検索:
ホーム   »     »   Microsoft Security Update for April

Microsoft Security Update for April

  • 投稿日:2006年4月12日
  • 脅威カテゴリ:未分類
  • 執筆:ウイルス解析担当者
0

Today, Microsoft released three critical, one important, and one moderate security updates. You may follow the links provided for more details:


Critical

Cumulative Security Update for Internet Explorer (912812)

This is a cumulative update which concerns the following:



  • DHTML Method Call Memory Corruption Vulnerability – CVE-2006-1359
  • Multiple Event Handler Memory Corruption Vulnerability – CVE-2006-1245
  • HTA Execution Vulnerability – CVE-2006-1388
  • HTML Parsing Vulnerability – CVE-2006-1185
  • COM Object Instantiation Memory Corruption Vulnerability – CVE-2006-1186
  • HTML Tag Memory Corruption Vulnerability – CVE-2006-1188
  • Double-Byte Character Parsing Memory Corruption Vulnerability – CVE-2006-1189
  • Script Execution Vulnerability – CVE-2006-1190
  • Cross-Domain Information Disclosure Vulnerability – CVE-2006-1191
  • Address Bar Spoofing Vulnerability – CVE-2006-1192
Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)

A remote code execution vulnerability exists in the RDS.Dataspace ActiveX control that is provided as part of the ActiveX Data Objects (ADO) and that is distributed in MDAC. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531)

A remote code execution vulnerability exists in Windows Explorer because of the way that it handles COM objects. An attacker would need to convince a user to visit a Web site that could force a connection to a remote file server. This remote file server could then cause Windows Explorer to fail in a way that could allow code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system.


Important

Cumulative Security Update for Outlook Express (911567)

A remote code execution vulnerability exists in Outlook Express when using a Windows Address Book (.wab) file that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.


Moderate

Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (917627)

The cross-site scripting vulnerability could allow an attacker to run client-side script on behalf of an FPSE user. The script could spoof content, disclose information, or take any action that the user could take on the affected web site. Attempts to exploit this vulnerability require user interaction. An attacker who successfully exploited this vulnerability against an administrator could take complete control of a Front Page Server Extensions 2002 server.


No related posts.



  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2021 Trend Micro Incorporated. All rights reserved.