Hi,
I was recently having problems with my computer, esp quicktime and some plug-ins. I kept getting buffer overrun errors.
I finally decided that it would be best if I ran trend house micro, and this is the error I got.
I went to the microsoft web page and I was confused on what and what not I should download.
(MS07-016) Cumulative Security Update for Internet Explorer (928090)
Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
(CVE-2006-4697, CVE-2007-4697) COM Object Instantiation Memory Corruption Vulnerability A remote code execution vulnerability exists in the way Internet E...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003)
Microsoft Windows 2000 Server Service Pack 4
Microsoft Windows Server 2003
Microsoft Windows XP Service Pack 2
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4)
Microsoft Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 x64 Edition)
Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 for Itanium-based Systems)
Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems)
Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 Service Pack 1)
Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition)
Microsoft Internet Explorer 7 (Microsoft Windows XP Service Pack 2)
Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition)
Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition)
Malware exploiting this vulnerability: unknown
(CVE-2006-4697, CVE-2007-4697) COM Object Instantiation Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way Internet Explorer (IE) instantiates COM objects that are not intended to be instantiated in the affected application.
The COM object IMSKDIC.DLL is installed on Windows XP Service Pack 2 systems if Install files for East Asian languages is checked on the Languages tab of the Regional and Language Options control panel applet (INTL.CPL). On the other hand, it is also installed if a user has an East Asian language build of Microsoft Office XP installed. It is this object that corrupts memory in IE when instantiated leading to an exploitable condition.
(CVE-2007-0217) FTP Server Response Parsing Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way Internet Explorer interprets certain responses from File Transfer Protocol (FTP) servers. An attacker could exploit the vulnerability by sending specially crafted FTP responses in an FTP session to the FTP client included in Internet Explorer.
An off by one flaw exists in WININET.DLL that may be used to cause a 1-byte overrun of a heap buffer when processing FTP responses from an FTP server.
The aforementioned vulnerabilities require user interaction to effectively carry on the attack and will only execute under the rights of the currently logged in user. Affected users who are logged in with administrative rights can lead to complete compromised of the system.
Anything would very helpful and appreciated.
Thank you
I was recently having problems with my computer, esp quicktime and some plug-ins. I kept getting buffer overrun errors.
I finally decided that it would be best if I ran trend house micro, and this is the error I got.
I went to the microsoft web page and I was confused on what and what not I should download.
(MS07-016) Cumulative Security Update for Internet Explorer (928090)
Transfering more information about this vulnerability...
An error occured while trying to retrieve more information about this vulnerability. There is currently no more information available.
(CVE-2006-4697, CVE-2007-4697) COM Object Instantiation Memory Corruption Vulnerability A remote code execution vulnerability exists in the way Internet E...
More information about this vulnerability and its elimination.
Affected programs and services: Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003)
Microsoft Windows 2000 Server Service Pack 4
Microsoft Windows Server 2003
Microsoft Windows XP Service Pack 2
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4)
Microsoft Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 x64 Edition)
Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 for Itanium-based Systems)
Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems)
Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 Service Pack 1)
Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition)
Microsoft Internet Explorer 7 (Microsoft Windows XP Service Pack 2)
Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition)
Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition)
Malware exploiting this vulnerability: unknown
(CVE-2006-4697, CVE-2007-4697) COM Object Instantiation Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way Internet Explorer (IE) instantiates COM objects that are not intended to be instantiated in the affected application.
The COM object IMSKDIC.DLL is installed on Windows XP Service Pack 2 systems if Install files for East Asian languages is checked on the Languages tab of the Regional and Language Options control panel applet (INTL.CPL). On the other hand, it is also installed if a user has an East Asian language build of Microsoft Office XP installed. It is this object that corrupts memory in IE when instantiated leading to an exploitable condition.
(CVE-2007-0217) FTP Server Response Parsing Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way Internet Explorer interprets certain responses from File Transfer Protocol (FTP) servers. An attacker could exploit the vulnerability by sending specially crafted FTP responses in an FTP session to the FTP client included in Internet Explorer.
An off by one flaw exists in WININET.DLL that may be used to cause a 1-byte overrun of a heap buffer when processing FTP responses from an FTP server.
The aforementioned vulnerabilities require user interaction to effectively carry on the attack and will only execute under the rights of the currently logged in user. Affected users who are logged in with administrative rights can lead to complete compromised of the system.
Anything would very helpful and appreciated.
Thank you