Microsoft Sicherheitsbulletins des Jahres 2002 in einer Übersicht

[Lemmi]

Dezember 2002

• MS02-072 : Unchecked Buffer in Windows Shell Could Enable System Compromise (Q329390)
• MS02-071 : Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation (328310)
• MS02-070 : Flaw in SMB Signing Could Enable Group Policy to be Modified (329170)
• MS02-069 : Flaw in Microsoft VM Could Enable System Compromise (810030)
• MS02-068 : Cumulative Patch for Internet Explorer (324929)
• MS02-067 : E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail (331866)

• MS02-066 : Cumulative Patch for Internet Explorer (Q328970)
• MS02-065 : Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414)

• MS02-064 : Windows 2000 Default Permissions Could Allow Trojan Horse Program (Q327522)
• MS02-063 : Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks (Q329834)
• MS02-062 : Cumulative Patch for Internet Information Service (Q327696)
• MS02-061 : Elevation of Privilege in SQL Server Web Tasks (Q316333)
• MS02-060 : Flaw in Windows XP Help and Support Center Could Enable File Deletion (Q328940)
• MS02-059 : Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure (Q330008)
• MS02-058 : Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise (Q328676)
• MS02-057 : Flaw in Services for Unix 3.0 Interix SDK Could Allow Code Execution (Q329209)
• MS02-056 : Cumulative Patch for SQL Server (Q316333)
• MS02-055 : Unchecked Buffer in Windows Help Facility Could Enable Code Execution (Q323255)
• MS02-054 : Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048)

• MS02-053 : Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (Q324096)
• MS02-052 : Flaw in Java VM JDBC Classes Could Allow Code Execution (Q329077)
• MS02-051 : Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure (Q324380)
• MS02-050 : Certificate Validation Flaw Could Enable Identity Spoofing (Q329115)
• MS02-049 : Flaw Could Enable Web Page to Launch Visual FoxPro 6.0 Application Without Warning (Q326568)

• MS02-048 : Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (Q323172)
• MS02-047 : Cumulative Patch for Internet Explorer (Q323759)
• MS02-046 : Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution (Q327521)
• MS02-045 : Unchecked Buffer in Network Share Provider can lead to Denial of Service (Q326830)
• MS02-044 : Unsafe Functions in Office Web Components (Q328130)
• MS02-043 : Cumulative Patch for SQL Server (Q316333)
• MS02-042 : Flaw in Network Connection Manager Could Enable Privilege Elevation (Q326886)
• MS02-041 : Unchecked Buffer in Content Management Server Could Enable Server Compromise (Q326075)

• MS02-040 : Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise (Q326573)
• MS02-039 : Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution (Q323875)
• MS02-038 : Unchecked Buffer in SQL Server 2000 Utilities Could Allow Code Execution (Q316333)
• MS02-037 : Server Response To SMTP Client EHLO Command Results In Buffer Overrun (Q326322)
• MS02-036 : Authentication Flaw in Microsoft Metadirectory Services Could Allow Privilege Elevation (Q317138)
• MS02-035 : SQL Server Installation Process May Leave Passwords on System (Q263968)
• MS02-034 : Cumulative Patch for SQL Server (Q316333)

• MS02-033 : Unchecked Buffer in Profile Service Could Allow Code Execution in Commerce Server (Q322273)
• MS02-032 : Cumulative Patch for Windows Media Player (Q320920)
• MS02-031 : Cumulative Patches for Excel and Word for Windows (Q324458)
• MS02-030 : Unchecked Buffer in SQLXML Could Lead to Code Execution (Q321911)
• MS02-029 : Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (Q318138)
• MS02-028 : Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise (Q321599)
• MS02-027 : Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice (Q323889)
• MS02-026 : Unchecked Buffer in ASP.NET Worker Process (Q322289)

• MS02-025 : Malformed Mail Attribute Can Cause Exchange 2000 to Exhaust CPU Resources (Q320436)
• MS02-024 : Authentication Flaw in Windows Debugger Can Lead to Elevated Privileges (Q320206)
• MS02-023 : 15 May 2002 Cumulative Patch for Internet Explorer (Q321232)
• MS02-022 : Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (Q321661)

• MS02-021 : E-mail Editor Flaw Could Lead to Script Execution on Reply or Forward (Q321804)
• MS02-020 : SQL Extended Procedure Functions Contain Unchecked Buffers (Q319507)
• MS02-019 : Unchecked Buffer in Internet Explorer and Office for Mac Can Cause Code to Execute (Q321309)
• MS02-018 : Cumulative Patch for Internet Information Service (Q319733)
• MS02-017 : Unchecked Buffer in the Multiple UNC Provider Could Enable Code Execution (Q311967)
• MS02-016 : Opening Group Policy Files for Exclusive Read Blocks Policy Application (Q318593)

• MS02-015 : 28 March 2002 Cumulative Patch for Internet Explorer
• MS02-014 : Unchecked Buffer in Windows Shell Could Lead to Code Execution
• MS02-013 : 04 March 2002 Cumulative VM Update

• MS02-012 : Malformed Data Transfer Request Can Cause Windows SMTP Service to Fail
• MS02-011 : Authentication Flaw Could Allow Unauthorized Users To Authenticate To SMTP Service
• MS02-010 : Unchecked Buffer in ISAPI Filter Could Allow Commerce Server Compromise
• MS02-009 : Incorrect VBScript Handling in IE Can Allow Web Pages to Read Local Files
• MS02-008 : XMLHTTP Control Can Allow Access to Local Files
• MS02-007 : SQL Server Remote Data Source Function Contain Unchecked Buffers
• MS02-006 : Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run
• MS02-005 : 11 February 2002 Cumulative Patch for Internet Explorer
• MS02-004 : Unchecked Buffer in Telnet Server Could Lead to Arbitrary Code Execution
• MS02-003 : Exchange 2000 System Attendant Incorrectly Sets Remote Registry Permissions
• MS02-002 : Malformed Network Request Can Cause Office v. X for Mac to Fail

• MS02-001 : Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization Data