CERT-In Advisory CIAD-2010-33
Multiple Vulnerabilities in Microsoft Products affecting Outlook Express, Windows Mail and Visual Basic for Applications
Original issue date:
May 12, 2010
Systems Affected
- Microsoft Windows 2000
- Microsoft Windows XP
- Windows Server 2003
- Microsoft Windows Vista
- Windows Server 2008
- Microsoft Windows 7
- Windows Server 2008 R2
Components affected
- Microsoft Office
- Microsoft Visual Basic for Applications
Overview
Multiple Vulnerabilities have been reported in various Microsoft Products affecting Outlook Express, Windows Mail and Visual Basic for Applications
Description
The vulnerability notes released by CERT-In with reference to Microsoft Security Bulletins are given below:
| Microsoft Security Bulletin |
Severity |
CERT-In Vulnerability Notes |
| MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Executi |
High |
CIVN-2010-139:
Integer Overflow Vulnerability in Microsoft Outlook Express and Microsoft Windows Mail
|
| MS10-031: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution |
High |
CIVN-2010-140:
Stack Memory Corruption vulnerability in Microsoft Visual Basic for Applications |
Solution
Apply appropriate patches as mentioned in Microsoft Security Bulletin May 2010
http://www.microsoft.com/technet/security/bulletin/ms10-may.mspx
Vendor Information
Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms10-may.mspx
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
