FrSIRT - Unpatched MS Vulnerabilities ( Microsoft Internet Explorer, Windows, Office, Excel, Powerpoint ...)

French Security Incident Response Team

English

Unpatched Microsoft Vulnerabilities

FrSIRT Advisories / Unpatched Microsoft Vulnerabilities :

13.05.2008 : Microsoft Internet Explorer DisableCachingOfSSLPages Weakness

18.04.2008 : Microsoft Windows Data Handling Privilege Escalation Vulnerability

25.03.2008 : Microsoft Internet Explorer Request Splitting and Smuggling Vulnerabilities

21.03.2008 : Microsoft Windows Vista AutoRun Security Bypass Weakness

21.01.2008 : Microsoft Visual Basic DSR File Processing Buffer Overflow Vulnerabilities

04.12.2007 : Microsoft Web Proxy Auto-Discovery Information Disclosure Vulnerability

18.09.2007 : Microsoft Windows CFileFind Class "FindFile()" Buffer Overflow Vulnerability

13.08.2007 : Microsoft DirectX Media SDK "SourceUrl" Remote Buffer Overflow Vulnerability

06.06.2007 : Microsoft Windows GDI+ Library ICO Header Handling Denial of Service Vulnerability

30.03.2007 : Microsoft Windows Vista ATI Radeon Kernel Mode Driver Denial of Service Vulnerability

27.03.2007 : Microsoft Windows Web Proxy Automatic Discovery (WPAD) Traffic Routing Vulnerability

20.03.2007 : Microsoft Windows "Ndistapi.sys" Device Driver Local Denial of Service Vulnerability

15.03.2007 : Microsoft Internet Explorer "navcancl.htm" Cross Site Scripting and Phishing Vulnerability

26.02.2007 : Microsoft Internet Explorer UTF-7 Charset Inheritance Cross-Site Scripting Vulnerability

23.02.2007 : Microsoft Windows "ReadDirectoryChangesW()" Information Disclosure Weakness

31.01.2007 : Microsoft Windows Mobile Internet Explorer and Pictures and Videos Denial of Service

23.01.2007 : Microsoft Visual Studio Resource File Handling Client-Side Buffer Overflow Vulnerability

26.12.2006 : Microsoft Windows Workstation Service "NetrWkstaUserEnum()" Denial of Service Issue

17.12.2006 : Microsoft Windows Media Player MIDI File Format Handling Denial of Service Vulnerability

17.12.2006 : Microsoft Project Server 2003 "pdsrequest.asp" File Information Disclosure Vulnerability

02.12.2006 : Microsoft Windows Print Spooler Service "GetPrinterData" Denial of Service Vulnerability

30.10.2006 : Microsoft Windows NAT Helper Components DNS Denial of Service Vulnerability

13.10.2006 : Microsoft PowerPoint Invalid Container Object Client-Side Denial of Service Vulnerability

07.08.2006 : Microsoft Windows GDI Library WMF Image Handling Remote Denial of Service Vulnerability

02.08.2006 : Microsoft Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability

02.08.2006 : Microsoft Windows GDI Plus Library Image Handling Remote Denial of Service Vulnerability

25.07.2006 : Microsoft Internet Explorer Native Function Iteration Client-Side Denial of Service Vulnerability

25.07.2006 : Microsoft Internet Explorer Forms ListBox and ComboBox Denial of Service Vulnerability

25.07.2006 : Microsoft Internet Explorer "ASFSourceMediaDescription" Denial of Service Vulnerability

25.07.2006 : Microsoft Internet Explorer HTML Help Control "HHCtrl.ocx" Denial of Service Vulnerability

21.07.2006 : Microsoft Internet Explorer "Content-Type" Header Handling Denial of Service Vulnerability

21.07.2006 : Microsoft Internet Explorer CEnroll Object Handling Remote Denial of Service Vulnerability

21.07.2006 : Microsoft Internet Explorer Outlook View Control Client-Side Denial of Service Vulnerability

19.07.2006 : Microsoft Internet Explorer Office Web Components Remote Denial of Service Vulnerability

17.07.2006 : Microsoft Internet Explorer DirectX Image Transform Object Denial of Service Vulnerability

17.07.2006 : Microsoft Internet Explorer "MHTMLFile" Object Client-Side Denial of Service Vulnerability

15.07.2006 : Microsoft PowerPoint Presentation Handling Multiple Memory Corruption and DoS Vulnerabilities

15.07.2006 : Microsoft Internet Explorer "FolderItem" Object Access Remote Denial of Service Vulnerability

15.07.2006 : Microsoft Works File Handling Multiple Client-Side Memory Corruption and DoS Vulnerabilities

13.07.2006 : Microsoft Internet Explorer DirectX Image Transform Object Denial of Service Vulnerability

12.07.2006 : Microsoft Internet Explorer "TriEditDocument" Object Remote Denial of Service Vulnerability

11.07.2006 : Microsoft Internet Explorer HTML Editing Component Denial of Service Vulnerability

10.07.2006 : Microsoft Internet Explorer DirectX Transform Control Denial of Service Vulnerability

09.07.2006 : Microsoft Office Object Library "LsCreateLine()" Improper Memory Access Vulnerability

09.07.2006 : Microsoft Internet Explorer "DirectAnimation" Control Denial of Service Vulnerability

09.07.2006 : Microsoft Internet Explorer Remote Data Service Object Denial of Service Vulnerability

07.07.2006 : Microsoft Internet Explorer "appendChild()" Client-Side Denial of Service Vulnerability

06.07.2006 : Microsoft Internet Explorer Structured Graphics Control Denial of Service Vulnerability

03.07.2006 : Microsoft Internet Explorer Data Access ActiveX Remote Denial of Service Vulnerability

06.06.2006 : Microsoft Internet Explorer Keystroke Events Handling Arbitrary File Upload Issue

10.05.2006 : Microsoft Windows Infotech Storage System Library Heap Corruption Vulnerability

27.04.2006 : Microsoft Internet Explorer ActiveX Control Dialog Box Security Bypass Vulnerability

27.04.2006 : Microsoft Products "mhtml" Cross Domain Information Disclosure Vulnerability

26.04.2006 : Microsoft Office 2003 "mailto:" URI Handler Arbitrary File Attachment Weakness

05.03.2006 : Microsoft Visual Studio "dbp" and "sln" File Handling Buffer Overflow Issue

13.02.2006 : Microsoft Internet Explorer Drag and Drop Events Timing Vulnerability

06.02.2006 : Microsoft HTML Help Workshop Multiple File Handling Buffer Overflow Vulnerabilities

11.01.2006 : Microsoft Visual Studio "UserControl.Load" Code Execution Vulnerability

10.01.2006 : Microsoft Windows Metafile Handling Denial of Service Vulnerabilities

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy