Top: Advisories: Windows

• CA-99-07 IIS Buffer Overflow
  There is a buffer overflow vulnerability in Microsoft Internet Information Server (IIS) 4.0. A tool to exploit this vulnerability has been publicly released.
  http://www.cert.org/advisories/CA-99-07-IIS-Buffer-Overflow.html
• Code Red Worm
  A computer worm that spreads fast on Microsoft operating systems and causes widespread Internet slowdowns could make another ugly appearance soon, government and corporate anti-virus experts warned Monday.
  http://www.cnn.com/2001/TECH/internet/07/30/code.red/index.html
• InfoWorld: Security bug hits Microsoft Java virtual machine
  "A bug in Microsoft's Java virtual machine (JVM), a part of Internet Explorer 4.0 and 5.0, could give hackers complete control of users' Windows systems, a group of security experts said Monday.
  http://www.infoworld.com/cgi-bin/displayStory.pl?990830.enjavaflaw.htm
• J-064: ActiveX Controls, Scriptlet.typlib & Eyedog, Vulnerabilities
  Microsoft has identified vulnerabilities in two ActiveX `` controls, Scriptlet.typlib & Eyedog.
  http://ciac.llnl.gov/ciac/bulletins/j-064.shtml
• J-070: Microsoft Windows 95 and 98 Telnet Client Vulnerability
  A vulnerability was identified with the Telnet client that `` ships as part of Microsoft Windows 95 and 98 that may allow a `` web page visited by the user to run arbitrary code on the `` user's computer.
  http://ciac.llnl.gov/ciac/bulletins/j-070.shtml
• K-059: Microsoft "DTS Password" Vulnerability
  Execute permission checks are not handled properly. A malicious `` user may run a temporary stored database procedure, which can `` execute a permanent stored database procedure. Unauthorized `` access to the SQL database can be achieved.
  http://ciac.llnl.gov/ciac/bulletins/k-059.shtml
• K-061: Microsoft "Office HTML" & "IE" Script Vulnerabilities
  Security vulnerabilities ("Office HTML") have been found in `` Office 2000 (Excel and PowerPoint) and in PowerPoint 97. `` Internet Explorer also has a vulnerability ("IE") that can be `` exploited using Access.
  http://ciac.llnl.gov/ciac/bulletins/k-061.shtml
• Microsoft "Encapsulated SMTP Address" Vulnerability (J-056)
  Microsoft has released a patch that eliminates a security `` vulnerability in Microsoft(r) Exchange(r) Server.
  http://www.ciac.org/ciac/bulletins/j-056.shtml
• Microsoft "Malformed HTTP Request Header" Vulnerability (J-058)
  
  http://www.ciac.org/ciac/bulletins/j-058.shtml
• MS00-020: Patch Available for "Desktop Separation " Vulnerability
  Microsoft has released a patch that eliminates a security vulnerability in Microsoft® Windows® 2000. The vulnerability could allow a malicious user to gain additional privileges on a machine that he could log onto at the keyboard.
  http://www.microsoft.com/technet/security/bulletin/ms00-020.asp

[ 1 2 3 4 5 6 ]