Skip to content

J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1312
    posted: 11/18/08
  • NSM Daily Update #1312
    posted: 11/18/08
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1312
    posted: 11/18/08
  • Deep Inspection 5.1, 5.2, 5.3r4 and below #1300
    posted: 11/18/08
  • Deep Inspection 5.0 #1132
    posted: 04/01/08
  • Antivirus
    posted: 11/17/08
Microsoft Security Bulletins

February 2008

Prior Updates:

2008 |November |October |September |August |July |June |May |April |March |February |January
2007 |December |November |October |September |August |July |June |May |April |March |February |January
2006 |December |November |October |September |August |July |June |May |April |March |February |January
2005 |December |November |October |September |August |July |June |May |April |March |February |January
2004 |December |November |October |September |August |July |June |May |April |March |February |January
2003 |December |November |October

lock icon Login to learn more about how Juniper Networks products can protect you from these vulnerabilities. (If you don't already have a login, see Requesting Support.)

February 2008

Microsoft Security Bulletin MS08-003

Vulnerability in Active Directory Could Allow Denial of Service (946538)

Severity: Important
Vulnerabilities:
  • Active Directory Vulnerability - CVE-2008-0088
    A denial of service vulnerability exists in implementations of Active Directory on Microsoft Windows 2000 and Windows Server 2003. The vulnerability also exists in implementations of Active Directory Application Mode (ADAM) when installed on Windows XP and Windows Server 2003. The vulnerability is due to improper validation of specially crafted LDAP requests. An attacker who successfully exploited this vulnerability could cause the computer to stop responding and automatically restart.

Microsoft Security Bulletin MS08-004

Vulnerability in DHCP Service Could Allow Denial of Service (946456)

Severity: Important
Vulnerabilities:
  • Vista TCP/IP Vulnerability - CVE-2008-0084
    A denial of service vulnerability exists in TCP/IP processing in Windows Vista. An attacker could exploit the vulnerability by creating a specially crafted DHCP server that returns a specially crafted packet to a host, corrupting TCP/IP structures and causing the affected system to stop responding and automatically restart.

Microsoft Security Bulletin MS08-005

Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)

Severity: Important
Vulnerabilities:
  • File Change Notification Vulnerability - CVE-2008-0074
    A local elevation of privilege vulnerability exists in the way that the Internet Information Service handles file change notifications in the FTPRoot, NNTPFile\Root, and WWWRoot folders. An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

Microsoft Security Bulletin MS08-006

Vulnerability in Internet Information Services Could Allow Remote Code Execution (942830)

Severity: Important
Vulnerabilities:
  • ASP HTMLEncode Vulnerability - CVE-2008-0075
    A remote code execution vulnerability exists in the way that Internet Information Services handles HTML-encoded ASP Web pages. An attacker could exploit the vulnerability by passing input to a Web site’s ASP page that performs an HTMLEncode operation on the input. An attacker who successfully exploited this vulnerability could then perform any actions on the IIS Server with the same rights as the Worker Process Identity (WPI), which by default is configured with Network Service account privileges.

Microsoft Security Bulletin MS08-007

Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026)

Severity: Critical
Vulnerabilities:
  • Mini-Redirector Heap Overflow Vulnerability - CVE-2008-0080
    A remote code execution vulnerability exists in the way that the WebDAV Mini-Redirector handles responses. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.

Microsoft Security Bulletin MS08-008

Vulnerability in OLE Automation Could Allow Remote Code Execution (947890)

Severity: Critical
Vulnerabilities:
  • OLE Heap Overrun Vulnerability - CVE-2007-0065
    A remote code execution vulnerability exists in Object Linking and Embedding (OLE) Automation that could allow an attacker who successfully exploited this vulnerability to make changes to the system with the permissions of the logged-on user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Microsoft Security Bulletin MS08-009

Vulnerability in Microsoft Word Could Allow Remote Code Execution (947077)

Severity: Critical
Vulnerabilities:
  • Word Memory Corruption Vulnerability – CVE-2008-0109
    A remote code execution vulnerability exists in the way that Word handles specially crafted Word files. The vulnerability could allow remote code execution if a user opens a specially crafted Word file with a malformed value. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Microsoft Security Bulletin MS08-010

Cumulative Security Update for Internet Explorer (944533)

Severity: Critical
Vulnerabilities:
  • HTML Rendering Memory Corruption Vulnerability - CVE-2008-0076
    HTML Rendering Memory Corruption Vulnerability - CVE-2008-0076 A remote code execution vulnerability exists in the way Internet Explorer interprets HTML with certain layout combinations. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user.
  • Property Memory Corruption Vulnerability - CVE-2008-0077
    A remote code execution vulnerability exists in the way Internet Explorer handles a property method. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user.
  • Argument Handling Memory Corruption Vulnerability - CVE-2008-0078
    A remote code execution vulnerability exists in the way Internet Explorer handles argument validation in image processing. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user.
  • ActiveX Object Memory Corruption Vulnerability - CVE-2007-4790
    A remote code execution vulnerability exists in a component of Microsoft Fox Pro. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Microsoft Security Bulletin MS08-011

Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081)

Severity: Moderate
Vulnerabilities:
  • Microsoft Works File Converter Input Validation Vulnerability - CVE-2007-0216
    A remote code execution vulnerability exists in Microsoft Works File Converter due to the way that it improperly validates section length headers with the .wps format. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.
  • Microsoft Works File Converter Index Table Vulnerability - CVE-2008-0105
    A remote code execution vulnerability exists in Microsoft Works File Converter due to the way that it improperly validates section header index table information with the .wps file format. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.
  • Microsoft Works File Converter Field Length Vulnerability - CVE-2008-0108
    A remote code execution vulnerability exists in Microsoft Works File Converter due to the way that it improperly validates various filed lengths information with the .wps file format. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.

Microsoft Security Bulletin MS08-012

Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (947085)

Severity: Critical
Vulnerabilities:
  • Publisher Invalid Memory Reference Vulnerability – CVE-2008-0102
    A remote code execution vulnerability exists in the way Microsoft Office Publisher fails to adequately clear out memory resources when loading application data from disk to memory. An attacker could exploit the vulnerability by constructing a specially crafted Publisher (.pub) file. When a user views the .pub file, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
  • Publisher Memory Corruption Vulnerability – CVE-2008-0104
    A remote code execution vulnerability exists in the way Microsoft Office Publisher fails to properly validate memory index values. An attacker could exploit the vulnerability by constructing a specially crafted Publisher (.pub) file. When a user views the .pub file, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Microsoft Security Bulletin MS08-013

Vulnerability in Microsoft Office Could Allow Remote Code Execution (947108)

Severity: Critical
Vulnerabilities:
  • Microsoft Office Execution Jump Vulnerability - CVE-2008-0103
    The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office document with a malformed object inserted into the document. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.