AUS-CITY Message Forums

AUS-CITY Group Forums

Come explore with us!

Please also visit: IDB.COM.AU - IDB.INFO - IDB.ASIA - IDB.AU
Race Control News and Results Feed
YouTube David 'The Captain' - YouTube Wesley 'Iceman' - YouTube Alisa 'Black Mamba'
Twitch.tv David 'The Captain' - Twitch.tv Wesley 'Iceman' - Twitch.tv Alisa 'Black Mamba'
Odysee - 'F1 - The Captain' - Oydsee - 'FiA - Iceman' - Odysee - 'KingScaron'
Join our discord server - 'Formula Racing Club'
Join our discord server - 'F1 Formula Racing Club'
Join our telegram server - 'Track Limits'

Search AUS-CITY Search Worldwide

Register Log In

AUS-CITY Forums Computers & Software Security Bulletins and Virus Alerts US-CERT Technical Cyber Security Alert TA04-212A -- Critical Vulnerabilities in Micro

Who's Online Now

0 members (), 807 guests, and 28 robots.

Key: Admin, Global Mod, Mod

Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.

KSC PAD 39A

PAD 39A

KSC PAD 39B

PAD 39B

TLE DATA

IDB.COM.AU
For all your TLE downloads.

May
S	M	T	W	T	F	S
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

Today's Birthdays

There are no members with birthdays on this day.

AUS-CITY Recent Posts

'It almost feels unreal': NASA astronauts excited for 1st crewed Boeing Starliner launch May 6
by Webmaster - Wed 01 May 2024 08:00:PM

NASA prepares for intense sun storms on Mars during 'solar maximum'
by Webmaster - Wed 01 May 2024 07:00:PM

James Webb Space Telescope forecasts clouds of melted rock on this blisteringly hot exoplanet
by Webmaster - Wed 01 May 2024 06:30:PM

A Switzerland-size hole opened in Antarctica's sea ice in 2016-17. Now we know why
by Webmaster - Wed 01 May 2024 06:01:PM

Lego Marvel The Amazing Spider-Man review
by Webmaster - Wed 01 May 2024 05:45:PM

Solar maximum: What is it and when will it occur?
by Webmaster - Wed 01 May 2024 05:00:PM

Yellowstone Lake's weird resistance to climate change could be about to crack
by Webmaster - Wed 01 May 2024 04:00:PM

NASA's James Webb Space Telescope mission — Live updates
by Webmaster - Wed 01 May 2024 03:46:PM

Best sci-fi movies with 90%+ on Rotten Tomatoes
by Webmaster - Wed 01 May 2024 03:29:PM

Astronomers close in on the mystery of the erupting Orion star system (video)
by Webmaster - Wed 01 May 2024 03:00:PM

AUS-CITY Latest Photos

Art By MA

Art By MA
by Alisa, July 27

"5greenheart" by MA

"5greenheart" by MA
by Alisa, July 27

"3moons" by MA

"3moons" by MA
by Alisa, July 27

Art By MA

Art By MA
by Alisa, July 27

Art By MA

Art By MA
by Alisa, July 27

Popular Topics(Views)

4,735,730 The most hated Government Department

3,124,117 UBI, Updates and the rest :-)

840,488 Access to new forum UBI and PBS Private

700,115 CYPRUS SAT ON AIR CH60

519,607 What can we expect of TV Plus ?

511,339 Department of Child Safety's most shameful office

432,627 UBI vs DigiTurk - Turkish Package Changes

346,910 TARBS WAS SCREWED!!!!

339,755 Moderate 4.4 quake hits near Gisborne, Gisborne District, New Zealand

325,778 aussiefrogs.com offline

AUS-CITY Earthquake Map

World Earthquake Map

AUS-CITY Advertisements

Print Thread

Rate Thread

US-CERT Technical Cyber Security Alert TA04-212A -- Critical Vulnerabilities in Micro #27969 Sun 01 Aug 2004 08:41:AM
Joined: Feb 2001 Posts: 3,536 Ontario, Canada VA3DBJ OP Mission Commander
OP VA3DBJ Mission Commander Joined: Feb 2001 Posts: 3,536 Ontario, Canada	US-CERT Technical Cyber Security Alert TA04-212A -- Critical Vulnerabilities in Microsoft Windows<br /><br />-----BEGIN PGP SIGNED MESSAGE-----<br />Hash: SHA1<br /><br />Critical Vulnerabilities in Microsoft Windows<br /><br /> Original release date: July 30, 2004<br /> Last revised: --<br /> Source: US-CERT<br /><br />Systems Affected<br /><br /> These vulnerabilities affect the following versions of Microsoft<br /> Internet Explorer:<br /> * Microsoft Internet Explorer 5.01 Service Pack 2<br /> * Microsoft Internet Explorer 5.01 Service Pack 3<br /> * Microsoft Internet Explorer 5.01 Service Pack 4<br /> * Microsoft Internet Explorer 5.5 Service Pack 2<br /> * Microsoft Internet Explorer 6<br /> * Microsoft Internet Explorer 6 Service Pack 1<br /> * Microsoft Internet Explorer 6 Service Pack 1 (64-Bit Edition)<br /> * Microsoft Internet Explorer 6 for Windows Server 2003<br /> * Microsoft Internet Explorer 6 for Windows Server 2003 (64-Bit<br /> Edition)<br /><br /> These vulnerabilities affect the following versions of the Microsoft<br /> Windows operating system:<br /> * Microsoft Windows NT Workstation 4.0 Service Pack 6a<br /> * Microsoft Windows NT Server 4.0 Service Pack 6a<br /> * Microsoft Windows NT Server 4.0 Terminal Server Edition Service<br /> Pack 6<br /> * Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000<br /> Service Pack 3, Microsoft Windows 2000 Service Pack 4<br /> * Microsoft Windows XP and Microsoft Windows XP Service Pack 1<br /> * Microsoft Windows XP 64-Bit Edition Service Pack 1<br /> * Microsoft Windows XP 64-Bit Edition Version 2003<br /> * Microsoft Windows Server 2003<br /> * Microsoft Windows Server 2003 64-Bit Edition<br /> * Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),<br /> and Microsoft Windows Millennium Edition (Me)<br /><br /> Please note that these vulnerabilities my affect any software that<br /> uses the Microsoft Windows operating system to render HTML or<br /> graphics.<br /><br />Overview<br /><br /> Microsoft Internet Explorer contains three vulnerabilities that may<br /> allow arbitrary code to be executed. The privileges gained by a remote<br /> attacker depend on the software component being attacked. For example,<br /> a user browsing to an unsafe web page using Internet Explorer could<br /> have code executed with the same privilege as the user. These<br /> vulnerabilities have been reported to be relatively straightforward to<br /> exploit; even vigilant users visiting a malicious website, viewing a<br /> malformed image, or reading an HTML-rendered email message may be<br /> affected.<br /><br />I. Description<br /><br /> Microsoft Security Bulletin MS04-025 describes three vulnerabilities<br /> in Internet Explorer; more detailed information is available in the<br /> individual vulnerability notes. Note that in addition to Internet<br /> Explorer, any applications that use the Internet Explorer HTML<br /> rendering engine to interpret HTML documents may present additional<br /> attack vectors for these vulnerabilities.<br /><br /> VU#266926 - Microsoft Internet Explorer contains an integer overflow<br /> in the processing of bitmap files<br /><br /> An integer overflow vulnerability has been discovered in the way that<br /> Internet Explorer processes bitmap image files. This vulnerability<br /> could allow a remote attacker to execute arbitrary code on a<br /> vulnerable system by introducing a specially crafted bitmap file.<br /> (Other resources: CAN-2004-0566)<br /><br /> VU#685364 - Microsoft Internet Explorer contains a double-free<br /> vulnerability in the processing of GIF files<br /><br /> A double-free vulnerability has been discovered in the way that<br /> Internet Explorer processes GIF image files. When processing GIF image<br /> files, the routine responsible for freeing memory may attempt to free<br /> the same memory reference more than once. Deallocating the already<br /> freed memory can lead to memory corruption, which could cause a<br /> denial-of-service condition or potentially be leveraged by an attacker<br /> to execute arbitrary code.<br /> (Other resources: CAN-2003-1048)<br /><br /> VU#713878 - Microsoft Internet Explorer does not properly validate<br /> source of redirected frame Microsoft Internet Explorer does not<br /> properly display URLs<br /><br /> As previously discussed in TA-163A, Microsoft Internet Explorer does<br /> not adequately validate the security context of a frame that has been<br /> redirected by a web server. An attacker could exploit this<br /> vulnerability to evaluate script in different security domains. By<br /> causing script to be evaluated in the Local Machine Zone, the attacker<br /> could execute arbitrary code with the privileges of the user running<br /> Internet Explorer. For a detailed technical analysis of this<br /> vulnerability, please see VU#713878.<br /> (Other resources: CAN-2004-0549)<br /><br />II. Impact<br /><br /> Remote attackers exploiting the vulnerabilities described above may<br /> execute arbitrary code with the privileges of the user running the<br /> software components being attacked (e.g., Internet Explorer).<br /> Attackers can exploit these vulnerabilities by convincing a victim<br /> user to visit a malicious website, view a malformed image, or read an<br /> HTML-rendered email message. No user intervention is required beyond<br /> viewing an attacker-supplied HTML document or image. For further<br /> details, please see the individual vulnerability notes.<br /><br />III. Solution<br /><br />Apply a patch from Microsoft<br /><br /> Apply the appropriate patch as specified by Microsoft Security<br /> Bulletin MS04-025. Please note that this bulletin provides a<br /> cumulative update that replaces all previously released updates for<br /> Internet Explorer, including those provided in MS04-004. However,<br /> users who have applied hotfixes released after MS04-004 will need to<br /> install MS04-025. Please see the FAQ section of Microsoft's advisory<br /> for more details.<br /><br />Follow Microsoft recommendations for workarounds<br /><br /> Microsoft provides several workarounds for each of these<br /> vulnerabilities. Please consult the appropriate section(s) of<br /> Microsoft Security Bulletin MS04-025.<br /><br />Appendix A. Vendor Information<br /><br /> This appendix contains information provided by vendors for this<br /> advisory. As vendors report new information to US-CERT, we will update<br /> this section and note the changes in our revision history. If a<br /> particular vendor is not listed below, we have not received their<br /> comments.<br /><br />Microsoft<br /><br /> Please see Microsoft Security Bulletin MS04-025.<br /><br />Appendix B. References<br /><br /> * US-CERT Technical Cyber Security Alert TA04-163A -<br /> http://www.us-cert.gov/cas/techalerts/TA04-163A.html<br /> * US-CERT Cyber Security Alert TA04-212A -<br /> http://www.us-cert.gov/cas/alerts/SA04-212A.html<br /> * US-CERT Vulnerability Note VU#266926 -<br /> http://www.kb.cert.org/vuls/id/266926<br /> * US-CERT Vulnerability Note VU#685364 -<br /> http://www.kb.cert.org/vuls/id/685364<br /> * US-CERT Vulnerability Note VU#713878 -<br /> http://www.kb.cert.org/vuls/id/713878<br /> * Microsoft Security Bulletin MS04-025 -<br /> http://microsoft.com/technet/security/bulletin/MS04-025.asp><br /> * Microsoft KB Article 867801 -<br /> http://support.microsoft.com/?id=867801<br /> * Microsoft KB Article 871260 -<br /> http://support.microsoft.com/?id=871260<br /> * Microsoft KB Article 875345 -<br /> http://support.microsoft.com/?id=875345<br /> * CVE CAN-2004-0566 -<br /> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0566><br /> * CVE CAN-2003-1048 -<br /> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1048<br /> * CVE CAN-2004-0549 -<br /> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0549<br /> _________________________________________________________________<br /><br /> Feedback can be directed to the US-CERT Technical Staff.<br /> _________________________________________________________________<br /><br /> Copyright 2004 Carnegie Mellon University. Terms of use<br /><br /> Revision History<br /><br /> Jul 30, 2004: Initial release<br />-----BEGIN PGP SIGNATURE-----<br />Version: GnuPG v1.2.1 (GNU/Linux)<br /><br />iD8DBQFBCuknXlvNRxAkFWARAvSVAKC7vHp7n0CsHHs1zrPektl2gU8jiACdGJ1U<br />O3zPilFLF7HxcJ2yD+WM/6s=<br />=F39s<br />-----END PGP SIGNATURE-----

AUS-CITY Advertisements

UBB Central

CMS The Best Conveyancing solicitors conveyancing quotes throughout the UK

For any webhosting enquiries please email webmaster@aus-city.com

Moderated by VA3DBJ, Webmaster

Hop To

Link Copied to Clipboard

Rtuneion, JohnReid, nguyenthanhthuon, Rug_Rig_Fitness, Shelly
2,957 Registered Users

Pictures

Latest SOHO Solar Image

The latest solar image from the Solar and Heliospheric Observatory (SOHO)

NOAA / Space Weather Prediction Center

NOAA / Space Weather Prediction Center

NOAA / Space Weather Prediction Center

Live Web Cam's

Live Sydney Harbour Bridge Looking South

AUS-CITY Live Weather

Top Posters(30 Days)

Webmaster 3,074

Alisa 528

Forum Statistics

Forums60

Topics684,854

Posts719,465

Members2,957

Most Online3,142
Jan 16th, 2023

Top Posters

Webmaster 381,903

Alisa 64,175

Jedi Knight 4,142

reuder 557

ShaRp 408

Flux 208

WantsJustice 148

HQSS 138

Copyright 1996 - 2023 by David Cottle. Designed by David Bate Jr. All Rights Reserved.
By using this forum, the user agrees not to transfer any data or technical information received under the agreement, to any other entity without the express approval of the AUS-CITY Forum Admins and/or authors of individual posts (Forum Admins and DoD/USSPACECOM for the analysis of satellite tracking data).

Two-line elements (TLE) and all other satellite data presented and distributed via this forum and e-mail lists of AUS-CITY are distributed with permission from DoD/USSTRATCOM.

UBB Central

Reprise Hosting

Powered by UBB.threads™ PHP Forum Software 7.7.5