PCWorks: Vulnerability Microsoft Windows File Manifest Privilege Escalation

Thread: PCWorks: Vulnerability Microsoft Windows File Manifest Privilege Escalation

Search this list only Search all lists
PCWorks: Vulnerability Microsoft Windows File Manifest Privilege Escalation
	2006-12-13 08:15:13
(Note this is LOCAL system only) TITLE: Microsoft Windows File Manifest Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA23308 VERIFY ADVISORY: http://secunia.c om/advisories/23308/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/p roduct/1175/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/p roduct/1174/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/p roduct/1173/ Microsoft Windows Server 2003 Web Edition http://secunia.com/p roduct/1176/ Microsoft Windows XP Home Edition http://secunia.com/pro duct/16/ Microsoft Windows XP Professional http://secunia.com/pro duct/22/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error in the Client-Server Run-time Subsystem when processing file manifests and can be exploited by starting up an applications with specially crafted file manifest. Successful exploitation allows execution of arbitrary code with escalated privileges. SOLUTION: Apply patches. Microsoft Windows XP SP2: http://www.microsof t.com/downloads/details.aspx?FamilyId=966704b5-1a7e-4110-969 4-844706a52db7 Microsoft Windows Server 2003: http://www.microsof t.com/downloads/details.aspx?FamilyId=5ea314a2-d76a-46f9-853 b-15ff03f8ad95 Microsoft Windows Server 2003 for Itanium-based systems: http://www.microsof t.com/downloads/details.aspx?FamilyId=7bceaa11-f655-4e3c-a58 8-5c49097e970b PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS06-075 (KB926255): http://www.microsoft.com/technet/security/Bullet in/MS06-075.mspx ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/r ules.htm Contact list owner <owner-pcworksimagicomm.com> Unsubscribing and other changes: http://pcworkers.com =====================================================

[1]

about | contact Other archives ( Real Estate discussion Medical topics )