Insights

Systems Affected These vulnerabilities affect the following versions of Microsoft Internet Explorer: Microsoft Internet Explorer 5.01 Service Pack 2 Microsoft Internet Explorer 5.01 Service Pack 3 Microsoft Internet Explorer 5.01 Service Pack 4 Microsoft Internet Explorer 5.5 Service Pack 2 Microsoft Internet Explorer 6 Microsoft Internet Explorer 6 Service Pack 1 Microsoft Internet Explorer 6 Service Pack 1 (64-Bit Edition) Microsoft Internet Explorer 6 for Windows Server 2003 Microsoft Internet Explorer 6 for Windows Server…

Read More

Systems Affected   Microsoft Windows systems; specifically, some versions of the following programs: Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows 98 Microsoft Windows Millennium Edition Microsoft Internet Explorer 5 Microsoft Internet Explorer 6   Overview   Microsoft has reported two vulnerabilities in the way Internet Explorer processes certain types of images. Attackers may be able to gain control of your machine if you view a malicious image,…

Read More

Systems Affected   Microsoft Windows Systems   Overview   A new variant of the MyDoom virus is spreading through email. In addition to infecting your computer and emailing itself to other machines, the virus may open a backdoor that could make your machine vulnerable to future attacks. Solution Avoid opening email attachments Be sure you know the source of an attachment before opening it. Also remember that it is not enough that the mail originated…

Read More

Systems Affected   Microsoft Windows Systems   Overview   Microsoft has released a Security Bulletin Summary for July, 2004. This summary includes several bulletins that address vulnerabilities in various Windows applications and components. Exploitation of some vulnerabilities can result in the remote execution of arbitrary code by a remote attacker. Details of the vulnerabilities and their impacts are provided below.     Description   The table below provides a reference between Microsoft’s Security Bulletins and…

Read More

Systems Affected   Systems running Internet Explorer and Microsoft Windows   Overview   Microsoft has released an important security update for Internet Explorer (IE). This update greatly reduces the impact of attacks against several vulnerabilities in IE.   Description   Several vulnerabilities in IE could allow a malicious web site or HTML email message to install software on your computer. This software could be used to steal sensitive financial information or perform other actions. Recent…

Read More

Systems Affected   Microsoft Windows systems   Overview   Microsoft has released a security update for Internet Explorer (IE) that disables the ADODB.Stream ActiveX control. This update reduces the impact of attacks against cross-domain vulnerabilities in IE.   Description   A class of vulnerabilities in IE allows malicious script from one domain to execute in a different domain which may also be in a different IE security zone. Attackers typically seek to execute script in…

Read More

Systems Affected ISC DHCP versions 3.0.1rc12 and 3.0.1rc13 Overview Two vulnerabilities in the ISC DHCP allow a remote attacker to cause a denial of the DHCP service on a vulnerable system. It may be possible to exploit these vulnerabilities to execute arbitrary code on the system. Description As described in RFC 2131, “the Dynamic Host Configuration Protocol (DHCP) provides a framework for passing configuration information to hosts on a TCP/IP network.” The Internet Systems Consortium’s…

Read More

Systems Affected   Microsoft Windows systems   Overview   A cross-domain vulnerability in Internet Explorer (IE) could allow an attacker to execute arbitrary code with the privileges of the user running IE.   Description   There is a cross-domain vulnerability in the way IE determines the security zone of a browser frame that is opened in one domain then redirected by a web server to a different domain. A complex set of conditions is involved,…

Read More

Systems Affected   Microsoft Windows systems   Overview   Microsoft Internet Explorer (IE) contains a flaw that could allow attackers to run programs of their choice on your computer.   Description   Microsoft IE uses a cross-domain security model to separate content from different sources. A flaw in the model makes IE vulnerable to a cross-domain violation. Attackers could exploit this flaw to execute programs on your computer. Resolution Apply a patch Micrososft has released…

Read More

Systems Affected Oracle Applications 11.0 (all releases) Oracle E-Business Suite 11i, 11.5.1 through 11.5.8 Overview A vulnerability in the Oracle’s E-Business Suite allows a remote attacker to execute arbitrary script on a vulnerable database system. Exploitation may lead to compromise of the database application, data integrity, or underlying operating system. Description Oracle E-Business Suite is a set of applications and modules that enables an organization to manage customer interactions, deliver services, manufacture products, ship orders,…

Read More