[BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: EnterpriseSecurity

autonotify at bigfix.com autonotify at bigfix.com
Wed Jul 13 02:05:49 PDT 2005 

Fixlet Site - EnterpriseSecurity
Current Version: 601	Published: Tue, 12 Jul 2005 21:28:50 GMT


***************************************************************
Title: MS05-035: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Office XP - (Local/Network Install)
Severity: Important
Fixlet ID: 503501
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-035.mspx

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Microsoft Word. A font parsing vulnerability exists in Microsoft Word that could allow an attacker to remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability.

***************************************************************
Title: MS05-035: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Office 2000 - (Local Install)
Severity: Critical
Fixlet ID: 503502
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-035.mspx

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Microsoft Word. A font parsing vulnerability exists in Microsoft Word that could allow an attacker to remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS05-035: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Office 2000 - Windows NT/2000/XP/2003 (Network Install)
Severity: Critical
Fixlet ID: 503503
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-035.mspx

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Microsoft Word. A font parsing vulnerability exists in Microsoft Word that could allow an attacker to remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS05-035: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Office 2000 - Windows 9x/ME (Network Install)
Severity: Critical
Fixlet ID: 503504
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-035.mspx

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Microsoft Word. A font parsing vulnerability exists in Microsoft Word that could allow an attacker to remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS05-035: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Office XP - Windows NT/2000/XP/2003 (Administrative Install)
Severity: Important
Fixlet ID: 503505
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-035.mspx

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Microsoft Word. A font parsing vulnerability exists in Microsoft Word that could allow an attacker to remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS05-035: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Office 2000 - Windows NT/2000/XP/2003 (Administrative Install)
Severity: Critical
Fixlet ID: 503506
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-035.mspx

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Microsoft Word. A font parsing vulnerability exists in Microsoft Word that could allow an attacker to remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS05-035: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Office 2000 - Windows 9x/ME (Administrative Install)
Severity: Critical
Fixlet ID: 503507
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-035.mspx

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Microsoft Word. A font parsing vulnerability exists in Microsoft Word that could allow an attacker to remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS05-035: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Office XP - Windows 9x/ME (Administrative Install)
Severity: Important
Fixlet ID: 503508
Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS05-035.mspx

Fixlet Description: Microsoft has released a patch eliminating a security vulnerability in Microsoft Word. A font parsing vulnerability exists in Microsoft Word that could allow an attacker to remotely execute code and take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to this vulnerability. 

***************************************************************
Title: MS05-036: Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution - Windows Server 2003
Severity: Critical
Fixlet ID: 503601
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS05-036.mspx

Fixlet Description: Microsoft has released a patch eliminating security vulnerabilities in the Microsoft Color Management Module. A remote code execution vulnerability exists in the Microsoft Color Management Module because of the way that it handles ICC profile format tag validation. An attacker who successfully exploited this vulnerability could take complete control of an affected system.After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

***************************************************************
Title: MS05-036: CORRUPT PATCH - Windows Server 2003
Severity: Critical
Fixlet ID: 503602
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS05-036.mspx


***************************************************************
Title: MS05-036: Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution - Windows XP SP1/SP2
Severity: Critical
Fixlet ID: 503603
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS05-036.mspx

Fixlet Description: Microsoft has released a patch eliminating security vulnerabilities in the Microsoft Color Management Module. A remote code execution vulnerability exists in the Microsoft Color Management Module because of the way that it handles ICC profile format tag validation. An attacker who successfully exploited this vulnerability could take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS05-036: CORRUPT PATCH - Windows XP SP1/SP2
Severity: Critical
Fixlet ID: 503604
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS05-036.mspx


***************************************************************
Title: MS05-036: Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution - Windows 2000 SP4
Severity: Critical
Fixlet ID: 503605
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS05-036.mspx

Fixlet Description: Microsoft has released a patch eliminating security vulnerabilities in the Microsoft Color Management Module. A remote code execution vulnerability exists in the Microsoft Color Management Module because of the way that it handles ICC profile format tag validation. An attacker who successfully exploited this vulnerability could take complete control of an affected system. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS05-036: CORRUPT PATCH - Windows 2000 SP4
Severity: Critical
Fixlet ID: 503606
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/MS05-036.mspx


***************************************************************
Title: MS05-037: Vulnerability in JView Profiler Could Allow Remote Code Execution - IE 5.01 - Windows 2000 SP4
Severity: Critical
Fixlet ID: 503701
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-037.mspx

Fixlet Description: Microsoft has released a patch for Internet Explorer to resolve a remote code execution vulnerability in JView Profiler (Javaprxy.dll).  When JView Profiler is instantiated in Internet Explorer, if a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. Since the JView Profiler COM object was not designed to be accessed through Internet Explorer, this update sets the kill bit for the JView Profiler (Javaprxy.dll) COM object. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

***************************************************************
Title: MS05-037: Vulnerability in JView Profiler Could Allow Remote Code Execution - IE 6.0 SP1 - Windows 2000/XP
Severity: Critical
Fixlet ID: 503703
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-037.mspx

Fixlet Description: Microsoft has released a patch for Internet Explorer to resolve a remote code execution vulnerability in JView Profiler (Javaprxy.dll). When JView Profiler is instantiated in Internet Explorer, if a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. Since the JView Profiler COM object was not designed to be accessed through Internet Explorer, this update sets the kill bit for the JView Profiler (Javaprxy.dll) COM object. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

***************************************************************
Title: MS05-037: Vulnerability in JView Profiler Could Allow Remote Code Execution - IE 6.0 - Windows XP SP2
Severity: Critical
Fixlet ID: 503705
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-037.mspx

Fixlet Description: Microsoft has released a patch for Internet Explorer to resolve a remote code execution vulnerability in JView Profiler (Javaprxy.dll). When JView Profiler is instantiated in Internet Explorer, if a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. Since the JView Profiler COM object was not designed to be accessed through Internet Explorer, this update sets the kill bit for the JView Profiler (Javaprxy.dll) COM object. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.

***************************************************************
Title: MS05-037: Vulnerability in JView Profiler Could Allow Remote Code Execution - IE 6.0 Windows Server 2003
Severity: Moderate
Fixlet ID: 503707
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-037.mspx

Fixlet Description: Microsoft has released a patch for Internet Explorer to resolve a remote code execution vulnerability in JView Profiler (Javaprxy.dll). When JView Profiler is instantiated in Internet Explorer, if a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. Since the JView Profiler COM object was not designed to be accessed through Internet Explorer, this update sets the kill bit for the JView Profiler (Javaprxy.dll) COM object. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

***************************************************************
Title: MS05-037: Vulnerability in JView Profiler Could Allow Remote Code Execution - IE 6.0 SP1 - Windows 98/ME
Severity: Critical
Fixlet ID: 503711
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-037.mspx

Fixlet Description: Microsoft has released a patch for Internet Explorer to resolve a remote code execution vulnerability in JView Profiler (Javaprxy.dll). When JView Profiler is instantiated in Internet Explorer, if a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. Since the JView Profiler COM object was not designed to be accessed through Internet Explorer, this update sets the kill bit for the JView Profiler (Javaprxy.dll) COM object. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities. 

***************************************************************
Title: MS05-037: Vulnerability in JView Profiler Could Allow Remote Code Execution - IE 5.5 - Windows ME
Severity: Critical
Fixlet ID: 503713
Fixlet Link: http://www.microsoft.com/technet/security/bulletin/ms05-037.mspx

Fixlet Description: Microsoft has released a patch for Internet Explorer to resolve a remote code execution vulnerability in JView Profiler (Javaprxy.dll). When JView Profiler is instantiated in Internet Explorer, if a user is logged on with administrative rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. Since the JView Profiler COM object was not designed to be accessed through Internet Explorer, this update sets the kill bit for the JView Profiler (Javaprxy.dll) COM object. After downloading and installing this patch, affected computers will no longer be susceptible to these vulnerabilities.

More information about the BigFix-Announcements mailing list