PCWorks: Microsoft JScript Memory Corruption Vulnerability

Thread: PCWorks: Microsoft JScript Memory Corruption Vulnerability

Search this list only Search all lists
PCWorks: Microsoft JScript Memory Corruption Vulnerability
	2006-06-15 06:36:07
TITLE: Microsoft JScript Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA20620 VERIFY ADVISORY: http://secunia.c om/advisories/20620/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote OPERATING SYSTEM: Microsoft Windows XP Professional http://secunia.com/pro duct/22/ Microsoft Windows XP Home Edition http://secunia.com/pro duct/16/ Microsoft Windows Server 2003 Web Edition http://secunia.com/p roduct/1176/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/p roduct/1173/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/p roduct/1174/ Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/p roduct/1175/ Microsoft Windows 2000 Server http://secunia.com/pro duct/20/ Microsoft Windows 2000 Professional http://secunia.com/prod uct/1/ Microsoft Windows 2000 Datacenter Server http://secunia.com/p roduct/1177/ Microsoft Windows 2000 Advanced Server http://secunia.com/pro duct/21/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a memory corruption error in Microsoft JScript when releasing certain objects. This can be exploited to execute arbitrary code when a user views a malicious web site or opens an e-mail message containing specially crafted JScript. SOLUTION: Apply patches: Microsoft Windows 2000 SP4 with JScript 5.1: http://www.microsof t.com/downloads/details.aspx?FamilyId=23E79ABD-B1FE-4734-B3D 3-FB53D286C06F Microsoft Windows 2000 SP4 with JScript 5.6 or 5.5: http://www.microsof t.com/downloads/details.aspx?FamilyId=16DD21A1-C4EE-4ECA-8B8 0-7BD1DFEFB4F8 Microsoft Windows XP SP1 and SP2 with JScript 5.6: http://www.microsof t.com/downloads/details.aspx?FamilyId=D28C02BE-CAC3-4579-9B9 3-939FD5D3CDE6 Microsoft Windows XP Professional x64 Edition with JScript 5.6: http://www.microsof t.com/downloads/details.aspx?FamilyId=2EE3DD28-7167-4A2C-941 D-A236F8CC5C4B Microsoft Windows Server 2003 (with or without SP1) with JScript 5.6: http://www.microsof t.com/downloads/details.aspx?FamilyId=8963AE25-2230-47FE-AEC E-49D7457D96D4 Microsoft Windows Server 2003 for Itanium-based Systems (with or without SP1) with JScript 5.6: http://www.microsof t.com/downloads/details.aspx?FamilyId=7764C7DC-A7E4-4B91-95C 2-EF7D4DCE0A00 Microsoft Windows Server 2003 x64 Edition with JScript 5.6: http://www.microsof t.com/downloads/details.aspx?FamilyId=BCF7AB2E-EE1C-45F9-8B1 C-4B1CEF683082 Windows 98, Windows 98 SE, and Windows ME with JScript 5.6: Patches are available via the Microsoft Update web site or the Windows Update web site. ORIGINAL ADVISORY: MS06-023 (KB917344): http://www.microsoft.com/technet/security/Bullet in/MS06-023.mspx ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/r ules.htm Contact list owner <owner-pcworksimagicomm.com> Unsubscribing and other changes: http://pcworkers.com =====================================================

[1]

about | contact Other archives ( Real Estate discussion Medical topics )