Technical Documentation

Security Center

Microsoft Security Bulletins: Current Updates

October 2005

Microsoft Security Bulletin MS05-044

Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering (905495)

Severity: Moderate
Vulnerabilities:
  • FTP Client Vulnerability - CAN-2005-2126
    A tampering vulnerability exists in the Windows FTP client. This vulnerability could allow an attacker to modify the intended destination location for a file transfer, when a client has manually chosen to transfer a file by using FTP. This vulnerability could allow the attacker to write the file to any file system that is located on an affected system.

Microsoft Security Bulletin MS05-045

Vulnerability in Network Connection Manager Could Allow Denial of Service (905414)

Severity: Moderate
Vulnerabilities:
  • Network Connection Manager Vulnerability - CAN-2005-2307
    A denial of service vulnerability exists that could allow an attacker to send a specially crafted network packet to an affected system. An attacker who successfully exploited this vulnerability could cause the component responsible for managing network and remote access connections to stop responding. If the affected component is stopped due to an attack, it will automatically restart when new requests are received.

Microsoft Security Bulletin MS05-046

Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589)

Severity: Important
Vulnerabilities:
  • Client Service for NetWare Vulnerability - CAN-2005-1985
    A remote code execution vulnerability exists in the Client Service for NetWare (CSNW) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.

Microsoft Security Bulletin MS05-047

Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749)

Severity: Important
Vulnerabilities:
  • Plug and Play Vulnerability - CAN-2005-2120
    A remote code execution and local elevation of privilege vulnerability exists in Plug and Play that could allow an authenticated attacker who successfully exploited this vulnerability to take complete control of the affected system.

Microsoft Security Bulletin MS05-048

Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245)

Severity: Moderate
Vulnerabilities:
  • Collaboration Data Objects Vulnerability - CAN-2005-1987
    A remote code execution vulnerability exists in Collaboration Data Objects that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.

Microsoft Security Bulletin MS05-049

Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725)

Severity: Important
Vulnerabilities:
  • Shell Vulnerability - CAN-2005-2122
    A remote code execution vulnerability exists in Windows because of the way it handles the .lnk file extension. By persuading a user to open a .lnk file with specially-crafted properties an attacker could execute code on an affected system.
  • Shell Vulnerability - CAN-2005-2118
    A remote code execution vulnerability exists in Windows because of the way it handles .lnk file extensions. By persuading a user to view the properties of a specially-crafted .lnk file an attacker could execute code on the affected system.
  • Web View Script Injection Vulnerability - CAN-2005-2117
    A remote code execution vulnerability exists in the way that Web View in Windows Explorer handles certain HTML characters in preview fields. By persuading a user to preview a malicious file, an attacker could execute code. However, user interaction is required to exploit this vulnerability.

Microsoft Security Bulletin MS05-050

Vulnerability in DirectShow Could Allow Remote Code Execution (904706)

Severity: Critical
Vulnerabilities:
  • DirectShow Vulnerability - CAN-2005-2128
    A remote code execution vulnerability exists in DirectShow that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.

Microsoft Security Bulletin MS05-051

Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245)

Severity: Critical
Vulnerabilities:
  • MSDTC Vulnerability - CAN-2005-2119
    A remote code execution and local elevation of privilege vulnerability exists in the Microsoft Distributed Transaction Coordinator that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
  • COM+ Vulnerability - CAN-2005-1978
    A remote code execution and local elevation of privilege vulnerability exists in COM+ that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
  • TIP Vulnerability - CAN-2005-1979
    A denial of service vulnerability exists that could allow an attacker to send a specially crafted network message to an affected system. An attacker could cause the Distributed Transaction Coordinator to stop responding.
  • Distributed TIP Vulnerability - CAN-2005-1980
    A denial of service vulnerability exists that could allow an attacker to send a specially crafted network message to an affected system. An attacker could cause the Microsoft Distributed Transaction Coordinator (MSDTC) to stop responding. This specially crafted message could also be transferred through the affected system to another TIP server. This distributed attack could cause the MSDTC on both systems to stop responding.

Microsoft Security Bulletin MS05-052

Cumulative Security Update for Internet Explorer (896688)

Severity: Critical
Vulnerabilities:
  • COM Object Instantiation Memory Corruption Vulnerability - CAN-2005-2127
    A remote code execution vulnerability exists in the way Internet Explorer instantiates COM objects that are not intended to be instantiated in Internet Explorer. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited the malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

View the privately available information: https://www.juniper.net/customers/csc/ms-bulletins/index.jsp