US-CERT Technical Cyber Security Alert TA05-102A -- Multiple Vulnerabilities in Microsoft Windows Components

National Cyber Alert System

Technical Cyber Security Alert TA05-102A

Multiple Vulnerabilities in Microsoft Windows Components

Original release date: April 12, 2005
Last revised: --
Source: US-CERT

Systems Affected

Microsoft Windows Systems

For a complete list of affected versions of the Windows operating systems and components, refer to the Microsoft Security Bulletins.

Overview

Microsoft has released a Security Bulletin Summary for April, 2005. This summary includes several bulletins that address vulnerabilities in various Windows applications and components. Exploitation of some vulnerabilities can result in the remote execution of arbitrary code by a remote attacker. Details of the vulnerabilities and their impacts are provided below.

I. Description

The table below provides a mapping between Microsoft's Security Bulletins and the related US-CERT Vulnerability Notes. More information related to the vulnerabilities is available in these documents.

Microsoft Security Bulletin	Related US-CERT Vulnerability Note(s)
MS05-020: Cumulative Security Update for Internet Explorer (890923)	VU#774338 Microsoft Internet Explorer DHTML objects contain a race condition VU#756122 Microsoft Internet Explorer URL validation routine contains a buffer overflow VU#222050 Microsoft Internet Explorer Content Advisor contains a buffer overflow
MS05-021: Vulnerability in Exchange Server Could Allow Remote Code Execution (894549)	VU#275193 Microsoft Exchange Server contains unchecked buffer in SMTP extended verb handling
MS05-022: Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597)	VU#633446 Microsoft MSN Messenger GIF processing buffer overflow
MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)	VU#233754 Microsoft Windows does not adequately validate IP packets

II. Impact

Exploitation of these vulnerabilities may permit a remote attacker to execute arbitrary code on a vulnerable Windows system, or cause a denial-of-service condition.

III. Solution

Apply a patch

Microsoft has provided the patches for these vulnerabilities in the Security Bulletins and on Windows Update.

Appendix A. References

Microsoft's Security Bulletin Summary for April, 2005 - <http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx>
US-CERT Vulnerability Note VU#774338 - <http://www.kb.cert.org/vuls/id/774338>
US-CERT Vulnerability Note VU#756122 - <http://www.kb.cert.org/vuls/id/756122>
US-CERT Vulnerability Note VU#222050 - <http://www.kb.cert.org/vuls/id/222050>
US-CERT Vulnerability Note VU#275193 - <http://www.kb.cert.org/vuls/id/275193>
US-CERT Vulnerability Note VU#633446 - <http://www.kb.cert.org/vuls/id/633446>
US-CERT Vulnerability Note VU#233754 - <http://www.kb.cert.org/vuls/id/233754>

Feedback can be directed to the authors: Will Dormann, Jeff Gennari, Chad Dougherty, Ken MacInnis, Jason Rafail, Art Manion, and Jeff Havrilla

Revision History

April 12, 2005: Initial release

Last updated February 08, 2008

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting

DHS Threat Advisory