ActiveWin.com: Support Center: Security Bulletins 2005

Security Bulletin Name, Brief Description	ID Number, Date/Link
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523): This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin.An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.	(MS05-055)
	December 13, 2005
Cumulative Security Update for Internet Explorer (905915): This update resolves several newly-discovered, publicly and privately reported vulnerabilities. Each vulnerability is documented in its own “Vulnerability Details” section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.	(MS05-054)
	December 13, 2005
Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424): This update resolves several newly-discovered, privately reported and public vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights	(MS05-053)
	November 8, 2005
Cumulative Security Update for Internet Explorer (896688): This update resolves a newly-discovered public vulnerability and other privately-reported variations of the same vulnerability. The Microsoft DDS Library Shape Control (Msdds.dll) and other COM objects could, when instantiated in Internet Explorer, allow an attacker to take complete control of an affected system. Because these COM objects were not designed to be instantiated in Internet Explorer, this update sets the kill bit for the affected Class Identifiers (CLSID) in these COM objects. The vulnerability is documented in the “Vulnerability Details” section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.	(MS05-052)
	October 11, 2005
Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400): This update resolves several newly-discovered, privately-reported vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.	(MS05-051)
	October 11, 2005
Vulnerability in DirectShow Could Allow Remote Code Execution (904706): This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.	(MS05-050)
	October 11, 2005
Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725): This update resolves several newly-discovered, privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own "Vulnerability Details" section. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. However, user interaction is required to exploit this vulnerability.	(MS05-049)
	October 11, 2005
Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245): This update resolves a newly-discovered, privately-reported vulnerability that could allow an attacker to run arbitrary code on the system. The vulnerability is documented in the “Vulnerability Details” section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.	(MS05-048)
	October 11, 2005
Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749): A remote code execution and local elevation of privilege vulnerability exists in Plug and Play that could allow an authenticated attacker who successfully exploited this vulnerability to take complete control of the affected system.	(MS05-047)
	October 11, 2005
Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589): A remote code execution vulnerability exists in the Client Service for NetWare (CSNW) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.	(MS05-046)
	October 11, 2005
Vulnerability in Network Connection Manager Could Allow Denial of Service (905414): A denial of service vulnerability exists that could allow an attacker to send a specially crafted network packet to an affected system. An attacker who successfully exploited this vulnerability could cause the component responsible for managing network and remote access connections to stop responding. If the affected component is stopped due to an attack, it will automatically restart when new requests are received.	(MS05-045)
	October 11, 2005
Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering (905495): A tampering vulnerability exists in the Windows FTP client. This vulnerability could allow an attacker to modify the intended destination location for a file transfer, when a client has manually chosen to transfer a file by using FTP. This vulnerability could allow the attacker to write the file to any file system that is located on an affected system.	(MS05-044)
	October 11, 2005
Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423): This update resolves a newly-discovered, privately-reported vulnerability. A vulnerability exists in the Print Spooler service that could allow remote code execution. The vulnerability is documented in the “Vulnerability Details” section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We recommend that customers apply the update immediately.	(MS05-043)
	August 9, 2005
Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587): This update resolves two newly-discovered vulnerabilities, a privately reported vulnerability and a publicly reported vulnerability. Each vulnerability is documented in this bulletin in its own “Vulnerability Details” section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could cause the service responsible for authenticating users in an Active Directory domain to stop responding. We recommend that customers consider applying the security update.	(MS05-042)
	August 9, 2005
Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591): This update resolves a newly-discovered, privately-reported vulnerability. A vulnerability in the Remote Desktop Protocol (RDP) exists that could allow an attacker to cause a system to stop responding. The vulnerability is documented in the “Vulnerability Details” section of this bulletin. We recommend that customers consider applying the security update.	(MS05-041)
	August 9, 2005
Vulnerability in Telephony Service Could Allow Remote Code Execution (893756): This update resolves a newly-discovered, privately-reported vulnerability. A vulnerability exits in the Telephony Application Programming Interface (TAPI) service that could allow remote code execution. The vulnerability is documented in the “Vulnerability Details” section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We recommend that customers apply the update at the earliest opportunity.	(MS05-040)
	August 9, 2005
Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588): This update resolves a newly-discovered, privately-reported vulnerability. A remote code execution vulnerability exists in Plug and Play (PnP) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The vulnerability is documented in the “Vulnerability Details” section of this bulletin. We recommend that customers apply the update immediately.	(MS05-039)
	August 9, 2005
Cumulative Security Update for Internet Explorer (896727): This update resolves several newly-discovered, publicly and privately reported vulnerabilities. Each vulnerability is documented in this bulletin in its own “Vulnerability Details” section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.	(MS05-038)
	August 9, 2005
Vulnerability in JView Profiler Could Allow Remote Code Execution (903235): A remote code execution vulnerability exists in JView Profiler. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited the malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.	(MS05-037)
	July 12, 2005
Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214): A remote code execution vulnerability exists in the Microsoft Color Management Module because of the way that it handles ICC profile format tag validation. An attacker could exploit the vulnerability by constructing a malicious image file that could potentially allow remote code execution if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.	(MS05-036)
	July 12, 2005
Vulnerability in Microsoft Word Could Allow Remote Code Execution (903672): sA remote code execution vulnerability exists in Word that could allow an attacker who successfully exploited this vulnerable to take complete control of the affected system.	(MS05-035)
	July 12, 2005
Cumulative Security Update for ISA Server 2000 (899753): A vulnerability exists in ISA Server 2000 because of the way that it handles malformed HTTP requests. An attacker could exploit the vulnerability by constructing a malicious HTTP request that could potentially allow an attacker to poison the cache of the affected ISA server. As a result, the attacker could either bypass content restrictions and access content that they would normally not have access to or they could cause users to be directed to unexpected content. Additionally, an attacker could use this in combination with a separate Cross Site Scripting vulnerability to obtain sensitive information such as logon credentials.	(MS05-034)
	June 14, 2005
Vulnerability in Telnet Client Could Allow Information Disclosure (896428): An attacker who successfully exploited this information disclosure vulnerability could remotely read the session variables for users who have open connections to a malicious telnet server.	(MS05-033)
	June 14, 2005
Vulnerability in Microsoft Agent Could Allow Spoofing (890046): This is a spoofing vulnerability that exists in the affected products and that could enable an attacker to spoof trusted Internet content. Users could believe that they are accessing trusted Internet content. However, they are accessing malicious Internet content such as a malicious Web site. An attacker would first have to persuade a user to visit the attacker’s site to attempt to exploit this vulnerability.	(MS05-032)
	June 14, 2005
Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (898458): A remote code execution vulnerability exists in Step-by-Step Interactive Training because of the way that Step-by-Step Interactive Training handles bookmark link files. An attacker could exploit the vulnerability by constructing a malicious bookmark link file that could potentially allow remote code execution if a user visited a malicious Web site or opened a malicious attachment that was provided in an e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, user interaction is required to exploit this vulnerability.	(MS05-031)
	June 14, 2005
Cumulative Security Update in Outlook Express (897715): A remote code execution vulnerability exists in Outlook Express when it is used as a newsgroup reader. An attacker could exploit the vulnerability by constructing a malicious newsgroup server that could that potentially allow remote code execution if a user queried the server for news. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, user interaction is required to exploit this vulnerability.	(MS05-030)
	June 14, 2005
Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179): This is a cross-site scripting vulnerability. The cross-site scripting vulnerability could allow an attacker to convince a user to run a malicious script. If this malicious script is run, it would execute in the security context of the user. Attempts to exploit this vulnerability require user interaction. This vulnerability could allow an attacker access to any data on the Outlook Web Access server that was accessible to the individual user.	(MS05-029)
	June 14, 2005
Vulnerability in Web Client Service Could Allow Remote Code Execution (896426): This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the “Vulnerability Details” section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.	(MS05-028)
	June 14, 2005
Vulnerability in Server Message Block Could Allow Remote Code Execution (896422): A remote code execution vulnerability exists in Server Message Block (SMB) that could allow an attacker who successfully exploited this vulnerable to take complete control of the affected system.	(MS05-027)
	June 14, 2005
Vulnerability in HTML Help Could Allow Remote Code Execution (896358): A remote code execution vulnerability exists in HTML Help that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.	(MS05-026)
	June 14, 2005
Cumulative Security Update for Internet Explorer (883939): A remote code execution vulnerability exists in Internet Explorer because of the way that it handles PNG images. An attacker could exploit the vulnerability by constructing a malicious PNG image that could potentially allow remote code execution if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.	(MS05-025)
	June 14, 2005
Vulnerability in Web View Could Allow Remote Code Execution (894320): A remote code execution vulnerability exists in the way that Web View in Windows Explorer handles certain HTML characters in preview fields. By persuading a user to preview a malicious file, an attacker could execute code. However, user interaction is required to exploit this vulnerability.	(MS05-024)
	May 10, 2005
Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169): A vulnerability exists in Microsoft Word that could allow an attacker to run arbitrary code on a users system. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.	(MS05-023)
	April 12, 2005
Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597): A remote code execution vulnerability exists in MSN Messenger that could allow an attacker who successfully exploited this vulnerable to take complete control of the affected system.	(MS05-022)
	April 12, 2005
A remote code execution vulnerability exists in Microsoft Exchange Server that could allow an attacker to connect to the SMTP port on an Exchange server and issue a specially-crafted command that could result in a denial of service or allow an attacker to run malicious programs of their choice in the security context of the SMTP service.	(MS04-021)
	Jul 13, 2004
Cumulative Security Update for Internet Explorer (890923): A remote code execution vulnerability exists in Internet Explorer because of the way that it handles certain DHTML objects. An attacker could exploit the vulnerability by constructing a malicious Web page. This malicious Web page could allow remote code execution if a user visited a malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.	(MS05-020)
	April 12, 2005
Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066): A remote code execution vulnerability exists that could allow an attacker to send a specially crafted IP message to an affected system. An attacker who successfully exploited this vulnerability could cause the affected system to remotely execute code. However, attempts to exploit this vulnerability would most likely result in a denial of service.	(MS05-019)
	April 12, 2005
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859): A denial of service vulnerability exists that could allow an attacker to send a specially crafted request locally to an affected operating system version. An attacker who exploited this vulnerability could cause the affected system to stop responding and automatically restart	(MS05-018)
	April 12, 2005
Vulnerability in Message Queuing Could Allow Code Execution (892944):A remote code execution vulnerability exists in Message Queuing that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.	(MS05-017)
	April 12, 2005
Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086): A remote code execution vulnerability exists in the Windows Shell because of the way that it handles application association. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of the affected system. However, user interaction is required to exploit this vulnerability.	(MS05-016)
	April 12, 2005
Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113) : A remote code execution vulnerability exists in the Hyperlink Object Library. This problem exists because of an unchecked buffer while handling hyperlinks. An attacker could exploit the vulnerability by constructing a malicious hyperlink which could potentially lead to remote code execution if a user clicks a malicious link within a Web site or e-mail message. An attacker who successfully exploited this vulnerability could take complete control of the affected system. User interaction is required to exploit this vulnerability.	(MS05-015)
	February 8, 2005
Cumulative Security Update for Internet Explorer (867282) : A privilege elevation vulnerability exists in Internet Explorer because of the way that Internet Explorer handles drag-and-drop events. An attacker could exploit the vulnerability by constructing a malicious Web page. This malicious Web page could potentially allow an attacker to save a file on the user’s system if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, user interaction is required to exploit this vulnerability.	(MS05-014)
	February 8, 2005
Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (891781) : A cross-domain vulnerability exists in the Microsoft Dynamic HTML (DHTML) Editing Component ActiveX control that could allow information disclosure or remote code execution on an affected system. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited that page. An attacker who successfully exploited this vulnerability could take complete control of an affected system.	(MS05-013)
	February 8, 2005
Vulnerability in OLE and COM Could Allow Remote Code Execution (873333) : A privilege elevation vulnerability exists in the way that the affected operating systems and programs access memory when they process COM structured storage files. This vulnerability could allow a logged on user to take complete control of the system.	(MS05-012)
	February 8, 2005
Vulnerability in Server Message Block Could Allow Remote Code Execution (885250) : A remote code execution vulnerability exists in Server Message Block (SMB) that could allow an attacker who successfully exploited this vulnerable to take complete control of the affected system.	(MS05-011)
	February 8, 2005
Vulnerability in the License Logging Service Could Allow Code Execution (885834): A remote code execution vulnerability exists in the License Logging service that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.	(MS05-010)
	February 8, 2005
Vulnerability in PNG Processing Could Allow Remote Code Execution (890261) : A remote code execution vulnerability exists in Windows Media Player because it does not properly handle PNG files with excessive width or height values. An attacker could try to exploit the vulnerability by constructing a malicious PNG that could potentially allow remote code execution if a user visited a malicious Web site or clicked a link in a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.	(MS05-009)
	February 8, 2005
Vulnerability in Windows Shell Could Allow Remote Code Execution (890047): A privilege elevation vulnerability exists in Windows because of the way that Windows handles drag-and-drop events. An attacker could exploit the vulnerability by constructing a malicious Web page. This malicious Web page could potentially allow an attacker to save a file on the user’s system if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, user interaction is required to exploit this vulnerability.	(MS05-008)
	February 8, 2005
Vulnerability in Windows Could Allow Information Disclosure (888302): This is an information disclosure vulnerability. An attacker who successfully exploited this vulnerability could remotely read the user names for users who have an open connection to an available shared resource.	(MS05-007)
	February 8, 2005
Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks : This is a cross-site scripting and spoofing vulnerability. The cross-site scripting vulnerability could allow an attacker to convince a user to run a malicious script. If this malicious script is run, it would execute in the security context of the user. Attempts to exploit this vulnerability require user interaction. This vulnerability could allow an attacker access to any data on the affected systems that was accessible to the individual user. It may also be possible for an attacker to exploit this vulnerability to modify Web browser caches and intermediate proxy server caches, and put spoofed content in those caches.	(MS05-006)
	February 8, 2005
Vulnerability in Microsoft Office XP could allow Remote Code Execution (873352) : A vulnerability exists in Microsoft Office XP software that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take complete control of the affected system.	(MS05-005)
	February 8, 2005
ASP.NET Path Validation Vulnerability (887219): A canonicalization vulnerability exists in ASP.NET that could allow an attacker to bypass the security of an ASP.NET Web site and gain unauthorized access. An attacker who successfully exploited this vulnerability could take a variety of actions, depending on the specific contents of the website.	(MS05-004)
	February 08, 2005
Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250) : A remote code execution vulnerability exists in the Indexing Service because of the way that it handles query validation. An attacker could exploit the vulnerability by constructing a malicious query that could potentially allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take complete control of an affected system. While remote code execution is possible, an attack would most likely result in a denial of service condition.	(MS05-003)
	January 11, 2005
Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711): A remote code execution vulnerability exists in the way that cursor, animated cursor, and icon formats are handled. An attacker could try to exploit the vulnerability by constructing a malicious cursor or icon file that could potentially allow remote code execution if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.	(MS05-002)
	January 11, 2005
Vulnerability in HTML Help Could Allow Code Execution (890175): A cross-domain vulnerability exists in HTML Help ActiveX control that could allow information disclosure or remote code execution on an affected system. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited that page. An attacker who successfully exploited this vulnerability could take complete control of an affected system.	(MS05-001)
	January 11, 2005