|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
MinorRev: Microsoft Security Bulletin MS03-045 - Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)
From: Russ (Russ.Cooper
RC.ON.CA)
Date: Tue Oct 21 2003 - 20:56:02 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Reason for Revision:
V1.1 (October 17, 2003): Re-issued to advise of a language specific
compatibility issue with some third-party software.
Microsoft Security Bulletin MS03-045:
Buffer Overrun in the ListBox and in the ComboBox Control Could Allow
Code Execution (824141)
Bulletin URL:
http://www.microsoft.com/technet/security/bulletin/MS03-045.asp
Summary:
Version Number: V1.1
Revision Date: 10-17-2003
Impact of Vulnerability: Local Elevation of Privilege
Maximum Severity Rating: Important
Patch(es) Replaced: None
Caveats: Subsequent to the release of this bulletin and the associated
patches, a compatibility problem with some third party software has been
identified with a set of language specific versions of the Windows 2000
Service Pack 4 patch. This problem is unrelated to the security
vulnerability discussed in this bulletin. Customers who have applied the
patch are protected against the vulnerability discussed in this
bulletin. More information can be found in the Technical description and
Frequently asked questions of this bulletin.
CVE Number(s): CAN-2003-065
Tested Software:
Affected Software:
* Microsoft Windows NT Workstation 4.0, Service Pack 6a
<http://www.ntbugtraq.com/link/5EA88ABE-8D53-4E25-959C-E80EB5FD7A91.asp>
* Microsoft Windows NT Server 4.0, Service Pack 6a
<http://www.ntbugtraq.com/link/F3E87075-AAE5-49F4-9D37-24A116296188.asp>
* Microsoft Windows NT Server 4.0, Terminal Server Edition, Service
Pack 6
<http://www.ntbugtraq.com/link/0ADC8D90-2355-49A0-976B-57281B4521C1.asp>
* Microsoft Windows 2000, Service Pack 2
<http://www.ntbugtraq.com/link/01358EAC-F1C5-4CB7-BE3D-64459F4AD3FD.asp>
* Microsoft Windows 2000 Service Pack 3, Service Pack 4
<http://www.ntbugtraq.com/link/379F234D-CE7E-4897-8D29-0764997F1E42.asp>
* Microsoft Windows XP Gold, Service Pack 1
<http://www.ntbugtraq.com/link/ABC764AC-5B7B-4B99-BF3E-F57352E4C507.asp>
* Microsoft Windows XP 64 bit Edition
<http://www.ntbugtraq.com/link/3E7B03BF-2231-4069-B76F-0BD69CF6E1D9.asp>
* Microsoft Windows XP 64 bit Edition Version 2003
<http://www.ntbugtraq.com/link/E4BD7C05-EA0E-49C7-9BDD-ABB496CA87CA.asp>
* Microsoft Windows Server 2003
<http://www.ntbugtraq.com/link/02F97DE4-29DF-4D33-A33B-E7630349E69E.asp>
* Microsoft Windows Server 2003 64 bit Edition
<http://www.ntbugtraq.com/link/E4BD7C05-EA0E-49C7-9BDD-ABB496CA87CA.asp>
Software Not Affected:
* Microsoft Windows Millennium Edition
This email is sent to NTBugtraq automatically as a service to my
subscribers. (v2.0)
Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor
-----
Marcus Ranum's new book "The Myth of Homeland Security" is now out and
is available from http://www.amazon.com/ranum In this hard-hitting
review of the homeland security business, Ranum shows us how the problem
is vastly harder than it's being made to sound, and how special
interests, butt covering, and bureaucracy are threatening to derail any
chance of making progress.
-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]