Microsoft Security News
SecurityFocus Microsoft Newsletter #445 Jun 11 2009 11:17PM
sfa securityfocus com
SecurityFocus Microsoft Newsletter #445
----------------------------------------

This issue is sponsored by VeriSign

VeriSign EV SSL Certificates for your sites. security turn the address bar in high security browsers green which helps your customers know they are safe on your site.

http://ad.doubleclick.net/clk;215510119;37701656;z

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Hacker-Tool Law Still Does Little
2. A Botnet by Any Other Name
II. MICROSOFT VULNERABILITY SUMMARY
1. Apple Safari CoreGraphics TrueType Font Handling Remote Code Execution Vulnerability
2. Microsoft PowerPoint Freelance Layout Parsing Heap Based Buffer Overflow Vulnerability
3. Kerio MailServer WebMail Cross Site Scripting Vulnerability
4. Apple Safari Prior to 4.0 Multiple Security Vulnerabilities
5. Microsoft Windows DNS Devolution Third-Level Domain Name Resolving Weakness
6. eBay Enhanced Picture Services ActiveX Control Remote Code Execution Vulnerability
7. Microsoft Excel QSIR Record Pointer Corruption Remote Code Execution Vulnerability
8. Microsoft Excel Malformed Shared String Table Record Integer Overflow Vulnerability
9. Microsoft Excel Field Sanitization Remote Code Execution Vulnerability
10. Microsoft Excel String Copy Stack Overflow Remote Code Execution Vulnerability
11. Microsoft Excel Array Indexing Remote Code Execution Vulnerability
12. Microsoft Excel Record Object Remote Code Execution Vulnerability
13. Microsoft Windows Argument Validation Local Privilege Escalation Vulnerability
14. XM Easy Personal FTP Server Multiple Command Remote Buffer Overflow Vulnerabilities
15. Microsoft Windows Pointer Validation Local Privilege Escalation Vulnerability
16. Microsoft Internet Explorer Malformed Row Property Remote Code Execution Vulnerability
17. Microsoft Internet Explorer 'onreadystatechange' Corrupt Memory Remote Code Execution Vulnerability
18. Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability
19. Online Armor Personal Firewall IOCTL Request Local Privilege Escalation Vulnerability
20. Microsoft Active Directory Encoded LDAP String Memory Corruption Remote Code Execution Vulnerability
21. Microsoft Active Directory Memory Leak Denial Of Service Vulnerability
22. Microsoft Internet Explorer Event Handler Uninitialized Memory Remote Code Execution Vulnerability
23. Microsoft Internet Explorer 'setCapture()' Uninitialized Memory Remote Code Execution Vulnerability
24. Microsoft Internet Explorer XMLHttpRequest Uninitialized Memory Remote Code Execution Vulnerability
25. Microsoft Windows Search Script Injection Vulnerability
26. Microsoft RPC Marshalling Engine Remote Code Execution Vulnerability
27. Microsoft Visual Studio 'MSCOMM32.OCX' ActiveX Control Heap Buffer Overflow Vulnerability
28. Microsoft Excel Record Pointer Corruption Remote Code Execution Vulnerability
29. Microsoft June 2009 Advance Notification Multiple Vulnerabilities
30. Microsoft Windows Print Spooler Remote Code Execution Vulnerability
31. Microsoft Windows Print Spooler Local Information Disclosure Vulnerability
32. Microsoft Windows Print Spooler 'EnumeratePrintShares()' Remote Stack Buffer Overflow Vulnerability
33. Microsoft Internet Explorer Cached Content Cross Domain Information Disclosure Vulnerability
34. Microsoft Internet Explorer (CVE-2009-1141) Uninitialized Memory Remote Code Execution Vulnerability
35. Microsoft Word Record Parsing (CVE-2009-0565) Remote Code Execution Vulnerability
36. Microsoft Word Record Parsing Length Field Remote Stack Buffer Overflow Vulnerability
37. Microsoft Office Works for Windows Document Converters Remote Code Execution Vulnerability
38. Apple QuickTime PSD Image Buffer Overflow Vulnerability
39. Apple QuickTime Clipping Region (CRGN) Atom Types Heap Overflow Vulnerability
40. Apple QuickTime Image Description Atom Sign Extension Vulnerability
41. Apple QuickTime JP2 Image Handling Heap Buffer Overflow Vulnerability
42. Apple QuickTime PICT Image Heap Overflow Vulnerability
43. Apple QuickTime MS ADPCM Audio File Heap Buffer Overflow Vulnerability
44. Apple QuickTime User Atom Data Size Uninitialized Memory Access Remote Code Execution Vulnerability
45. Apple QuickTime FLC Compression File Heap Overflow Vulnerability
46. Apple QuickTime Sorenson 3 Video File Remote Memory Corruption Vulnerability
47. Apple iTunes Multiple URI Handler Stack Buffer Overflow Vulnerability
48. SafeNet SoftRemote IKE Service Remote Stack Buffer Overflow Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Hacker-Tool Law Still Does Little
By Mark Rasch
On August 10, 2007, a new section of the German Penal code went into effect. The statute, intended to implement certain provisions of the Council of Europe Treaty on Cybercrime, could be interpreted to make the creation or distribution of computer security software a criminal offense.
http://www.securityfocus.com/columnists/502

2. A Botnet by Any Other Name
By Gubter Ollmann
The news has been awash the last few weeks with fears over globe-spanning botnets and their criminal intent: Conficker managed to hog the limelight for well over a month, and then came Finjan's disclosure of a previously unknown - and currently unnamed - botnet consisting of some 1.9 million malicious agents.
http://www.securityfocus.com/columnists/501

II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Apple Safari CoreGraphics TrueType Font Handling Remote Code Execution Vulnerability
BugTraq ID: 35308
Remote: Yes
Date Published: 2009-06-08
Relevant URL: http://www.securityfocus.com/bid/35308
Summary:
Apple Safari CoreGraphics is prone to a remote code-execution vulnerability because it fails to adequately handle TrueType fonts.

An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.

This issue affects versions prior to Safari 4.0 running on Windows XP and Vista.

NOTE: This issue was previously covered in BID 35260 (Apple Safari Prior to 4.0 Multiple Security Vulnerabilities), but has been assigned its own record to better document it.

2. Microsoft PowerPoint Freelance Layout Parsing Heap Based Buffer Overflow Vulnerability
BugTraq ID: 35275
Remote: Yes
Date Published: 2009-06-10
Relevant URL: http://www.securityfocus.com/bid/35275
Summary:
Microsoft PowerPoint is prone to a heap-based buffer-overflow vulnerability.

An attacker can exploit this issue by enticing a victim to open a malicious Freelance file.

Successful exploits can allow the attacker to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely cause denial-of-service conditions.

3. Kerio MailServer WebMail Cross Site Scripting Vulnerability
BugTraq ID: 35264
Remote: Yes
Date Published: 2009-06-08
Relevant URL: http://www.securityfocus.com/bid/35264
Summary:
Kerio MailServer WebMail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Kerio MailServer versions 6.6.0, 6.6.1, 6.6.2, and 6.7.0 are vulnerable.

4. Apple Safari Prior to 4.0 Multiple Security Vulnerabilities
BugTraq ID: 35260
Remote: Yes
Date Published: 2009-06-08
Relevant URL: http://www.securityfocus.com/bid/35260
Summary:
Apple Safari is prone to multiple security vulnerabilities.

Attackers may exploit these issues to execute arbitrary code, launch cross-site scripting attacks, elevate privileges, or obtain sensitive information. Other attacks are also possible.

These issues affect versions prior to Safari 4.0 running on Apple Mac OS X 10.4.11 and 10.5.7, Microsoft Windows XP, and Windows Vista.

5. Microsoft Windows DNS Devolution Third-Level Domain Name Resolving Weakness
BugTraq ID: 35255
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35255
Summary:
Microsoft Windows is prone to a weakness that affects the Windows DNS client and arises because of a design error in the DNS devolution process.

The attacker could set up a malicious site and carry out attacks against victims who are inadvertently directed to the malicious site. These attacks could include disclosure of the private IP address, disclosure of authentication credentials, modification of client proxy settings, phishing, redirection to other malicious sites, enticing vulnerable users to download malware, and more.

6. eBay Enhanced Picture Services ActiveX Control Remote Code Execution Vulnerability
BugTraq ID: 35248
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35248
Summary:
eBay Enhanced Picture Services ActiveX control is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing an unsuspecting victim to view a malicious webpage.

Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the affected application that uses the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.

7. Microsoft Excel QSIR Record Pointer Corruption Remote Code Execution Vulnerability
BugTraq ID: 35246
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35246
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel ('.xls') file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

8. Microsoft Excel Malformed Shared String Table Record Integer Overflow Vulnerability
BugTraq ID: 35245
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35245
Summary:
Microsoft Excel is prone to an integer-overflow vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

9. Microsoft Excel Field Sanitization Remote Code Execution Vulnerability
BugTraq ID: 35244
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35244
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

10. Microsoft Excel String Copy Stack Overflow Remote Code Execution Vulnerability
BugTraq ID: 35243
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35243
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

11. Microsoft Excel Array Indexing Remote Code Execution Vulnerability
BugTraq ID: 35242
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35242
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

12. Microsoft Excel Record Object Remote Code Execution Vulnerability
BugTraq ID: 35241
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35241
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

13. Microsoft Windows Argument Validation Local Privilege Escalation Vulnerability
BugTraq ID: 35240
Remote: No
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35240
Summary:
Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel.

An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers.

14. XM Easy Personal FTP Server Multiple Command Remote Buffer Overflow Vulnerabilities
BugTraq ID: 35239
Remote: Yes
Date Published: 2009-06-05
Relevant URL: http://www.securityfocus.com/bid/35239
Summary:
XM Easy Personal FTP Server is prone to multiple remote buffer-overflow vulnerabilities because the application fails to sufficiently sanitize user-supplied arguments to multiple FTP commands.

An attacker can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

XM Easy Personal FTP Server 5.7.0 is vulnerable; other versions may also be affected.

15. Microsoft Windows Pointer Validation Local Privilege Escalation Vulnerability
BugTraq ID: 35238
Remote: No
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35238
Summary:
Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel.

An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers.

16. Microsoft Internet Explorer Malformed Row Property Remote Code Execution Vulnerability
BugTraq ID: 35235
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35235
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause denial-of-service conditions.

17. Microsoft Internet Explorer 'onreadystatechange' Corrupt Memory Remote Code Execution Vulnerability
BugTraq ID: 35234
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35234
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause denial-of-service conditions.

18. Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability
BugTraq ID: 35232
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35232
Summary:
Microsoft Internet Information Services (IIS) is prone to an authentication-bypass vulnerability because it fails to properly enforce access restrictions on certain requests to a site that requires authentication.

An attacker can exploit this issue to gain unauthorized access to protected resources, which may lead to other attacks.

This issue affects IIS 5.0.

19. Online Armor Personal Firewall IOCTL Request Local Privilege Escalation Vulnerability
BugTraq ID: 35227
Remote: No
Date Published: 2009-06-04
Relevant URL: http://www.securityfocus.com/bid/35227
Summary:
Online Armor Personal Firewall is prone to a local privilege-escalation vulnerability.

An attacker may exploit this issue to execute arbitrary code with elevated privileges, which may facilitate a complete compromise of the affected computer.

Online Armor Personal Firewall 3.5.0.12 and prior versions are affected. Online Armor Personal Firewall AV+ is also vulnerable.

20. Microsoft Active Directory Encoded LDAP String Memory Corruption Remote Code Execution Vulnerability
BugTraq ID: 35226
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35226
Summary:
Microsoft Active Directory is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Successful exploits will completely compromise the affected computer. Failed attacks will cause denial-of-service conditions.

21. Microsoft Active Directory Memory Leak Denial Of Service Vulnerability
BugTraq ID: 35225
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35225
Summary:
Microsoft Active Directory is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to crash the server, denying access to legitimate users.

22. Microsoft Internet Explorer Event Handler Uninitialized Memory Remote Code Execution Vulnerability
BugTraq ID: 35224
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35224
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause denial-of-service conditions.

23. Microsoft Internet Explorer 'setCapture()' Uninitialized Memory Remote Code Execution Vulnerability
BugTraq ID: 35223
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35223
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause denial-of-service conditions.

24. Microsoft Internet Explorer XMLHttpRequest Uninitialized Memory Remote Code Execution Vulnerability
BugTraq ID: 35222
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35222
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause denial-of-service conditions.

25. Microsoft Windows Search Script Injection Vulnerability
BugTraq ID: 35220
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35220
Summary:
Microsoft Windows Search is prone to a script-injection vulnerability because it fails to adequately sanitize user-supplied input when previewing search results.

Successful exploits will cause malicious script code to run in the local context, allowing attackers to steal potentially sensitive information or perform other attacks.

The issue affects Windows Search installed on all supported editions of Windows XP and Windows Server 2003. Note that Windows Vista and Windows Server 2008 are not affected.

26. Microsoft RPC Marshalling Engine Remote Code Execution Vulnerability
BugTraq ID: 35219
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35219
Summary:
Microsoft Windows RPC Marshalling Engine is prone to a remote code-execution vulnerability.

An attacker can exploit this issue by sending a specially crafted RPC request to an affected computer.

Successfully exploiting this issue will allow the attacker to execute arbitrary code with full system rights, completely compromising affected computers. Failed exploit attempts will likely result in a denial-of-service condition.

27. Microsoft Visual Studio 'MSCOMM32.OCX' ActiveX Control Heap Buffer Overflow Vulnerability
BugTraq ID: 35218
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35218
Summary:
Microsoft Visual Studio is prone to a remote heap-based buffer-overflow vulnerability.

Attackers may exploit this issue by enticing an unsuspecting victim to view a malicious webpage.

Successful exploits will allow attackers to execute arbitrary code within the context of the affected application that uses the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.

28. Microsoft Excel Record Pointer Corruption Remote Code Execution Vulnerability
BugTraq ID: 35215
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35215
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

29. Microsoft June 2009 Advance Notification Multiple Vulnerabilities
BugTraq ID: 35213
Remote: Yes
Date Published: 2009-06-04
Relevant URL: http://www.securityfocus.com/bid/35213
Summary:
Microsoft has released advance notification that on June 9, 2009 the vendor will be releasing 10 security bulletins covering multiple issues. The highest severity rating for these issues is 'Critical'.

These issues affect the following:

Windows
Internet Explorer
Word
Excel
Office

Successfully exploiting these issues may allow remote or local attackers to compromise affected computers.

We will create individual records to better document these issues when the bulletins are released.

30. Microsoft Windows Print Spooler Remote Code Execution Vulnerability
BugTraq ID: 35209
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35209
Summary:
Microsoft Windows is prone to a remote code-execution vulnerability that affects the Print Spooler service.

A remote authenticated attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges, which can result in the complete compromise of affected computers.

31. Microsoft Windows Print Spooler Local Information Disclosure Vulnerability
BugTraq ID: 35208
Remote: No
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35208
Summary:
Microsoft Windows Messenger is prone to a local information-disclosure vulnerability that affects the Print Spooler service.

Successfully exploiting this issue allows attackers to obtain sensitive information that may aid in further attacks.

32. Microsoft Windows Print Spooler 'EnumeratePrintShares()' Remote Stack Buffer Overflow Vulnerability
BugTraq ID: 35206
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35206
Summary:
Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability that affects the Windows Print Spooler.

Exploiting this vulnerability allows attackers to execute arbitrary code with system-level privileges. Failed exploit attempts will likely cause denial-of-service conditions.

33. Microsoft Internet Explorer Cached Content Cross Domain Information Disclosure Vulnerability
BugTraq ID: 35200
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35200
Summary:
Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy.

An attacker can exploit this issue to access local files or content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or may aid in further attacks.

34. Microsoft Internet Explorer (CVE-2009-1141) Uninitialized Memory Remote Code Execution Vulnerability
BugTraq ID: 35198
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35198
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks may cause denial-of-service conditions.

35. Microsoft Word Record Parsing (CVE-2009-0565) Remote Code Execution Vulnerability
BugTraq ID: 35190
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35190
Summary:
Microsoft Word is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.

36. Microsoft Word Record Parsing Length Field Remote Stack Buffer Overflow Vulnerability
BugTraq ID: 35188
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35188
Summary:
Microsoft Word is prone to a stack-based buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.

37. Microsoft Office Works for Windows Document Converters Remote Code Execution Vulnerability
BugTraq ID: 35184
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35184
Summary:
Microsoft Office Works for Windows document converters are prone to a remote code-execution vulnerability because the application fails to properly handle specially crafted files.

An attacker could exploit this issue by enticing a victim to open a malicious '.wps' file.

Successful exploits would allow the attacker to execute arbitrary code in the context of the currently logged-in user.

38. Apple QuickTime PSD Image Buffer Overflow Vulnerability
BugTraq ID: 35168
Remote: Yes
Date Published: 2009-06-01
Relevant URL: http://www.securityfocus.com/bid/35168
Summary:
Apple QuickTime is prone to a buffer-overflow vulnerability.

A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted image.

Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.

This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X.

39. Apple QuickTime Clipping Region (CRGN) Atom Types Heap Overflow Vulnerability
BugTraq ID: 35167
Remote: Yes
Date Published: 2009-06-01
Relevant URL: http://www.securityfocus.com/bid/35167
Summary:
Apple QuickTime is prone to a heap-based buffer-overflow vulnerability.

A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file.

Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.

This issue affects Apple QuickTime running on Microsoft Windows Vista and Windows XP SP3.

40. Apple QuickTime Image Description Atom Sign Extension Vulnerability
BugTraq ID: 35166
Remote: Yes
Date Published: 2009-06-01
Relevant URL: http://www.securityfocus.com/bid/35166
Summary:
Apple QuickTime is prone to a vulnerability that occurs because the bit width of a number is increased without changing its sign in certain image description atoms.

A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted Apple video file.

Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.

This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X.

41. Apple QuickTime JP2 Image Handling Heap Buffer Overflow Vulnerability
BugTraq ID: 35165
Remote: Yes
Date Published: 2009-06-01
Relevant URL: http://www.securityfocus.com/bid/35165
Summary:
Apple QuickTime is prone to a heap-based buffer-overflow vulnerability.

A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file.

Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.

This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X.

42. Apple QuickTime PICT Image Heap Overflow Vulnerability
BugTraq ID: 35164
Remote: Yes
Date Published: 2009-06-01
Relevant URL: http://www.securityfocus.com/bid/35164
Summary:
Apple QuickTime is prone to a heap-based buffer-overflow vulnerability.

A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file.

Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.

This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X.

43. Apple QuickTime MS ADPCM Audio File Heap Buffer Overflow Vulnerability
BugTraq ID: 35163
Remote: Yes
Date Published: 2009-06-01
Relevant URL: http://www.securityfocus.com/bid/35163
Summary:
Apple QuickTime is prone to a heap-based buffer-overflow vulnerability.

A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially AVI crafted file.

Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.

This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X.

44. Apple QuickTime User Atom Data Size Uninitialized Memory Access Remote Code Execution Vulnerability
BugTraq ID: 35162
Remote: Yes
Date Published: 2009-06-01
Relevant URL: http://www.securityfocus.com/bid/35162
Summary:
Apple QuickTime is prone to a remote code-execution vulnerability.

A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file.

Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.

This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X.

45. Apple QuickTime FLC Compression File Heap Overflow Vulnerability
BugTraq ID: 35161
Remote: Yes
Date Published: 2009-06-01
Relevant URL: http://www.securityfocus.com/bid/35161
Summary:
Apple QuickTime is prone to a heap-based buffer-overflow vulnerability.

A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file.

Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.

This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X.

46. Apple QuickTime Sorenson 3 Video File Remote Memory Corruption Vulnerability
BugTraq ID: 35159
Remote: Yes
Date Published: 2009-06-01
Relevant URL: http://www.securityfocus.com/bid/35159
Summary:
Apple QuickTime is prone to a memory-corruption vulnerability.

A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file.

Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.

This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X.

47. Apple iTunes Multiple URI Handler Stack Buffer Overflow Vulnerability
BugTraq ID: 35157
Remote: Yes
Date Published: 2009-06-01
Relevant URL: http://www.securityfocus.com/bid/35157
Summary:
Apple iTunes is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks before copying user-supplied data to an insufficiently sized buffer.

Attackers can leverage this issue to execute arbitrary code with the privileges of the user running the affected application. Failed attacks will likely cause denial-of-service conditions.

48. SafeNet SoftRemote IKE Service Remote Stack Buffer Overflow Vulnerability
BugTraq ID: 35154
Remote: Yes
Date Published: 2009-06-01
Relevant URL: http://www.securityfocus.com/bid/35154
Summary:
SafeNet SoftRemote is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

Versions prior to SoftRemote 10.8.6 are vulnerable.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by VeriSign

VeriSign EV SSL Certificates for your sites. security turn the address bar in high security browsers green which helps your customers know they are safe on your site.

http://ad.doubleclick.net/clk;215510119;37701656;z

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus