Microsoft Updates for Multiple Vulnerabilities
http://jvnrss.ise.chuo-u.ac.jp/jtg/trn/en/TRTA07-163A.html
JVNRSS based Status Tracking Notes: Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Windows Secure Channel, Internet Explorer, Win32 API, Windows Mail and Outlook Express. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.JVNRSS Feasibility Study Teamjvn@jvn.jpTRTA07-163A2007-06-13T20:22+00:002007-06-12T22:28+00:002007-06-13T20:22+00:00ThreatCON (2) => (1)
https://tms.symantec.com/
Symantechttp://www.uscert.gov/cas/techalerts/TA07-163A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms07-030.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-031.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-032.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-033.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-034.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-035.mspx2007-06-13T19:30+00:002007-06-13T19:30+00:002007-06-13T19:30+00:00June 2007 Microsoft Security Bulletin (including four critical patches)
http://www.jpcert.or.jp/at/2007/at070014.txt
JPCERT/CCJPCERT-AT-2007-0014http://www.uscert.gov/cas/techalerts/TA07-163A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms07-030.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-031.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-032.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-033.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-034.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-035.mspx2007-06-13T01:55+00:002007-06-13T01:55+00:002007-06-13T01:55+00:00June 2007, Microsoft Patch Tuesday Overview.
http://isc.sans.org/diary.html?storyid=2964
Overview of the June 2007 Microsoft patches and their status.
SANS Internet Storm Centerhttp://www.us-cert.gov/cas/techalerts/TA07-163A.html2007-06-12T20:57+00:002007-06-12T20:57+00:002007-06-12T20:57+00:00Microsoft Updates for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA07-163A.html
Via US-CERT Mailing List
US-CERTTA07-163Ahttp://www.uscert.gov/cas/techalerts/TA07-163A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms07-030.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-031.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-032.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-033.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-034.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-035.mspx2007-06-12T16:24-04:002007-06-12T16:24-04:002007-06-12T16:24-04:00ThreatCON (1) => (2)
https://tms.symantec.com/
Symantechttp://www.uscert.gov/cas/techalerts/TA07-163A.htmlhttp://www.microsoft.com/technet/security/bulletin/ms07-030.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-031.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-032.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-033.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-034.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-035.mspx2007-06-13T03:30+09:002007-06-13T03:30+09:002007-06-13T03:30+09:00Microsoft Releases June Security Bulletins
http://www.us-cert.gov/current/archive/2007/06/12/archive.html#microsoft_releases_june_security_bulletins
Microsoft has released updates to address vulnerabilities in Windows, Internet Explorer, Outlook Express, Windows Mail, Visio, and the Windows Schannel Security Package as part of the Microsoft Security Bulletin Summary for June 2007.
US-CERThttp://www.uscert.gov/cas/techalerts/TA07-163A.html2007-06-12T13:18-04:002007-06-12T13:18-04:002007-06-12T13:18-04:00Microsoft Security Bulletin Summary for June 2007
http://www.microsoft.com/technet/security/bulletin/ms07-jun.mspx
Included in this advisory are updates for newly discovered vulnerabilities.
MicrosoftMS07-JUNhttp://www.microsoft.com/technet/security/bulletin/ms07-030.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-031.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-032.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-033.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-034.mspxhttp://www.microsoft.com/technet/security/bulletin/ms07-035.mspx2007-06-122007-06-122007-06-12Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
http://www.securityfocus.com/bid
Speech Control Memory Corruption Vulnerability Proof Of Concept (CVE-2007-2222)
#Cid: MSXPSP2_Speech_API_ActiveX_BoF.txt
#Tested: Windows XP + SP2, IE 6
Bugtraqhttp://www.microsoft.com/technet/security/bulletin/ms07-033.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-22222007-06-102007-06-102007-06-10Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
http://www.securityfocus.com/bid
Speech Control Memory Corruption Vulnerability Proof Of Concept (CVE-2007-2222)
#Cid: MS2KSP4_Speech_API_ActiveX_BoF.txt
#Tested: Windows 2000 + SP4, IE 6
Bugtraqhttp://www.microsoft.com/technet/security/bulletin/ms07-033.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-22222007-06-012007-06-012007-06-01Microsoft Internet Explorer Prototype Dereference Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-038.html
Uninitialized Memory Corruption Vulnerability(MS07-033, CVE-2007-1751)
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
Vulnerability Reported
Zero Day Initiative (ZDI)ZDI-07-038http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1751http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx2007-02-152007-02-152007-02-15Microsoft Internet Explorer Language Pack Installation Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-037.html
Language Pack Installation Vulnerability(MS07-033, CVE-2007-3027)
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
Vulnerability Reported
Zero Day Initiative (ZDI)ZDI-07-037http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3027http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx2006-11-082006-11-082006-11-08Microsoft License Manager and urlmon.dll COM Object Interaction Invalid Memory Access Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=542
COM Object Instantiation Memory Corruption Vulnerability (CVE-2007-0218,MS07-033)
Remote exploitation of an invalid memory access vulnerability in various Microsoft products, including Internet Explorer, while creating certain COM objects may allow an attacker to execute arbitrary code.
Vulnerability Reported
iDefensehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0218http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx2006-10-242006-10-242006-10-24SChannel Off-By-One Heap Corruption
http://www.securityfocus.com/archive/1/471203
Vulnerability in the Windows Schannel Security Package (CVE-2007-2218,MS07-031)
The Secure Channel (SChannel) library on WinXP-SP1/SP2 is vulnerable to a off-by-one heap buffer overwrite.
Vulnerability Reported
COSEINC Private Limitedhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2218http://www.microsoft.com/technet/security/bulletin/MS07-031.mspx2006-08-282006-08-282006-08-28