Information Protection and Security

A vulnerability has been discovered in the Server Message Block 2 (SMB2) protocol that could allow a remote attacker to take complete control of a vulnerable system. SMB2 is used to provide shared access to files, printers, serial ports, and other miscellaneous communications between network devices. This vulnerability can be exploited by an attacker who sends a specially crafted SMB2 request to a vulnerable system. Successful exploitation of this vulnerability could result in an attacker gaining complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full ...

Two vulnerabilities have been discovered in the Windows Media Format Runtime that could allow a remote attacker to take complete control of a vulnerable system. The Windows Media Format Runtime provides information to applications, such as Windows Media Player. These vulnerabilities can be exploited if a user visits a malicious web page or opens a malicious media file. Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with ...

A vulnerability exists in Dynamic Hyper Text Markup Language (DHTML) Editing Component which may allow an attacker to take complete control of a system. DHTML allows for dynamic content to provide interactive web pages. This vulnerability can be exploited if a user visits a specially crafted web page designed to exploit this vulnerability. Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. SYSTEMS AFFECTED: ...

Two vulnerabilities have been discovered in the Windows Media Format Runtime that could allow a remote attacker to take complete control of a vulnerable system. The Windows Media Format Runtime provides information to applications, such as Windows Media Player. These vulnerabilities can be exploited if a user visits a malicious web page or opens a malicious media file. Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with ...

A vulnerability exists in the way the Jscript scripting engine processes scripts within web pages. Jscript is a scripting language that is used to enhance the user experience when visiting web pages such as enabling animated content to be displayed. This vulnerability can be exploited if a user visits a specially crafted web page designed to exploit this vulnerability. Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with ...

A remote buffer overflow vulnerability has been discovered in Microsoft Internet Information Services (IIS) when using the File Transfer Protocol (FTP) server component. IIS is a set of Internet-based services running on Microsoft Windows servers. Successful exploitation could result in an attacker gaining the same privileges as the FTP service. Depending on the privileges associated, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. It should be noted that there is no patch available for this vulnerability and exploit code is available to the public. SYSTEMS AFFECTED: ...

Multiple vulnerabilities have been discovered in the IBM WebSphere Application Server (WAS). IBM WebSphere Application Server (WAS) is a widely used server solution designed for delivering web-based applications and services over the Internet. WAS can be implemented on many common operating systems. These vulnerabilities may allow attackers to bypass authentication, cause denial-of-service or disclose sensitive information. Successful exploitation may allow malicious users to gain unauthorized access to the system, which may lead to other attacks. SYSTEMS AFFECTED: IBM WebSphere Application Server 6.1.0 IBM WebSphere Application Server 6.1.0 .1 IBM WebSphere Application Server 6.1.0 .14 IBM WebSphere Application Server ...

Lotus Notes is a collaborative software used for accessing e-mail, calendars and other applications. A new vulnerability has been discovered in the client side of this software which can be exploited if a user opens an email and views a malicious Microsoft Excel attachment. Successful exploitation may result in an attacker gaining the same user privileges as the logged on user. Depending on the privileges associated with this user account, an attacker could then install programs; view, change, or delete data; or create new accounts. Failed exploit attempts may result in a denial-of-service condition. SYSTEMS AFFECTED: IBM ...

Multiple vulnerabilities have been discovered in the Adobe ColdFusion and Adobe JRun applications. Adobe ColdFusion is an application development platform that allows organizations to create dynamically-generated web sites. Adobe JRun is an application server that is used for creating Java-based applications. Some of these vulnerabilities allow an attacker to modify the content of a web site. If a user subsequently visits a specifically crafted web page, or opens a specially crafted file, exploitation may occur. Successful exploitation of these vulnerabilities could allow an attacker to access private information or redirect an unsuspecting user to malicious content. Proof-of-concept code ...

A vulnerability has been discovered in the Windows Workstation Service which could allow attackers to execute arbitrary code on affected systems. The Windows Workstation Service is responsible for routing local file requests and remote file and print requests to the appropriate system. Successful exploitation of this vulnerability could allow an attacker to take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. Failed exploit attempts may result in a denial-of-service condition. SYSTEMS AFFECTED: Fully Vulnerable Microsoft Windows XP Service Pack 2 Microsoft Windows ...

A vulnerability has been discovered in the Microsoft Office Web Components Spreadsheet ActiveX control that could allow a remote attacker to take complete control of a vulnerable system. ActiveX controls are small programs or animations that are downloaded or embedded in Web pages which will typically enhance functionality and user experience. Many web design and development tools have built ActiveX support into their products, allowing developers to both create and make use of ActiveX controls in their programs. When vulnerabilities are discovered in ActiveX controls, attackers may use specially crafted web pages to exploit these vulnerabilities. Successful exploitation may ...

Vulnerabilities have been discovered in the Microsoft Remote Desktop Connection which could allow an attacker to take complete control of an affected system. The Microsoft Remote Desktop Connection is a client application which uses the Remote Desktop Protocol (RDP) to connect to a computer for remote access and is included by default with Microsoft Windows installations. Exploitation occurs if a user uses Microsoft Remote Desktop Connection to connect to a malicious RDP server, or if a user visits a specially crafted web page or opens a malicious e-mail attachment which is specifically crafted to take advantage of these vulnerabilities. ...

Multiple vulnerabilities have been discovered in the Windows Internet Name Service (WINS). WINS is an essential core service that translates computer names to numeric addresses which are needed for computers to communicate with each other. Successful exploitation of these vulnerabilities could allow an attacker to take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. Failed exploitation attempts may result in a denial-of-service condition. SYSTEMS AFFECTED: Windows 2000 Server Windows Server 2003 RISK: Government: Large and medium government entities: High Small government entities: ...

A vulnerability has been discovered in the Microsoft Office Web Components Spreadsheet ActiveX control that could allow a remote attacker to take complete control of a vulnerable system. ActiveX controls are small programs or animations that are downloaded or embedded in Web pages which will typically enhance functionality and user experience. Many web design and development tools have built ActiveX support into their products, allowing developers to both create and make use of ActiveX controls in their programs. When vulnerabilities are discovered in ActiveX controls, attackers may use specially crafted web pages to exploit these vulnerabilities. Successful exploitation may ...

Two vulnerabilities have been discovered in the way Microsoft Windows processes specially crafted Audio Visual Interleave (AVI) files. AVI is a common multimedia file format, consisting of audio and video data as well as instructions for displaying this data. These vulnerabilities can be exploited by opening a malicious AVI file received as an email attachment, or by visiting a web site that is hosting the file. Successful exploitation will result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or ...

Vulnerabilities have been discovered in Microsoft Active Template Library (ATL) that could allow an attacker to take complete control of an affected system. ATL is a set of pre-packaged programs that allow developers to create feature-rich applications. Exploitation may occur if a user visits a specifically crafted web page or opens a file which takes advantage of these vulnerabilities. Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with ...

Multiple vulnerabilities have been discovered in the Sun Java Runtime Environment and the Sun Java Development Kit that could allow attackers to take complete control of a vulnerable system. Sun Java Runtime Environment and the Sun Java Development Kit are used to enhance the user experience when visiting web sites. These vulnerabilities may be exploited if a user visits a specifically crafted web page, or opens a specially crafted file. Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user account, an attacker could then ...

Multiple vulnerabilities have been discovered in Mozilla applications. Mozilla provides various Internet applications such as web browsers (Firefox), email clients, and web development tools. These vulnerabilities could allow attackers to execute arbitrary code on affected systems. These vulnerabilities may be exploited if a user visits a specifically crafted web page, or opens a specially crafted file. Successful exploitation of four of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user account, an attacker could then install programs; view, change, or delete data; or create ...