J-Security Center

Microsoft Security Bulletins

October 2006

Prior Updates:

2009 |December |November |October |September |August |July |June |May |April |March |February |January
2008 |December |November |October |September |August |July |June |May |April |March |February |January
2007 |December |November |October |September |August |July |June |May |April |March |February |January
2006 |December |November |October |September |August |July |June |May |April |March |February |January
2005 |December |November |October |September |August |July |June |May |April |March |February |January
2004 |December |November |October |September |August |July |June |May |April |March |February |January
2003 |December |November |October

lock icon Login to learn more about how Juniper Networks products can protect you from these vulnerabilities. (If you don't already have a login, see Requesting Support.)

October 2006

Microsoft Security Bulletin MS06-056

Vulnerability in ASP.NET 2.0 Could Allow Information Disclosure (922770)

Severity: Moderate
Vulnerabilities:
  • .NET Framework 2.0 Cross-Site Scripting Vulnerability - CVE-2006-3436
    A cross-site scripting vulnerability exists in ASP.NET that could allow an attacker to run client-side script on behalf of an user. The script could spoof content, disclose information, or take any action that the user could take on the affected web site. Attempts to exploit this vulnerability require user interaction.

Microsoft Security Bulletin MS06-057

Vulnerability in Windows Explorer Could Allow Remote Execution (923191)

Severity: Critical
Vulnerabilities:
  • Windows Shell Remote Code Execution Vulnerability - CVE-2006-4690
    A remote code execution vulnerability exists in Windows Explorer because of the way it handles the WebViewFolderIcon ActiveX object. This vulnerability could potentially allow remote code execution if a user visited a specially crafted Web site or viewed a specially crafted e-mail message. An attacker could exploit the vulnerability by hosting a web site that contained a web page that was used to exploit this vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Microsoft Security Bulletin MS06-058

Vulnerabilities in Microsoft PowerPoint Could Lead to Remote Code Execution (924163)

Severity: Critical
Vulnerabilities:
  • PowerPoint Malformed Object Pointer Vulnerability - CVE-2006-3435
    A remote code execution vulnerability exists in PowerPoint. An attacker could exploit this vulnerability when Office parses a file with a malformed object pointer. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • PowerPoint Malformed Data Record Vulnerability - CVE-2006-3876
    A remote code execution vulnerability exists in PowerPoint. An attacker could exploit this vulnerability when PowerPoint parses a file with a malformed Data record. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • PowerPoint Record Improper Memory Access Vulnerability - CVE-2006-3877
    A remote code execution vulnerability exists in PowerPoint and could be exploited when PowerPoint opens a specially crafted file. Such a file might be included in an e-mail attachment or hosted on a malicious web site. An attacker could exploit the vulnerability by constructing a specially crafted PowerPoint file that could allow remote code execution. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • PowerPoint Malformed Record Vulnerability - CVE-2006-4694
    A remote code execution vulnerability exists in PowerPoint and could be exploited when PowerPoint opens a specially crafted file. Such a file might be included in an e-mail attachment or hosted on a malicious web site. An attacker could exploit the vulnerability by constructing a specially crafted PowerPoint file that could allow remote code execution. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

Microsoft Security Bulletin MS06-059

Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)

Severity: Critical
Vulnerabilities:
  • Excel Malformed DATETIME Record Vulnerability - CVE-2006-2387
    A remote code execution vulnerability exists in Excel. An attacker could exploit this vulnerability when Excel parses a file and processes a malformed DATETIME record. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • Excel Malformed STYLE Record Vulnerability - CVE-2006-3431
    A remote code execution vulnerability exists in Excel. An attacker could exploit this vulnerability when Excel parses a file and processes a malformed STYLE record. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • Excel Handling of Lotus 1-2-3 File Vulnerability - CVE-2006-3867
    A remote code execution vulnerability exists in Excel. An attacker could exploit this vulnerability when Excel handles a Lotus 1-2-3 file. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • Malformed COLINFO Record Vulnerability - CVE-2006-3875
    A remote code execution vulnerability exists in Excel. An attacker could exploit this vulnerability when Excel parses a file and processes a malformed COLINFO record. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

Microsoft Security Bulletin MS06-060

Vulnerability in Microsoft Word Could Allow Remote Code Execution (924554)

Severity: Critical
Vulnerabilities:
  • Microsoft Word Vulnerability - CVE-2006-3647
    A remote code execution vulnerability exists in Word. An attacker could exploit this vulnerability when Word parses a file with a malformed string. Such a specially crafted file might be included as an e-mail attachment or hosted on a malicious web site. Viewing or previewing a malformed e-mail message in Outlook could not lead to exploitation of this vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Word file that could allow remote code execution. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • Microsoft Word Mail Merge Vulnerability - CVE-2006-3651
    A remote code execution vulnerability exists in Microsoft Word, and could be exploited when Word opens a specially crafted mail merge file. Such a specially crafted file might be included as an e-mail attachment or hosted on a malicious web site. Viewing or previewing a malformed e-mail message in an affected version of Outlook could not lead to exploitation of this vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Word file that could allow remote code execution. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • Microsoft Word Malformed Stack Vulnerability - CVE-2006-4534
    A remote code execution vulnerability exists in Microsoft Word, and could be exploited when Word opens a specially crafted mail merge file. Such a specially crafted file might be included as an e-mail attachment or hosted on a malicious web site. Viewing or previewing a malformed e-mail message in an affected version of Outlook could not lead to exploitation of this vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Word file that could allow remote code execution. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • Microsoft Word for Mac Vulnerability - CVE-2006-4693
    A remote code execution vulnerability exists in Word for Mac. An attacker could exploit this vulnerability when Word for Mac parses a file with a malformed string. Such a specially crafted file might be included as an e-mail attachment or hosted on a malicious web site. Viewing or previewing a malformed e-mail message in Outlook could not lead to exploitation of this vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Word file that could allow remote code execution. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

Microsoft Security Bulletin MS06-061

Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191)

Severity: Critical
Vulnerabilities:
  • Microsoft XML Core Services Vulnerability - CVE-2006-4685
    A vulnerability exists in Microsoft XML Core Services that could allow for information disclosure because the XMLHTTP ActiveX control incorrectly interprets an HTTP server-side redirect. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially lead to information disclosure if a user visited that page or clicked a link in a specially crafted e-mail message. An attacker who successfully exploited this vulnerability could access content from another domain retrieved using the credentials of the user browsing the Web at the client. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. However, user interaction is required to exploit this vulnerability.
  • XSLT Buffer Overrun Vulnerability - CVE-2006-4686
    A vulnerability exists in XSLT processing that could allow remote code execution on an affected system. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited that page. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Microsoft Security Bulletin MS06-062

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)

Severity: Critical
Vulnerabilities:
  • Office Improper Memory Access Vulnerability - CVE-2006-3434
    A remote code execution vulnerability exists in Office. An attacker could exploit this vulnerability when Office parses a file with a malformed string. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • Office Malformed Chart Record Vulnerability - CVE-2006-3650
    A remote code execution vulnerability exists in Office. An attacker could exploit this vulnerability when Office parses a file with a malformed chart record. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • Office Malformed Record Memory Corruption Vulnerability - CVE-2006-3864
    A remote code execution vulnerability exists in Office. An attacker could exploit this vulnerability when Office parses a file with a malformed record. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • Microsoft Office Smart Tag Parsing Vulnerability - CVE-2006-3868
    A remote code execution vulnerability exists in Microsoft Office, and could be exploited when Office opens a specially crafted file and parses a malformed Smart Tag. Such a specially crafted file might be included as an e-mail attachment or hosted on a malicious web site. Viewing or previewing a malformed e-mail message in Outlook could not lead to exploitation of this vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Office file that could allow remote code execution. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

Microsoft Security Bulletin MS06-063

Vulnerability in Server Service Could Allow Denial of Service (923414)

Severity: Important
Vulnerabilities:
  • Server Service Denial of Service Vulnerability- CVE-2006-3942
    A denial of service vulnerability exists in the Server service because of the way it handles certain network messages. An attacker could exploit the vulnerability by sending a specially crafted network message to a system running the Server service. An attacker who successfully exploited this vulnerability could cause the system to stop responding.
  • SMB Rename Vulnerability - CVE-2006-4696
    A denial of service vulnerability exists in the Server service because of the way it handles certain network messages. An attacker could exploit the vulnerability sending a specially crafted network message to a system running the Server service. An attacker who successfully exploited this vulnerability could cause the system to stop responding.

Microsoft Security Bulletin MS06-064

Vulnerability in TCP-IP IPv6 Could Result in Denial of Service (922819)

Severity: Low
Vulnerabilities:
  • ICMP Connection Reset Vulnerability - CVE-2004-0790
    A denial of service vulnerability exists within the IPv6 implementation that could allow an attacker to send a specially crafted Internet Control Message Protocol (ICMP) message to an affected system. An attacker who successfully exploited this vulnerability could cause the affected system to reset existing TCP connection.
  • TCP Connection Reset Vulnerability - CVE-2004-0230
    A denial of service vulnerability exists within the IPv6 implementation that could allow an attacker to send a specially crafted TCP message to an affected system. An attacker who successfully exploited this vulnerability could cause the affected system to reset existing TCP connections.
  • Spoofed Connection Request Vulnerability - CVE-2005-0688
    A denial of service vulnerability exists within the IPv6 implementation that could allow an attacker to send a specially crafted TCP/IP message to an affected system. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding.

Microsoft Security Bulletin MS06-065

Vulnerability in Windows Object Packager Could Allow Remote Execution (924496)

Severity: Moderate
Vulnerabilities:
  • Object Packager Dialogue Spoofing Vulnerability - CVE-2006-4692
    A remote code execution vulnerability exists in Windows Object Packager that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. A remote code execution vulnerability exists in Object Packager because of the way that it handles file extensions. An attacker could exploit the vulnerability by constructing a specially crafted file that could potentially allow remote code execution if a user visited a specially crafted Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, significant user interaction is required to exploit this vulnerability.