A quick little, "where are we now" review.
Initial July Microsoft announcement: http://www.microsoft.com/technet/security/bulletin/ms06-jul.mspx MS06-033: Vulnerability in ASP.NET Could Allow Information Disclosure (917283) CVE-2006-1300 CVSS base: 2.3 MS06-034: Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution (917537) CVE-2006-0026 CVSS base: 4.2 initial ISC announement: http://isc.sans.org/diary.php?storyid=1473 reported to have some patch issues: http://isc.sans.org/diary.php?storyid=1481 http://support.microsoft.com/kb/917537 Microsoft updated the .cab file: http://isc.sans.org/diary.php?storyid=1494 http://blogs.technet.com/msrc/archive/2006/07/18/442388.aspx exploit code is available MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution (917159) aka "Mailslot" CVE-2006-1314 CVSS base: 7.0 CVE-2006-1315 CVSS base: 2.3 initial ISC announement: http://isc.sans.org/diary.php?storyid=1471 exploit code is available MS06-036: Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388) CVE-2006-2372 CVSS base: 7.0 temporal: 5.8 initial ISC announement: http://isc.sans.org/diary.php?storyid=1472 exploit code is available: http://isc.sans.org/diary.php?storyid=1502 MS06-037: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285) CVE-2006-1301 CVE-2006-1302 CVE-2006-1304 CVE-2006-1306 CVE-2006-1308 CVE-2006-1309 CVE-2006-2388 CVE-2006-3059 CVSS base: 5.6 initial ISC announement: http://isc.sans.org/diary.php?storyid=1474 MS06-038: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (917284) CVE-2006-1316 ? Microsoft Office Parsing Vulnerability CVSS base: 5.6 CVE-2006-1540 ? Microsoft Office Malformed String Parsing Vulnerability CVSS base: 1.1 CVE-2006-2389 ? Microsoft Office Property Vulnerability CVSS base: 6.5 initial ISC announement: http://isc.sans.org/diary.php?storyid=1475 MS06-039: Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384) CVE-2006-0033 CVSS base: 3.7 CVE-2006-0007 CVSS base: 5.6 initial ISC announement: http://isc.sans.org/diary.php?storyid=1476 |
Kevin Liston 292 Posts ISC Handler Jul 22nd 2006 |
Thread locked Subscribe |
Jul 22nd 2006 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!