34 KBMicrosoft Security Bulletins
August 2009
Prior Updates:
2009
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2008
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2007
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2006
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2005
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
2004
|December
|November
|October
|September
|August
|July
|June
|May
|April
|March
|February
|January
Login to learn more about how Juniper Networks products can protect you from these vulnerabilities. (If you don't already have a login, see Requesting Support.)
August 2009
Microsoft Security Bulletin MS09-036
Vulnerability in ASP.NET Could Allow Denial of Service
Severity: ImportantVulnerabilities:
- Remote Unauthenticated Denial of Service in ASP.NET Vulnerability - CVE-2009-1536
A Denial of Service vulnerability exists in the way ASP.NET manages request scheduling. An attacker could exploit this vulnerability by creating specially crafted anonymous HTTP requests that would cause the affected Web server to become non-responsive until the associated application pool is restarted.
Microsoft Security Bulletin MS09-037
Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution. (973908)
Severity: CriticalVulnerabilities:
- Microsoft Video ActiveX Control Vulnerability - CVE-2008-0015
A remote code execution vulnerability exists in the Microsoft Active Template Library (ATL) due to the function CComVariant::ReadFromStream used in the ATL header. This function does not properly restrict untrusted data read from a stream. This issue leads to reading data directly onto the stack instead of reading it into the area of memory allocated for an array, which could allow a remote, unauthenticated user to perform remote code execution on an affected system. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. - ATL Header Memcopy Vulnerability - CVE-2008-0020
A remote code execution vulnerability exists in the Microsoft Active Template Library (ATL) due to the Load method of the IPersistStreamInit interface. The Load method could allow calls to memcpy with untrusted data, which could allow a remote, unauthenticated user to perform remote code execution on an affected system. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. - ATL Uninitialized Object Vulnerability - CVE-2009-0901
A remote code execution vulnerability exists in the Microsoft Active Template Library (ATL) due to an issue in the ATL headers that could allow an attacker to force VariantClear to be called on a VARIANT that has not been correctly initialized. Because of this, the attacker can control what happens when VariantClear is called during handling of an error by supplying a corrupt stream. This vulnerability only directly affects systems with components and controls installed that were built using Visual Studio ATL. This issue could allow a remote, unauthenticated user to perform remote code execution on an affected system. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. - ATL COM Initialization Vulnerability - CVE-2009-2493
A remote code execution vulnerability exists in the Microsoft Active Template Library (ATL) due to issues in the ATL headers that handle instantiation of an object from data streams. This vulnerability only directly affects systems with components and controls installed that were built using Visual Studio ATL. For components and controls built using ATL, unsafe usage of OleLoadFromStream could allow the instantiation of arbitrary objects which can bypass related security policy, such as kill bits within Internet Explorer. This issue could allow a remote, unauthenticated user to perform remote code execution on an affected system. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. - ATL Object Type Mismatch Vulnerability - CVE-2009-2494
A remote code execution vulnerability exists in the Microsoft Active Template Library (ATL) due to an issue that allows reading a variant from a stream and leaving the variant type read with an invalid variant. The vulnerability is caused by an issue in the ATL header that could allow reading a variant from a stream and leaving the variant type read with an invalid variant. When deleting the variant, it is possible to free unintended areas in memory that could be controlled by an attacker.
Microsoft Security Bulletin MS09-038
Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution (971557)
Severity: CriticalVulnerabilities:
- Malformed AVI Header Vulnerability - CVE-2009-1545
A remote code execution vulnerability exists in the way Microsoft Windows handles specially crafted AVI format files. This vulnerability could allow code execution if a user opened a specially crafted AVI file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Microsoft Security Bulletin MS09-039
Vulnerabilities in WINS Could Allow Remote Code Execution (969883)
Severity: CriticalVulnerabilities:
- WINS Heap Overflow Vulnerability - CVE-2009-1923
A remote code execution vulnerability exists in the Windows Internet Name Service (WINS) due to a buffer overflow caused by incorrect calculation of buffer length when processing specially crafted WINS network packets. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. - WINS Integer Overflow Vulnerability - CVE-2009-1924
A remote code execution vulnerability exists in the default configuration of the Windows Internet Name Service (WINS) due to insufficient validation of data structures within specially crafted WINS network packets received from a trusted WINS replication partner.
Microsoft Security Bulletin MS09-040
Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032)
Severity: ImportantVulnerabilities:
- MSMQ Null Pointer Vulnerability - CVE-2009-1922
An elevation of privilege vulnerability exists in the Windows Message Queuing service (MSMQ) due to a specific flaw in the parsing of an IOCTL request to the Message Queuing service. The MSMQ service improperly checks input data before passing them to the buffer. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Microsoft Security Bulletin MS09-041
Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)
Severity: ImportantVulnerabilities:
- Workstation Service Memory Corruption Vulnerability - CVE-2009-1544
An elevation of privilege vulnerability exists in the Windows Workstation Service due to a possible "Double Free" condition occurring in the service. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Microsoft Security Bulletin MS09-042
Vulnerability in Telnet Could Allow Remote Code Execution (960859)
Severity: ImportantVulnerabilities:
- Telnet Credential Reflection Vulnerability - CVE-2009-1930
A remote code execution vulnerability exists in the Microsoft Telnet service protocol. An attacker who successfully exploited this vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Microsoft Security Bulletin MS09-043
Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638)
Severity: CriticalVulnerabilities:
- Office Web Components Memory Allocation Vulnerability - CVE-2009-0562
A remote code execution vulnerability exists in the Office Web Components ActiveX Control. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. - Office Web Components Heap Corruption Vulnerability - CVE-2009-2496
A remote code execution vulnerability exists in the Office Web Components ActiveX Control. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. - Office Web Components HTML Script Vulnerability - CVE-2009-1136
A remote code execution vulnerability exists in the Office Web Components ActiveX Control. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. - Office Web Components Buffer Overflow Vulnerability - CVE-2009-1534
A remote code execution vulnerability exists in the Office Web Components ActiveX Control. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.
Microsoft Security Bulletin MS09-044
Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927)
Severity: CriticalVulnerabilities:
- Remote Desktop Connection Heap Overflow Vulnerability - CVE-2009-1133
A remote code execution vulnerability exists in the way Microsoft Remote Desktop Connection (formerly known as Terminal Services Client) processes specific parameters returned by the RDP server. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs or view, change, or delete data; or create new accounts with full user rights. - Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability - CVE-2009-1929
A remote code execution vulnerability exists in the Microsoft Terminal Services Client ActiveX control. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user visited that page. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
