.: News - Downloads - Hilfe Forum - Windows FAQ - Kontakt - Impressum / Datenschutz :.
  Navigation
    Startseite
    Newscenter
    Downloads
    Screenshots
    Forum
    Online Shop
    Spielhalle
    Bilder Upload
    Mitglieder Map

  FAQ Datenbank
    FAQ, Tipps, Hilfe
    CMD (DOS) Befehle
    Windows 2000
    Windows Vista
    Windows XP
    Server 2003
    Microsoft Office
    Security Bulletins
    Service Packs

  Update Packs
    Windows 2000
    Windows XP
    Server 2003

  Service
    Windows XP Slipper
    Slipstream CD
    MS Security Tools

  RSS Feed  
    Alle News
    Treiber News
    Software News
    Hardware News
    Microsoft News
    Alle Windows FAQ
    Windows 2000 FAQ
    Windows XP FAQ
    Windows Vista FAQ
    Update Packs
    Screenshots
    Downloads

  Surf-Tipp
    Kostenlose Online-Kurse zu MS Office, OpenOffice und Internet-Technik

Keine Kompromisse im Kampf gegen Kinderpornografie

Archiv Screenshots
Archiv FAQ
Archiv Community News
Archiv Spiele News
Archiv Konsolen News
Archiv Allgemeine News
Archiv Microsoft News
Archiv Hardware News
Archiv Treiber News
Archiv Software News
Zurück   Winhelpline Forum > News, Tipps, Infos, Security Bulletin, Service Packs > WinHelpline News > News Archiv
Microsoft Security Bulletin MS02-022 - Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (Q321661) Microsoft Security Bulletin MS02-022 - Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (Q321661)
Passwort vergessen?

Antwort
 
Themen-Optionen Thema durchsuchen Ansicht
Alt 12.06.2002, 09:40   #1
Newsbot
input input
 
Benutzerbild von Newsbot
 
Registriert seit: 23.03.2006
Beiträge: 8.939



Standard Microsoft Security Bulletin MS02-022 - Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (Q321661)
Dieser Patch soll einen Fehler in der MSN Chat Control Software beseitigen. Der Patch ist zwar schon einige Tage alt, wurde aber am heutigen Tag erneut aktualisiert.

On May 8 2002, Microsoft released the original version of this bulletin. On June 11, 2002 the bulletin was updated to announce that while the fixes issued on May 8 2002 resolved the vulnerability, they did not protect in all cases against the reintroduction of the vulnerable control. As a result, a new set of fixes is being released to ensure that systems are fully protected against the reintroduction of the vulnerable control. A new MSN Chat control, updated patch, updated version of MSN Messenger and an updated version of Exchange Instant Messenger have been made available. Customers who have applied any of the fixes released on May 8, 2002 are encouraged to consider applying the updated fixes.

The MSN Chat control is an ActiveX control that allows groups of users to gather in a single, virtual location online to engage in text messaging. The control is offered for download as a single ActiveX control from a number of MSN sites. In addition, it is included with MSN Messenger since version 4.5 and Exchange Instant Messenger. While the MSN Chat control is included with these products it is not used to provide Instant Messaging functionality, but rather to add chat functionality to those products.

An unchecked buffer exists in one of the functions that handles input parameters in the MSN Chat control. A security vulnerability results because it is possible for a malicious user to levy a buffer overrun attack and attempt to exploit this flaw. A successful attack could allow code to run in the user's context.

It would be possible for an attacker to attempt to exploit this vulnerability either through a malicious web site or through HTML email. However, Outlook Express 6.0 and the Outlook Email Security Update, which is available for Outlook 98 and Outlook 2000, Outlook 2002 and can thwart such attempts through their default security settings.

Mehr Infos
Newsbot ist offline   Mit Zitat antworten
Antwort

« Vorheriges Thema | Nächstes Thema »


Themen-Optionen Thema durchsuchen
Thema durchsuchen:

Erweiterte Suche
Ansicht
Linear-Darstellung Linear-Darstellung

Forumregeln
Es ist dir nicht erlaubt, neue Themen zu verfassen.
Es ist dir nicht erlaubt, auf Beiträge zu antworten.
Es ist dir nicht erlaubt, Anhänge anzufügen.
Es ist dir nicht erlaubt, deine Beiträge zu bearbeiten.
vB Code ist An.
Smileys sind An.
[IMG] Code ist An.
HTML-Code ist An.
Gehe zu

Ähnliche Themen
Thema Erstellt von Forum Antworten Letzter Beitrag
Microsoft Security Bulletin MS03-038 - Unchecked buffer in Microsoft Access Snapshot Viewer Could Allow Code Execution (827104) Newsbot News Archiv 0 04.09.2003 08:26
Microsoft Security Bulletin MS02-033 - Unchecked Buffer in Profile Service Could Allow Code Execution in Commerce Server (Q322273) Newsbot News Archiv 0 27.06.2002 10:05
Microsoft Security Bulletin MS02-027 - Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice (Update) Newsbot News Archiv 0 15.06.2002 10:45
Microsoft Security Bulletin MS02-029 - Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (Q318138) Newsbot News Archiv 0 14.06.2002 23:32
Microsoft Security Bulletin MS02-027 - Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice (Q323889) Newsbot News Archiv 0 12.06.2002 09:36


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:47 Uhr.

Alle Foren als gelesen markieren - Kontakt - WinHelpline - Datenschutzerklärung / Impressum - Nach oben

Powered by vBulletin Version 3.5.4 (Deutsch)
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 2.4.0
Copyright ©2000 - 2006, WinHelpline.info
  Werbung

  Moderatoren
   Schach
   Seefahrt
   Lotte Berk
   Netzwerkservice
   Football
   Webdesign

Partnerlinks:  3DCenter.org |  3DChips.net |  Planet 3DNow! |  3DChip.de |  Netzwerktotal |  Wintotal.de |  Elektrikforum.de |  Computerwissen.de |  Prad.de |  Winsoftware.de |  netzwelt.de |  WinFAQ.de