory Corruption Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-06-027.html
HTML Layout and Positioning Memory Corruption Vulnerability(CVE-2006-3450,MS06-042)
Vulnerability Reported
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
Zero Day Initiative (ZDI)ZDI-06-027http://www.microsoft.com/japan/technet/security/bulletin/MS06-042.mspxhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34502006-06-142006-06-142006-06-14Microsoft Internet Explorer Multiple CSS Imports Memory Corruption Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-06-026.html
CSS Memory Corruption Vulnerability(CVE-2006-3451,MS06-042)
Vulnerability Reported
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
Zero Day Initiative (ZDI)ZDI-06-026http://www.microsoft.com/japan/technet/security/bulletin/MS06-042.mspxhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-34512006-06-142006-06-142006-06-14Microsoft DirectAnimation COM Object Memory Corruption Vulnerability
http://www.tippingpoint.com/security/advisories/TSRT-06-09.html
COM Object Instantiation Memory Corruption Vulnerability(CVE-2006-3638,MS06-042)
Vulnerability Reported
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
TippingPointTSRT-06-09http://www.microsoft.com/technet/security/bulletin/MS06-042.mspxhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-36382006-04-272006-04-272006-04-27Microsoft Internet Help COM Object Memory Corruption Vulnerability
http://www.tippingpoint.com/security/advisories/TSRT-06-08.html
Buffer Overrun in HTML Help Vulnerability(CVE-2006-3357,MS06-046)
Vulnerability Reported
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
TippingPointTSRT-06-08http://www.microsoft.com/technet/security/bulletin/MS06-046.mspxhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-33572006-04-272006-04-272006-04-27Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
http://www.tippingpoint.com/security/advisories/TSRT-06-10.html
Hyperlink Object Buffer Overflow Vulnerability(CVE-2006-3086,MS06-050)
Vulnerability Reported
This vulnerability allows remote attackers to execute arbitrary code on vulnerable applications that utilize Microsoft Hyperlink Component Object Model (COM) objects. Specifically, this includes at least Microsoft Word, PowerPoint and Excel. Exploitation over the web is doable via Office Web Components (OWC). It is not required for the target to have OWC installed.
TippingPointTSRT-06-10http://www.microsoft.com/technet/security/bulletin/MS06-050.mspxhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-30862006-02-282006-02-282006-02-28