About | Buy Stuff | News | Products | Rants | Search | Security
Home » Resources » Rants

Anthology MS: Greatest Hits

Week of November 2, 2001

Relive all those romantic moments from your youth. Remember when you were growing up, sitting (or lying) in the back seat of your car and the news of yet another Microsoft vulnerability came on the radio? Remember how your date reacted? Relive those moments now! Call within the next ten minutes and get all the new Windows XP vulnerabilities at no extra charge! ACT NOW!

June 1998

MS98-001 : Disabling Creation of Local Groups on a Domain by Non-Administrative Users
MS98-002 : Error Message Vulnerability Against Secured Internet Servers

July 1998

MS98-003 : File Access Issue with Windows NT Internet Information Server
MS98-004 : Unauthorized ODBC Data Access with RDS and IIS
MS98-005 : Unwanted Data Issue with Office 98 for the Macintosh
MS98-006 : Potential Denial-of-Service in IIS FTP Server due to Passive Connections
MS98-007 : Potential SMTP and NNTP Denial-of-Service Vulnerabilities
MS98-008 : Long file name Security Issue affecting Microsoft Outlook 98 and Microsoft Outlook Express 4.x
MS98-009 : Windows NT Privilege Elevation Attack

August 1998

MS98-010 : Information on the Back Orifice Program
MS98-011 : Window.External JScript Vulnerability in Microsoft Internet Explorer 4.0
MS98-012 : Updates available for Security Vulnerabilities in Microsoft PPTP

September 1998

MS98-013 : Internet Explorer Cross Frame Navigate Vulnerability
MS98-014 : RPC Spoofing Denial of Service on Windows NT

October 1998

MS98-015 : Untrusted Scripted Paste Issue in Microsoft Internet Explorer 4.01
MS98-016 : Dotless IP Address Issue in Microsoft Internet Explorer 4

November 1998

MS98-017 : Named Pipes Over RPC Vulnerability

December 1998

MS98-018 : Excel CALL Vulnerability
MS98-019 : IIS GET Vulnerability
MS98-020 : Frame Spoof Vulnerability

January 1999

MS99-001 : Exposure in Forms 2.0 TextBox Control that allows data to be read from user's Clipboard
MS99-002 : Word 97 Template Vulnerability

February 1999

MS99-003 : IIS Malformed FTP List Request Vulnerability
MS99-004 : Authentication Processing Error in Windows NT 4.0 Service Pack 4
MS99-005 : BackOffice Server 4.0 Does Not Delete Installation Setup File
MS99-006 : Windows NT Known DLLs List Vulnerability
MS99-007 : Taskpads Scripting Vulnerability

March 1999

MS99-008 : Windows NT Screen Saver Vulnerability
MS99-009 : Malformed Bind Request Vulnerability
MS99-010 : File Access Vulnerability in Personal Web Server

April 1999

MS99-011 : DHTML Edit Vulnerability
MS99-012 : MSHTML Update Available for Internet Explorer

'She's so vulnerable
 Like china in my hands'
  -- Per Gessle (Roxette)

May 1999

MS99-013 : File Viewers Vulnerability
MS99-014 : Excel 97 Virus Warning Vulnerabilities
MS99-015 : Malformed Help File Vulnerability
MS99-016 : Malformed Phonebook Entry Vulnerability
MS99-017 : RAS and RRAS Password Vulnerability
MS99-018 : Malformed Favorites Icon Vulnerability

June 1999

MS99-019 : Malformed HTR Request Vulnerability
MS99-020 : Malformed LSA Request Vulnerability
MS99-021 : CSRSS Worker Thread Exhaustion Vulnerability
MS99-022 : Double Byte Code Page Vulnerability
MS99-023 : Malformed Image Header Vulnerability

July 1999

MS99-024 : Unprotected IOCTLs Vulnerability
MS99-025 : Unauthorized Access to IIS Servers through ODBC Data Access with RDS
MS99-026 : Malformed Dialer Entry Vulnerability

August 1999

MS99-027 : Encapsulated SMTP Address Vulnerability
MS99-028 : Terminal Server Connection Request Flooding Vulnerability
MS99-029 : Malformed HTTP Request Header Vulnerability
MS99-030 : Office ODBC Vulnerabilities
MS99-031 : Virtual Machine Sandbox Vulnerability
MS99-032 : scriptlet.typelib/Eyedog Vulnerability

September 1999

MS99-033 : Malformed Telnet Argument Vulnerability
MS99-034 : Fragmented IGMP Packet Vulnerability
MS99-035 : Set Cookie Header Caching Vulnerability
MS99-036 : Windows NT 4.0 Does Not Delete Unattended Installation File
MS99-037 : ImportExportFavorites Vulnerability
MS99-038 : Spoofed Route Pointer Vulnerability
MS99-039 : Domain Resolution and FTP Download Vulnerabilities
MS99-040 : Download Behavior Vulnerability
MS99-041 : RASMAN Security Descriptor Vulnerability

October 1999

MS99-042 : IFRAME ExecCommand Vulnerability
MS99-043 : Javascript Redirect Vulnerability
MS99-044 : Excel SYLK Vulnerability
MS99-045 : Virtual Machine Verifier Vulnerability
MS99-046 : Improve TCP Initial Sequence Number Randomness

November 1999

MS99-047 : Malformed Spooler Request Vulnerability
MS99-048 : Active Setup Control Vulnerability
MS99-049 : File Access URL Vulnerability
MS99-050 : Server-side Page Reference Redirect Vulnerability
MS99-051 : IE Task Scheduler Vulnerability
MS99-052 : Legacy Credential Caching Vulnerability

December 1999

MS99-053 : Windows Multithreaded SSL ISAPI Filter Vulnerability
MS99-054 : WPAD Spoofing Vulnerability
MS99-055 : Malformed Resource Enumeration Argument Vulnerability
MS99-056 : Syskey Keystream Reuse Vulnerability
MS99-057 : Malformed Security Identifier Request Vulnerability
MS99-058 : Virtual Directory Naming Vulnerability
MS99-059 : Malformed TDS Packet Header Vulnerability
MS99-060 : HTML Mail Attachment Vulnerability
MS99-061 : Escape Character Parsing Vulnerability

January 2000

MS00-001 : Malformed IMAP Request Vulnerability
MS00-002 : Malformed Conversion Data Vulnerability
MS00-003 : Spoofed LPC Port Request Vulnerability
MS00-004 : RDISK Registry Enumeration File Vulnerability
MS00-005 : Malformed RTF Control Word Vulnerability
MS00-006 : Malformed Hit-Highlighting Argument Vulnerability

February 2000

MS00-007 : Recycle Bin Creation Vulnerability
MS00-008 : Registry Permissions Vulnerability
MS00-009 : Image Source Redirect Vulnerability
MS00-010 : Site Wizard Input Validation Vulnerability
MS00-011 : VM File Reading Vulnerability
MS00-012 : Remote Agent Permissions Vulnerability
MS00-013 : Misordered Windows Media Services Handshake Vulnerability

March 2000

MS00-014 : SQL Query Abuse Vulnerability
MS00-015 : Clip Art Buffer Overrun Vulnerability
MS00-016 : Malformed Media License Request Vulnerability
MS00-017 : DOS Device in Path Name Vulnerability
MS00-018 : Chunked Encoding Post Vulnerability
MS00-019 : Virtualized UNC Share Vulnerability
MS00-020 : Desktop Separation Vulnerability
MS00-021 : Malformed TCP/IP Print Request Vulnerability

April 2000

MS00-022 : XLM Text Macro Vulnerability
MS00-023 : Myriad Escaped Characters Vulnerability
MS00-024 : OffloadModExpo Registry Permissions Vulnerability
MS00-025 : Link View Server-Side Component Vulnerability
MS00-026 : Mixed Object Access Vulnerability
MS00-027 : Malformed Environment Variable Vulnerability
MS00-028 : Server-Side Image Map Components Vulnerability

(Kudos to the archivist who came up with the brilliant idea of prefixing 'MS' to all the serial numbers - that was a stroke of genius.)

May 2000

MS00-029 : IP Fragment Reassembly Vulnerability
MS00-030 : Malformed Extension Data in URL Vulnerability
MS00-031 : Undelimited .HTR Request and File Fragment Reading via .HTR Vulnerabilities
MS00-032 : Protected Store Key Length Vulnerability
MS00-033 : Frame Domain Verification and Unauthorized Cookie Access and Malformed Component Attribute Vulnerabilities
MS00-034 : Office 2000 UA Control Vulnerability
MS00-035 : SQL Server 7.0 Service Pack Password Vulnerability
MS00-036 : ResetBrowser Frame and Host Announcement Frame Vulnerabilities

June 2000

MS00-037 : HTML Help File Code Execution Vulnerability
MS00-038 : Malformed Windows Media Encoder Request Vulnerability
MS00-039 : SSL Certificate Validation Vulnerabilities
MS00-040 : Remote Registry Access Authentication Vulnerability
MS00-041 : DTS Password Vulnerability
MS00-042 : Active Setup Download Vulnerability

July 2000

MS00-043 : Malformed E-mail Header Vulnerability
MS00-044 : Absent Directory Browser Argument Vulnerability
MS00-045 : Persistent Mail-Browser Link Vulnerability
MS00-046 : Cache Bypass Vulnerability
MS00-047 : NetBIOS Name Server Protocol Spoofing Vulnerability
MS00-048 : Stored Procedure Permissions Vulnerability
MS00-049 : Office HTML Script and IE Script Vulnerabilities
MS00-050 : Telnet Server Flooding Vulnerability
MS00-051 : Excel REGISTER.ID Function Vulnerability
MS00-052 : Relative Shell Path Vulnerability

August 2000

MS00-053 : Service Control Manager Named Pipe Impersonation Vulnerability
MS00-054 : Malformed IPX Ping Packet Vulnerability
MS00-055 : Scriptlet Rendering Vulnerability
MS00-056 : Microsoft Office HTML Object Tag Vulnerability
MS00-057 : File Permission Canonicalization Vulnerability
MS00-058 : Specialized Header Vulnerability
MS00-059 : Java VM Applet Vulnerability
MS00-060 : IIS Cross-Site Scripting Vulnerabilities
MS00-061 : Money Password Vulnerability
MS00-062 : Local Security Policy Corruption Vulnerability

September 2000

MS00-063 : Invalid URL Vulnerability
MS00-064 : Unicast Service Race Condition Vulnerability
MS00-065 : Still Image Service Privilege Escalation Vulnerability
MS00-066 : Malformed RPC Packet Vulnerability
MS00-067 : Windows 2000 Telnet Client NTLM Authentication Vulnerability
MS00-068 : OCX Attachment Vulnerability
MS00-069 : Simplified Chinese IME State Recognition Vulnerability

October 2000

MS00-070 : Multiple LPC and LPC Ports Vulnerabilities
MS00-071 : Word Mail Merge Vulnerability
MS00-072 : Share Level Password Vulnerability
MS00-073 : Malformed IPX NMPI Packet Vulnerability
MS00-074 : WebTV for Windows Denial of Service Vulnerability
MS00-075 : Microsoft VM ActiveX Component Vulnerability
MS00-076 : Cached Web Credentials Vulnerability
MS00-077 : NetMeeting Desktop Sharing Vulnerability
MS00-078 : Web Server Folder Traversal Vulnerability
MS00-079 : HyperTerminal Buffer Overflow Vulnerability
MS00-080 : Session ID Cookie Marking Vulnerability
MS00-081 : New Variant of VM File Reading Vulnerability
MS00-082 : Malformed MIME Header Vulnerability

November 2000

MS00-083 : Netmon Protocol Parsing Vulnerability
MS00-084 : Indexing Services Cross Site Scripting Vulnerability
MS00-085 : ActiveX Parameter Validation Vulnerability
MS00-086 : Web Server File Request Parsing Vulnerability
MS00-087 : Terminal Server Login Buffer Overflow Vulnerability
MS00-088 : Exchange User Account Vulnerability
MS00-089 : Domain Account Lockout Vulnerability
MS00-090 : .ASX Buffer Overrun and .WMS Script Execution Vulnerabilities
MS00-091 : Incomplete TCP/IP Packet Vulnerability

December 2000

MS00-092 : Extended Stored Procedure Parameter Parsing Vulnerability
MS00-093 : Browser Print Template and File Upload via Form Vulnerabilities
MS00-094 : Phone Book Service Buffer Overflow Vulnerability
MS00-095 : Registry Permissions Vulnerability
MS00-096 : SNMP Parameters Vulnerability
MS00-097 : Severed Windows Media Server Connection Vulnerability
MS00-098 : Indexing Service File Enumeration Vulnerability
MS00-099 : Directory Service Restore Mode Password Vulnerability
MS00-100 : Malformed Web Form Submission Vulnerability

January 2001

MS01-001 : Web Client Will Perform NTLM Authentication Regardless of Security Settings
MS01-002 : PowerPoint 2000 File Parser Contains Unchecked Buffer
MS01-003 : Weak Permissions on Winsock Mutex Can Allow Service Failure
MS01-004 : Malformed .HTR Request Allows Reading of File Fragments
MS01-005 : Packaging Anomaly Could Cause Hotfixes to be Removed
MS01-006 : Invalid RDP Data Can Cause Terminal Server Failure

February 2001

MS01-007 : Network DDE Agent Requests Can Enable Code to Run in System Context
MS01-008 : Malformed NTLMSSP Request Can Enable Code to Run with System Privileges
MS01-009 : Malformed PPTP Packet Stream Can Cause Kernel Exhaustion
MS01-010 : Windows Media Player Skins Files Can Enable Java Code to Execute
MS01-011 : Malformed Request to Domain Controller Can Cause CPU Exhaustion
MS01-012 : Outlook - Outlook Express VCard Handler Contains Unchecked Buffer
MS01-013 : Windows 2000 Event Viewer Contains Unchecked Buffer

March 2001

MS01-014 : Malformed URL Can Cause Service Failure in IIS 5.0 and Exchange 2000
MS01-015 : IE Can Divulge Location of Cached Content
MS01-016 : Malformed WebDAV Request Can Cause IIS to Exhaust CPU Resources
MS01-017 : Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard
MS01-018 : Visual Studio VB-TSQL Object Contains Unchecked Buffer
MS01-019 : Passwords for Compressed Folders are Recoverable
MS01-020 : Incorrect MIME Header Can Cause IE to Execute E-mail Attachment

April 2001

MS01-021 : Web Request Can Cause Access Violation in ISA Server Web Proxy Service
MS01-022 : WebDAV Service Provider Can Allow Scripts to Levy Requests as User

May 2001

MS01-023 : Unchecked Buffer in ISAPI Extension Could Enable Compromise of IIS 5.0 Server
MS01-024 : Malformed Request to Domain Controller Can Cause Memory Exhaustion
MS01-025 : Index Server Search Function Contains Unchecked Buffer
MS01-026 : 14 May 2001 Cumulative Patch for IIS
MS01-027 : Flaws in Web Server Certificate Validation Could Enable Spoofing
MS01-028 : RTF Document Linked to Template Can Run Macros Without Warning
MS01-029 : Windows Media Player .ASX Processor Contains Unchecked Buffer

June 2001

MS01-036 : Function Exposed via LDAP over SSL Could Enable Passwords to be Changed
MS01-030 : Incorrect Attachment Handling in Exchange OWA Can Execute Script
MS01-031 : Predictable Named Pipes Could Enable Privilege Elevation via Telnet
MS01-032 : SQL Query Method Enables Cached Administrator Connection to be Reused
MS01-033 : Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise
MS01-034 : Malformed Word Document Could Enable Macro to Run Automatically
MS01-035 : FrontPage Server Extension Sub-Component Contains Unchecked Buffer

July 2001

MS01-042 : Windows Media Player .NSC Processor Contains Unchecked Buffer
MS01-037 : Authentication Error in SMTP Service Could Allow Mail Relaying
MS01-038 : Outlook View Control Exposes Unsafe Functionality
MS01-039 : Services for Unix 2.0 Telnet and NFS Services Contain Memory Leaks
MS01-040 : Invalid RDP Data Can Cause Memory Leak in Terminal Services
MS01-041 : Malformed RPC Request Can Cause Service Failure

August 2001

MS01-046 : Access Violation in Windows 2000 IRDA Driver Can Cause System to Restart
MS01-043 : NNTP Service in Windows NT 4.0 and Windows 2000 Contains Memory Leak
MS01-044 : 15 August 2001 Cumulative Patch for IIS
MS01-045 : ISA Server H.323 Gatekeeper Service Contains Memory Leak

September 2001

MS01-049 : Deeply-nested OWA Request Can Consume Server CPU Availability
MS01-047 : OWA Function Allows Unauthenticated User to Enumerate Global Address List
MS01-048 : Malformed Request to RPC Endpoint Mapper can Cause RPC Service to Fail

October 2001

MS01-053 : Downloaded Applications Can Execute on Mac IE 5.1 for OS X
MS01-050 : Malformed Excel or PowerPoint Document Can Bypass Macro Security
MS01-051 : Malformed Dotless IP Address Can Cause Web Page to be Handled in Intranet Zone
MS01-052 : Invalid RDP Data can Cause Terminal Service Failure

November 2001

MS01-054 : Invalid Universal Plug and Play Request can Disrupt System Operation

About | Buy | News | Products | Rants | Search | Security
Copyright © Radsoft. All rights reserved.