CERT-In:Indian Computer Emergency Response Team

HOME > ADVISORIES

ADVISORIES

CERT-In Advisory CIAD-2007-52
Multiple Vulnerabilities in various components of Microsoft Windows: Microsoft Windows Kodak Image Viewer, Network News Transfer Protocol,
Microsoft IE, RPC Authentication, Microsoft Windows Share Point Service 3.0 and Share point server 2007, Microsoft Word

Original issue date: October 10, 2007

Systems Affected

Microsoft Windows Kodak Image Viewer
Network News Transfer Protocol
Microsoft IE
RPC Authentication
Microsoft Windows Share Point Service 3.0 and Share point server 2007
Microsoft Word

Overview

Multiple vulnerabilities have been reported in various components of Microsoft Windows, Microsoft Windows Kodak Image Viewer, Network News Transfer Protocol, Microsoft IE, RPC Authentication, Microsoft Windows Share Point Service 3.0 and Share point server 2007, Microsoft Word .

Description

The vulnerability notes released by CERT-In with reference to Microsoft Security Bulletins are given below:

Microsoft Security Bulletin	Severity	CERT-In Vulnerability Notes
MS07-055: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution	Medium	CIVN-2007-129: Microsoft Windows Kodak Image Viewer Remote Code Execution Vulnerability
MS07-056: Security Update for Outlook Express and Windows Mail	High	CIVN-2007-130: Network News Transfer Protocol Memory Corruption Vulnerability
MS07-057: Cumulative Security Update for Internet Explorer	High	CIVN-2007-131: Multiple Vulnerabilities in Microsoft IE could Allow Remote Code Execution
MS07-058: Vulnerability in RPC Could Allow Denial of Service	Medium	CIVN-2007-132: Microsoft Windows RPC Authentication Denial of Service Vulnerability
MS07-059: Vulnerability in Windows SharePoint Services 3.0 and Office SharePoint Server 2007	Medium	CIVN-2007-133: Cross-site scripting vulnerability in Microsoft Windows Share Point Service 3.0 and Share point server 2007
MS07-060: Vulnerability in Microsoft Word Could Allow Remote Code Execution	High	CIVN-2007-134: Microsoft Word Memory Corruption Vulnerability

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin October 2007
http://www.microsoft.com/technet/security/bulletin/ms07-oct.mspx

Vendor Information

Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms07-oct.mspx

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003

Home || Feedback || FAQ || Disclaimer

CERT-In Advisory CIAD-2007-52 Multiple Vulnerabilities in various components of Microsoft Windows: Microsoft Windows Kodak Image Viewer, Network News Transfer Protocol, Microsoft IE, RPC Authentication, Microsoft Windows Share Point Service 3.0 and Share point server 2007, Microsoft Word

CERT-In Advisory CIAD-2007-52
Multiple Vulnerabilities in various components of Microsoft Windows: Microsoft Windows Kodak Image Viewer, Network News Transfer Protocol,
Microsoft IE, RPC Authentication, Microsoft Windows Share Point Service 3.0 and Share point server 2007, Microsoft Word