Microsoft Windows SafeDisk driver buffer overflow updated since 20.10.2007
Published:		12.12.2007
Source:		BUGTRAQ
SecurityVulns ID:		8274
Type:		local
Level:		7/10
Description:		Buffer overflow in secdrv.sys driver allows code execution in syste, context.

Affected:		MICROSOFT : Windows XP
		MICROSOFT : Windows 2003 Server
CVE:		CVE-2007-5587 (Buffer overflow in Macrovision SafeDisc secdrv.sys, as shipped in Microsoft Windows XP and Server 2003, allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL. NOTE: this issue may be the same as CVE-2007-5586, but there are insufficient details to be sure.)

Original document		MICROSOFT, Microsoft Security Bulletin MS07-067 – Important Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653) (12.12.2007)
		Reversemode, [CORRECTED] Microsoft Windows XP SP2/2003 - Macrovision SecDrv.sys privilege escalation (0day) (20.10.2007)
		Reversemode, Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day) (20.10.2007)

Files:		Microsoft Security Bulletin MS07-067 – Important Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653)
Discuss:		Read or add your comments to this news (0 comments)

Microsoft Windows Vista SMBv2 packets signature bypass
Published:		12.12.2007
Source:		MICROSOFT
SecurityVulns ID:		8433
Type:		m-i-t-m
Level:		6/10
Description:		Invalid implementation of digital signing.

Affected:		MICROSOFT : Windows Vista
CVE:		CVE-2007-5351

Original document

MICROSOFT, Microsoft Security Bulletin MS07-063 – Important Vulnerability in SMBv2 Could Allow Remote Code Execution (942624) (12.12.2007)

Files:		Microsoft Security Bulletin MS07-063 – Important Vulnerability in SMBv2 Could Allow Remote Code Execution (942624)
Discuss:		Read or add your comments to this news (0 comments)

Microsoft Windows Vista ALPC privilege escalation
Published:		12.12.2007
Source:		MICROSOFT
SecurityVulns ID:		8436
Type:		local
Level:		7/10
Description:		Code execution in kernel context with Advanced Local Procedure Call.

CVE:

CVE-2007-5350

Original document

MICROSOFT, Microsoft Security Bulletin MS07-066 – Important Vulnerability in Windows Kernel Could Allow Elevation of Privilege (943078) (12.12.2007)

Files:		Microsoft Security Bulletin MS07-066 – Important Vulnerability in Windows Kernel Could Allow Elevation of Privilege (943078)
Discuss:		Read or add your comments to this news (0 comments)

Microsoft Windows Media code execution
Published:		12.12.2007
Source:		MICROSOFT
SecurityVulns ID:		8437
Type:		client
Level:		8/10
Description:		Code execution with ASF files.

CVE:

CVE-2007-0064

Original document

MICROSOFT, Microsoft Security Bulletin MS07-068 - Critical Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275) (12.12.2007)

Files:		Microsoft Security Bulletin MS07-068 - Critical Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275)
Discuss:		Read or add your comments to this news (0 comments)

squid proxy server DoS updated since 06.12.2007
Published:		12.12.2007
Source:		BUGTRAQ
SecurityVulns ID:		8419
Type:		remote
Level:		6/10
Description:		Invalid cash update reply processing.

Affected:		SQUID : squid 2.6
CVE:		CVE-2007-6239 (The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers.)

Original document		Martin Huter, squids ICAP implementation lacks a defer check when reading from ICAP server (12.12.2007)
		SQUID, SQUID-2007:2, Dec 4, 2007 (06.12.2007)

Discuss:

Read or add your comments to this news (0 comments)

libnfsidmap / NFS privilege escalation
Published:		12.12.2007
Source:		BUGTRAQ
SecurityVulns ID:		8439
Type:		remote
Level:		5/10
Description:		Under some conditions, file owner is determined incorrectly.

CVE:

CVE-2007-4135 (Unspecified vulnerability in the NFSv4 ID mapper (nfsidmap) on SUSE Linux Enterprise 10 has unspecified attack vectors and impact, involving the name to uid translation in NFSv4 name lookups.)

Original document

MANDRIVA, [ MDKSA-2007:240 ] - Updated libnfsidmap packages fix username lookup flaw (12.12.2007)

Discuss:

Read or add your comments to this news (0 comments)

Microsoft Windows DirectX multiple security vulnerabilities updated since 12.12.2007
Published:		13.12.2007
Source:		MICROSOFT
SecurityVulns ID:		8434
Type:		client
Level:		8/10
Description:		Synchronized Accessible Media Interchange (SAMI), WAV and AVI.

Affected:		MICROSOFT : Windows 2000 Server
		MICROSOFT : Windows 2000 Professional
		MICROSOFT : Windows XP
		MICROSOFT : Windows 2003 Server
		MICROSOFT : Windows Vista
CVE:		CVE-2007-3901
		CVE-2007-3895

Original document		IDEFENSE, iDefense Security Advisory 12.11.07: Microsoft DirectX 7 and 8 DirectShow Stack Buffer Overflow Vulnerability (13.12.2007)
		MICROSOFT, Microsoft Security Bulletin MS07-064 – Critical Vulnerabilities in DirectX Could Allow Remote Code Execution (941568) (12.12.2007)

Files:		Microsoft Security Bulletin MS07-064 – Critical Vulnerabilities in DirectX Could Allow Remote Code Execution (941568)
Discuss:		Read or add your comments to this news (0 comments)

Microsoft Internet Explorer multiple security vulnerabilities updated since 12.12.2007
Published:		13.12.2007
Source:		MICROSOFT
SecurityVulns ID:		8438
Type:		client
Level:		8/10
Description:		Multiple memory corruptions.

Affected:		MICROSOFT : Windows 2000 Server
		MICROSOFT : Windows 2000 Professional
		MICROSOFT : Windows XP
		MICROSOFT : Windows 2003 Server
		MICROSOFT : Windows Vista
CVE:		CVE-2007-5347
		CVE-2007-5344
		CVE-2007-3903
		CVE-2007-3902

Original document		IDEFENSE, iDefense Security Advisory 12.11.07: Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability (13.12.2007)
		ZDI, ZDI-07-073: Microsoft Internet Explorer setExpression Vulnerability (12.12.2007)
		ZDI, ZDI-07-074: Microsoft Internet Explorer Node Manipulation Memory Corruption (12.12.2007)
		ZDI, ZDI-07-075: Microsoft Internet Explorer Element Tags Vulnerability (12.12.2007)
		MICROSOFT, Microsoft Security Bulletin MS07-069 - Critical Cumulative Security Update for Internet Explorer (942615) (12.12.2007)

Files:		Microsoft Security Bulletin MS07-069 - Critical Cumulative Security Update for Internet Explorer (942615)
Discuss:		Read or add your comments to this news (0 comments)

Samba buffer overflow updated since 12.12.2007
Published:		16.12.2007
Source:		BUGTRAQ
SecurityVulns ID:		8440
Type:		remote
Level:		8/10
Description:		Buffer overflow in send_mailslot() on parsing domain logon request.

Affected:		SAMBA : Samba 3.0
CVE:		CVE-2007-6015

Original document		SAMBA, [SECURITY] Buffer overrun in send_mailslot() (12.12.2007)
		SECUNIA, Secunia Research: Samba "send_mailslot()" Buffer Overflow Vulnerability (12.12.2007)

Files:		POC for samba send_mailslot()
Discuss:		Read or add your comments to this news (0 comments)

Microsoft Windows Message Queuing buffer overflow updated since 12.12.2007
Published:		24.12.2007
Source:		MICROSOFT
SecurityVulns ID:		8435
Type:		remote
Level:		7/10
Description:		Buffer overflow in RPC interface (TCP/2103).

Affected:		MICROSOFT : Windows 2000 Server
		MICROSOFT : Windows 2000 Professional
		MICROSOFT : Windows XP
CVE:		CVE-2007-3039
		CVE-2007-3039

Original document		SECURITEAM, [EXPL] Microsoft Windows Message Queuing Service Stack Overflow Vulnerability (MS07-065, Exploit) (24.12.2007)
		ZDI, ZDI-07-076: Microsoft Windows Message Queuing Service Stack Overflow Vulnerability (12.12.2007)
		MICROSOFT, Microsoft Security Bulletin MS07-065 – Important Vulnerability in Message Queuing Could Allow Remote Code Execution (937894) (12.12.2007)

Files:		Microsoft Message Queue POC exploit ( MS07-065 )
		Microsoft Security Bulletin MS07-065 – Important Vulnerability in Message Queuing Could Allow Remote Code Execution (937894)
Discuss:		Read or add your comments to this news (0 comments)