Skip to content

J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1282
    posted: 10/10/08
  • NSM Daily Update #1282
    posted: 10/10/08
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1282
    posted: 10/10/08
  • Deep Inspection 5.1, 5.2, 5.3r4 and below #1274
    posted: 10/10/08
  • Deep Inspection 5.0 #1132
    posted: 04/01/08
  • Antivirus
    posted: 10/10/08
Microsoft Security Bulletins

April 2007

Prior Updates:

2008 |September |August |July |June |May |April |March |February |January
2007 |December |November |October |September |August |July |June |May |April |March |February |January
2006 |December |November |October |September |August |July |June |May |April |March |February |January
2005 |December |November |October |September |August |July |June |May |April |March |February |January
2004 |December |November |October |September |August |July |June |May |April |March |February |January
2003 |December |November |October

lock icon Login to learn more about how Juniper Networks products can protect you from these vulnerabilities. (If you don't already have a login, see Requesting Support.)

April 2007

Microsoft Security Bulletin MS07-017

Vulnerabilities in GDI Could Allow Remote Code Execution (925902)

Severity: Critical
Vulnerabilities:
  • GDI Local Elevation of Privilege Vulnerability - CVE-2006-5758
    A privilege elevation vulnerability exists in the Graphics Rendering Engine in the way that it starts applications. This vulnerability could allow a logged on user to take complete control of the system.
  • WMF Denial of Service Vulnerability - CVE-2007-1211
    A denial of service vulnerability exists in Windows when rendering Windows Metafile (WMF) image format files. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding and possibly restart.
  • EMF Elevation of Privilege Vulnerability - CVE-2007-1212
    An elevation of privilege vulnerability exists in the rendering of Enhanced Metafile (EMF) image format files. Any program that renders EMF images on the affected systems could be vulnerable to this attack. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
  • GDI Invalid Window Size Elevation of Privilege Vulnerability - CVE-2006-5586
    A privilege elevation vulnerability exists in the Graphics Rendering Engine in the way that it renders layered application windows. This vulnerability could allow a logged on user to take complete control of the system.
  • Windows Animated Cursor Remote Code Execution Vulnerability - CVE-2007-0038
    A remote code execution vulnerability exists in the way that Windows handles cursor, animated cursor, and icon formats. An attacker could try to exploit the vulnerability by constructing a malicious cursor or icon file that could potentially allow remote code execution if a user visited a malicious Web site or viewed a specially crafted e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
  • GDI Incorrect Parameter Local Elevation of Privilege Vulnerability - CVE-2007-1215
    A local elevation of privilege vulnerability exists in the Graphics Device Interface due to the way it processes color-related parameters. This vulnerability could allow an attacker to take complete control of the system.
  • Font Rasterizer Local Elevation of Privilege Vulnerability - CVE-2007-1213
    A local elevation of privilege vulnerability exists in the TrueType Fonts rasterizer in the way that it handles defective or modified font types. This vulnerability could allow a logged-on user to take complete control of the system.

Microsoft Security Bulletin MS07-018

Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939)

Severity: Critical
Vulnerabilities:
  • CMS Memory Corruption Vulnerability - CVE-2007-0938
    A remote code execution vulnerability exists in Content Management Server because of the way that it handles a specially crafted HTTP request. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
  • Cross-site Scripting and Spoofing Vulnerability in CMS Vulnerability - CVE-2007-0939
    A cross-site scripting and spoofing vulnerability exists in Microsoft Content Management Server (MCMS) which could allow an attacker to convince a user to run a malicious script. If this malicious script is run, it would execute in the security context of the user. Attempts to exploit this vulnerability require user interaction. This vulnerability could allow an attacker access to any data on the affected systems that was accessible to the individual user. It may also be possible for an attacker to exploit this vulnerability to modify Web browser caches and intermediate proxy server caches, and put spoofed content in those caches.

Microsoft Security Bulletin MS07-019

Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261)

Severity: Critical
Vulnerabilities:
  • UPnP Memory Corruption Vulnerability - CVE-2007-1204
    A remote code execution vulnerability exists in the Universal Plug and Play service in the way that it handles specially crafted HTTP requests. An attacker who has successfully exploited this vulnerability could run arbitrary code in the context of local service.

Microsoft Security Bulletin MS07-020

Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168)

Severity: Critical
Vulnerabilities:
  • Microsoft Agent URL Parsing Vulnerability Could Allow Remote Code Execution- CVE-2007-1205
    A remote code execution vulnerability exists in Microsoft Agent in the way that it handles certain specially crafted URLs.

Microsoft Security Bulletin MS07-021

Vulnerability in CSRSS Could Allow Remote Code Execution (930178)

Severity: Critical
Vulnerabilities:
  • MsgBox (CSRSS) Remote Code Execution Vulnerability - CVE-2007-1210
    A remote code execution vulnerability exists in Windows Client/Server Runtime Server Subsystem (CSRSS) processes because of the way that it handles error messages. An attacker could exploit the vulnerability by constructing a specially crafted application that could potentially allow remote code execution. Additionally, if a user visited a specially crafted Web site an attacker who successfully exploited this vulnerability could take complete control of an affected system. However, significant user interaction is required to exploit this vulnerability.
  • CSRSS Local Elevation of Privilege Vulnerability - CVE-2007-1209
    A privilege elevation vulnerability exists in the way that Microsoft Windows starts and terminates applications in association with Client Server Runtime Server Run-Time Subsystem (CSRSS) Service. This vulnerability could allow a logged on user to take complete control of the system.

Microsoft Security Bulletin MS07-022

Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784)

Severity: Important
Vulnerabilities:
  • Kernel Local Elevation of Privilege Vulnerability - CVE-2007-1206
    A privilege elevation vulnerability exists in Windows Kernel because of incorrect permissions on a mapped memory segment. An attacker who successfully exploited this vulnerability could take complete control of an affected system.