Language:
switch to room list switch to menu My folders
Go to page: First ... 4 5 6 7 [8] 9 10 11 12 ... Last
[#] Tue Feb 14 2006 16:07:14 EST from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-045A -- Microsoft Windows, Windows Media Player, and Internet Explorer Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-045A


Microsoft Windows, Windows Media Player, and Internet Explorer
Vulnerabilities

Original release date: February 14, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Windows
* Microsoft Windows Media Player
* Microsoft Internet Explorer

For more complete information, refer to the Microsoft Security
Bulletin Summary for February 2006.


Overview

Microsoft has released updates that address critical vulnerabilities
in Windows, Windows Media Player, and Internet Explorer. Exploitation
of these vulnerabilities could allow a remote, unauthenticated
attacker to execute arbitrary code or cause a denial of service on a
vulnerable system.


I. Description

Microsoft Security Bulletins for February 2006 address vulnerabilities
in Microsoft Windows, Windows Media Player, and Internet Explorer.
Further information is available in the following US-CERT
Vulnerability Notes:


VU#312956 - Microsoft WMF memory corruption vulnerability

Microsoft applications fail to properly handle WMF (Windows Meta File)
images, potentially allowing a remote attacker to execute arbitrary
code on a vulnerable system.
(CVE-2006-0020)


VU#291396 - Microsoft Windows Media Player vulnerable to buffer
overflow in bitmap processing routine

Microsoft Windows Media Player contains a buffer overflow
vulnerability that may allow a remote, unauthenticated attacker to
execute arbitrary code on a vulnerable system.
(CVE-2006-0006)


VU#692060 - Microsoft Windows Media Player plug-in buffer overflow

The Microsoft Windows Media Player plug-in for browsers other than
Internet Explorer contains a buffer overflow, which may allow a remote
attacker to execute arbitrary code.
(CVE-2006-005)


VU#839284 - Microsoft Windows TCP/IP fails to properly validate IGMP
packets

Microsoft Windows implementations of the TCP/IP protocol fail to
properly validate IGMP (Internet Group Management Protocol) packets,
leading to a denial-of-service condition.
(CVE-2006-0021)


II. Impact

Exploitation of these vulnerabilities may allow a remote,
unauthenticated attacker to execute arbitrary code with the privileges
of the user. If the user is logged on with administrative privileges,
the attacker could take complete control of an affected system. An
attacker may also be able to cause a denial of service.


III. Solution

Apply Updates

Microsoft has provided the updates for these vulnerabilities in the
Security Bulletins and on the Microsoft Update site.

Workarounds

Please see the following US-CERT Vulnerability Notes for workarounds.


Appendix A. References

* Microsoft Security Bulletin Summary for February 2006 -
<http://www.microsoft.com/technet/security/bulletin/ms06-feb.mspx>

* US-CERT Vulnerability Note VU#312956 -
<http://www.kb.cert.org/vuls/id/312956>

* US-CERT Vulnerability Note VU#291396 -
<http://www.kb.cert.org/vuls/id/291396>

* US-CERT Vulnerability Note VU#692060 -
<http://www.kb.cert.org/vuls/id/692060>

* US-CERT Vulnerability Note VU#839284 -
<http://www.kb.cert.org/vuls/id/839284>

* CVE-2006-0020 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0020>

* CVE-2006-0006 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0006>

* CVE-2006-0005 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0005>

* CVE-2006-0021 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0021>

* Microsoft Update - <https://update.microsoft.com/microsoftupdate>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-045A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-045A Feedback VU#692060" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

Feb 14, 2006: Initial release




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQ/JA5n0pj593lg50AQLmuwf/U9ZRe+fwUG2v9e3/jiTKxqj5bEQ8OZWo
P/9Lg5JSjNn2kJdKTFSSbrLeYcJ6GcA74ROn/zv7wevKZuZ0i7xQCKih08AtyPAk
fY92F9OaOfUy9qUv2AfEUeri0qZ5+MqnOpI9A1HDT63kYwSKk0Dm6sERfHCjBiU9
jrkHmPKurM1VLUczb1ZbFgHQxFrpZVJW6ws+Kb48V7CYN55ID195mrwAKk3U49qi
c+6TBwhb00Oh3BNpi5pc8PhyYZSbZxc534FKfjvRIhd2wfZTcA36y4UyKHLWNGXx
W2VxbNA9LgKjVHq1gj1DH+NTlzqhQNmdbd8w5HC5J51qfGnZEfgZ+Q==
=IkwB
-----END PGP SIGNATURE-----

[#] Wed Feb 22 2006 15:57:58 EST from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-053A -- Apple Mac OS X Safari Command Execution Vulnerability

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-053A


Apple Mac OS X Safari Command Execution Vulnerability

Original release date: February 22, 2006
Last revised: --
Source: US-CERT


Systems Affected

Apple Safari running on Mac OS X


Overview

A file type determination vulnerability in Apple Safari could allow a
remote attacker to execute arbitrary commands on a vulnerable system.


I. Description

Apple Safari is a web browser that comes with Apple Mac OS X. The
default configuration of Safari allows it to automatically "Open
'safe' files after downloading." Due to this default configuration and
inconsistencies in how Safari and OS X determine which files are
"safe," Safari may execute arbitrary shell commands as the result of
viewing a specially crafted web page.

Details are available in the following Vulnerability Note:

VU#999708 - Apple Safari may automatically execute arbitrary shell
commands


II. Impact

A remote, unauthenticated attacker could execute arbitrary commands
with the privileges of the user running Safari. If the user is logged
on with administrative privileges, the attacker could take complete
control of an affected system.


III. Solution

Since there is no known patch for this issue at this time, US-CERT is
recommending a workaround.

Workaround

Disable "Open 'safe' files after downloading"

Disable the option to "Open 'safe' files after downloading," as
specified in the document "Securing Your Web Browser."


Appendix A. References

* US-CERT Vulnerability Note VU#999708 -
<http://www.kb.cert.org/vuls/id/999708>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/#sgeneral>

* Apple - Mac OS X - Safari RSS -
<http://www.apple.com/macosx/features/safari/>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-053A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-053A Feedback VU#999708" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

Feb 22, 2006: Initial release







-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQ/zKN30pj593lg50AQJgoQf/ZajorZz/6quzA40dc8cLxIBT70xcClH5
CKDN5nMXl1mRYYkDPF07GbcWL3lWarW5Hif0OiZfazaGNC3p9v4ZxDx/dW/ZmsYo
eDznsNWNphKB6yBSIbOUSfGyh/I7pQlG3qxXRWDTA9nVK12KIkvAAoPTgBe40obu
+x58gK5/ib4d+dEZ8F9SbO7/syYtcAzfzS2HrBYhG1lWWLYTaNC3hyI2nXF5lNV/
ymwaPv0ivAB9rpalus+KkajjiV5+J08dj+1JwgwcSpvuNMQ5c/8RCIILP+1bR+CL
lScvGuSRYk4S0QI9nmCDvwD52sluiwp2VO1atTQ1zcgpwhvLRGo3DQ==
=P2/3
-----END PGP SIGNATURE-----

[#] Fri Mar 03 2006 15:01:13 EST from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-062A -- Apple Mac Products are Affected by Multiple Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-062A


Apple Mac Products are Affected by Multiple Vulnerabilities

Original release date: March 3, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Apple Mac OS X version 10.3.9 (Panther) and version 10.4.5 (Tiger)
* Apple Mac OS X Server version 10.3.9 and version 10.4.5
* Apple Safari web browser

Previous versions of Mac OS X may also be affected.Please see Apple
Security Update 2006-001 for further information.


Overview

Apple has released Security Update 2006-001 to correct multiple
vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web
browser, and other products. The most serious of these vulnerabilities
may allow a remote attacker to execute arbitrary code. Impacts of
other vulnerabilities include bypassing security restrictions and
denial of service.


I. Description

Apple Security Update 2006-001 resolves a number of vulnerabilities
affecting Mac OS X, OS X Server, Safari web browser, and other
products. Further details are available in the following Vulnerability
Notes:

VU#999708 - Apple Safari automatically executes arbitrary shell
commands or code

Apple Safari fails to properly determine file safety, allowing a
remote unauthenticated attacker to execute arbitrary commands or code.
(CVE-2006-0848)

VU#351217 - Apple Safari WebKit component vulnerable to buffer
overflow

Apple Safari WebKit component is vulnerable to buffer overflow. This
vulnerability may allow are remote attacker to execute arbitrary code
or cause a denial-of-service condition.
(CVE-2005-4504)

VU#176732 - Apple Safari vulnerable to buffer overflow

Apple Safari is vulnerable to a stack-based buffer overflow. This
vulnerability may allow a remote attacker to execute arbitrary code on
a vulnerable system.
(CVE-2006-0387)

Please note that Apple Security Update 2006-001 addresses additional
vulnerabilities not described above. As further information becomes
available, we will publish individual Vulnerability Notes. In
addition, more information about VU#999708 is available in US-CERT
Technical Cyber Security Alert TA06-053A.


II. Impact

The impacts of these vulnerabilities vary. For information about
specific impacts, please see the Vulnerability Notes. Potential
consequences include remote execution of arbitrary code or commands,
bypass of security restrictions, and denial of service.


III. Solution

Install an update

Install the update as described in Apple Security Update 2006-001. In
addition, this update is available via Apple Update.


Appendix A. References

* US-CERT Vulnerability Note VU#999708 -
<http://www.kb.cert.org/vuls/id/999708>

* US-CERT Vulnerability Note VU#351217 -
<http://www.kb.cert.org/vuls/id/351217>

* US-CERT Vulnerability Note VU#176732 -
<http://www.kb.cert.org/vuls/id/176732>

* US-CERT Technical Cyber Security Alert TA06-053A -
<http://www.us-cert.gov/cas/techalerts/TA06-053A.html>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/#Safari>

* Apple Security Update 2006-001 -
<http://docs.info.apple.com/article.html?artnum=303382>

* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-062A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-062A Feedback VU#351217" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

March 3, 2006: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRAiYnH0pj593lg50AQIdzggAxPbhEKlYyJUdTNqDBGSI+GAQ2oRY9WFx
i+2yy5B34IvwyWt04Wb9PxgbCeWHbw9zc8X5xRPZEA/nVQWX/nnz20Tnap8ZRZUC
bqlzo9pz2P+TOm3SBKUlZ+Rl0xTUTBJus78oiczzLu/Fy1oB8obC3qfwNDdrykXc
i2MupUdRbZ5azrzDmzJGZktpVwJjM9UbXypbwsa1vg5+pAcRf4N0939kcjBML6LH
B1jKz3PF0DLX/THj0sAq5PwiE82jCtop1hpD8zVWJOLGX1lbxhcHVLbiFiKaaF7u
lKvIAf6ec9h+MQDwAnuA2uaYaQSwofCiWdOPAlueMzq23Ultlinz4g==
=5Ooe
-----END PGP SIGNATURE-----

[#] Tue Mar 14 2006 18:03:31 EST from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-073A -- Microsoft Office and Excel Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-073A


Microsoft Office and Excel Vulnerabilities

Original release date: March 14, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Office for Windows and Mac OS X
* Microsoft Excel for Windows and Mac OS X
* Microsoft Works Suite for Windows

For more complete information, refer to the Microsoft Security
Bulletin Summary for March 2006.


Overview

Microsoft has released updates that address critical vulnerabilities
in Microsoft Office and Excel. Exploitation of these vulnerabilities
could allow a remote, unauthenticated attacker to execute arbitrary
code or cause a denial of service on a vulnerable system.


I. Description

Microsoft Security Bulletin Summary for March 2006 addresses
vulnerabilities in Microsoft Office and Excel. Further information is
available in the following US-CERT Vulnerability Notes:

VU#339878 - Microsoft Excel malformed parsing format file memory
corruption vulnerability

Microsoft Excel contains a memory corruption vulnerability. This
vulnerability may allow a remote attacker to execute arbitrary code on
a vulnerable system.
(CVE-2006-0028)

VU#104302 - Microsoft Excel malformed record memory corruption
vulnerability

Microsoft Excel fails to properly validate records. This vulnerability
may allow a remote attacker to execute arbitrary code on a vulnerable
system.
(CVE-2006-0031)

VU#123222 - Microsoft Excel malformed graphic memory corruption
vulnerability

Microsoft Excel fails to properly validate graphics. This
vulnerability may allow a remote attacker to execute arbitrary code on
a vulnerable system.
(CVE-2006-0030)

VU#235774 - Microsoft Excel malformed description memory corruption
vulnerability

Microsoft Excel fails to properly validate the description field. This
vulnerability may allow a remote attacker to execute arbitrary code on
a vulnerable system.
(CVE-2006-0029)

VU#642428 - Microsoft Excel fails to properly perform range validation
when parsing document files

Microsoft Excel contains an error in range validation, which may allow
a remote unauthenticated, attacker to execute arbitrary code on a
vulnerable system.
(CVE-2005-4131)

VU#682820 - Microsoft Office routing slip buffer overflow

Microsoft Office contains a buffer overflow in the parsing of routing
slips, which may allow an attacker to execute arbitrary code on a
vulnerable system.
(CVE-2006-0009)


II. Impact

A remote, unauthenticated attacker could execute arbitrary code with
the privileges of the user. If the user is logged on with
administrative privileges, the attacker could take complete control of
an affected system. An attacker may also be able to cause a denial of
service.


III. Solution

Apply Updates

Microsoft has provided the updates for these vulnerabilities in the
Security Bulletins and on the Microsoft Update site.


Workarounds

Please see the following US-CERT Vulnerability Notes for workarounds.


Appendix A. References

* Microsoft Security Bulletin Summary for March 2006 -
<http://www.microsoft.com/technet/security/bulletin/ms06-mar.mspx>

* US-CERT Vulnerability Note VU#339878 -
<http://www.kb.cert.org/vuls/id/339878>

* US-CERT Vulnerability Note VU#104302 -
<http://www.kb.cert.org/vuls/id/104302>

* US-CERT Vulnerability Note VU#123222 -
<http://www.kb.cert.org/vuls/id/123222>

* US-CERT Vulnerability Note VU#235774 -
<http://www.kb.cert.org/vuls/id/235774>

* US-CERT Vulnerability Note VU#642428 -
<http://www.kb.cert.org/vuls/id/642428>

* US-CERT Vulnerability Note VU#682820 -
<http://www.kb.cert.org/vuls/id/682820>

* CVE-2005-4131 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4131>

* CVE-2006-0009 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0009>

* CVE-2006-0028 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0028>

* CVE-2006-0029 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0029>

* CVE-2006-0030 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0030>

* CVE-2006-0031 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0031>

* Microsoft Update - <https://update.microsoft.com/microsoftupdate>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-073A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-073A Feedback VU#339878" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

March 14, 2006: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRBdHxH0pj593lg50AQKjmwgA09ePMKZtjsxkwWaWMSFxtqGZaeV1hHby
LBApam/YAuNpmLZKzwz36quzlbceDcSeBQKKbvgqhi/Cm4Sjsywczay0agHsdXiv
dzwQCAeE0+5JA2kidsdQV9u+X866hfDq63oXy3nef/x1RPOBvNSOb8FnG1yvMCwn
965R6SUbtrA/4HRcEmVH+8dciSnARh90rcIPN6EorC7mCdXykk2YDs0MX8nuT+fl
HeHn06kvTkmJbRNZ/xq7LyGIVeuQ7Xqv1fCiqywNdJUxHg1YPmBIPqfY3e6dcqE1
rS6ithE6u9GlDMTYbTLhL3+JGE4IiIRuZL10z37x+w07AHSFuTHfWQ==
=3xcR
-----END PGP SIGNATURE-----

[#] Thu Mar 16 2006 18:13:42 EST from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-075A -- Adobe Macromedia Flash Products Multiple Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-075A


Adobe Macromedia Flash Products Contain Vulnerabilities

Original release date: March 16, 2006
Last revised: --
Source: US-CERT


Systems Affected

Microsoft Windows, Apple Mac OS X, Linux, Solaris, or other operating
systems with any of the following Adobe Macromedia products installed:
* Flash Player 8.0.22.0 and earlier
* Flash Professional 8
* Flash Basic
* Flash MX 2004
* Flash Debug Player 7.0.14.0 and earlier
* Flex 1.5
* Breeze Meeting Add-In 5.1 and earlier
* Adobe Macromedia Shockwave Player 10.1.0.11 and earlier

For more complete information, refer to Adobe Security Bulletin
APSB06-03.


Overview

There are critical vulnerabilities in Macromedia Flash player and
related software. Exploitation of these vulnerabilities could allow a
remote, unauthenticated attacker to execute arbitrary code or cause a
denial of service on a vulnerable system.


I. Description

Adobe Security Bulletin APSB06-03 addresses vulnerabilities in
Macromedia Flash Player and related software. Further information is
available in the following US-CERT Vulnerability Note:

VU#945060 - Adobe Macromedia Flash products contain multiple
vulnerabilities

Several vulnerabilities in Adobe Macromedia Flash products may allow a
remote attacker to execute arbitrary code on a vulnerable system.
(CVE-2006-0024)

Several operating systems, including Microsoft Windows (see Microsoft
Security Advisory 916208), have vulnerable versions of Flash installed
by default. Systems with Flash-enabled web browsers are vulnerable. An
attacker could host a specially crafted Flash file on a web site and
convince a user to visit the site.


II. Impact

A remote, unauthenticated attacker could execute arbitrary code with
the privileges of the user. If the user is logged on with
administrative privileges, the attacker could take complete control of
an affected system. An attacker may also be able to cause a denial of
service.


III. Solution

Apply Updates

Adobe has provided the updates for these vulnerabilities in APBS06-03.

Disable Flash

Please see Microsoft Security Advisory 916208 for instructions on how
to disable Flash on Microsoft Windows. For other operating systems and
web browsers, please contact the appropriate vendor.


Appendix A. References

* Macromedia - APSB06-03: Flash Player Update to Address Security
Vulnerabilities -
<http://www.macromedia.com/devnet/security/security_zone/apsb06-03
.html>

* US-CERT Vulnerability Note VU#945060 -
<http://www.kb.cert.org/vuls/id/945060>

* CVE-2006-0024 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0024>

* Microsoft Security Advisory (916208) -
<http://www.microsoft.com/technet/security/advisory/916208.mspx>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-075A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-075A Feedback VU#945060" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

Mar 16, 2006: Initial release




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRBnrc30pj593lg50AQJh0Af/WnwWF6RIXfF6zpDCXMzkEjdaiWUSDa+g
utKrN8ZwUqKsPVw/uKR9vLwqWrWRYbTAsVjnFd1TBiBcasxAPIM4Y0u8sYCnXldB
NmpotYhMPiuIIh7t/2bGxaAwOB8yBZvN4GNGDarsiK243/nf0m8Y7e6t+XN5FY6V
nDp+q8mxiPN0T7Bh+ofeEX7m7SOEAza7kBwzsGgRSZzIkVmwH1+pBjPznmM1Zylh
UzpTPhmvKkQtuDJ3iG3P0J6hrNZqTukEcOh5VB9gRhfvzpavSa6sXoiI7+/zTADa
IJ8ZZZ6crFYmP/DTPeA9nbeCtQg/HAu+ty6ME/leVsHah3a16NWm4w==
=XJw+
-----END PGP SIGNATURE-----

[#] Wed Mar 22 2006 12:10:35 EST from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-081A -- Sendmail Race Condition Vulnerability

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-081A


Sendmail Race Condition Vulnerability

Original release date: March 22, 2006
Last revised: --
Source: US-CERT


Systems Affected

Sendmail versions prior to 8.13.6.


Overview

A race condition in Sendmail may allow a remote attacker to execute
arbitrary code.


I. Description

Sendmail contains a race condition caused by the improper handling of
asynchronous signals. In particular, by forcing the SMTP server to
have an I/O timeout at exactly the correct instant, an attacker may be
able to execute arbitrary code with the privileges of the Sendmail
process.

Details, including statements from affected vendors are available in
the following Vulnerability Note:
VU#834865 - Sendmail contains a race condition
A race condition in Sendmail may allow a remote attacker to execute
arbitrary code.
(CVE-2006-0058)

Please refer to the Sendmail MTA Security Vulnerability Advisory and
the Sendmail version 8.13.6 release page for more information.


II. Impact

A remote, unauthenticated attacker could execute arbitrary code with
the privileges of the Sendmail process. If Sendmail is running as
root, the attacker could take complete control of an affected system.


III. Solution

Upgrade Sendmail

Sendmail version 8.13.6 has been released to correct this issue. In
addition to VU#834865, Sendmail 8.13.6 addresses other security issues
and potential weaknesses in the Sendmail code.

Patches to correct this issue in Sendmail versions 8.12.11 and 8.13.5
are also available.


Appendix A. References

* US-CERT Vulnerability Note VU#834865 -
<http://www.kb.cert.org/vuls/id/834865>

* Sendmail version 8.13.6 - <http://www.sendmail.org/8.13.6.html>

* Sendmail MTA Security Vulnerability Advisory -
<http://www.sendmail.com/company/advisory>

* Sendmail version 8.12.11 Patch -
<ftp://ftp.sendmail.org/pub/sendmail/8.12.11.p0>

* Sendmail version 8.13.5 Patch -
<ftp://ftp.sendmail.org/pub/sendmail/8.13.5.p0>

* CVE-2006-0058 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-081A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-081A Feedback VU#834865" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

Mar 22, 2006: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRCGC0X0pj593lg50AQLczAf+NzjAlt+FR5QXIayFTYL3RPVXuVU8RYtp
i4a62FbF6bDQkVJZwWqusa1XCOaAk2HhIYbYHt2RDIKyXU8PlIs1VjtKCMzhfhNE
HyJfBhfCJycU0udMsoH1IorH9bves2Ubog+mLS/eGMCcgNUJ+z3P/U8KukZfeRJi
5+jGrqksuz342XlI/9vKc9x3ateUrAyS2plbWc8wzxiG/T82hO7fCxz9mnd1V6zM
Ub2iFAIpAbBhvEJOt7/IHxnmED/YaFF6JWbvWrZxXkLpcLFNKTN7j4pyX4ymqPmk
rSoSXeCb5cc2ARBCyfsLY5+i96BxV0RgfcBXbT9mRjv7die16AoTXQ==
=7/71
-----END PGP SIGNATURE-----

[#] Wed Mar 22 2006 14:14:29 EST from Freakdog @ Dog Pound BBS II

[Reply] [ReplyQuoted] [Headers] [Print]

Guess it's a good thing I'm running Postfix.

[#] Tue Apr 11 2006 18:10:27 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-101A -- Microsoft Windows and Internet Explorer Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-101A


Microsoft Windows and Internet Explorer Vulnerabilities

Original release date: April 11, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Windows
* Microsoft Internet Explorer

For more complete information, refer to the Microsoft Security
Bulletin Summary for April 2006.


Overview

Microsoft has released updates that address critical vulnerabilities
in Microsoft Windows and Internet Explorer. Exploitation of these
vulnerabilities could allow a remote, unauthenticated attacker to
execute arbitrary code or cause a denial of service on a vulnerable
system.


I. Description

Microsoft Security Bulletin Summary for April 2006 addresses
vulnerabilities in Microsoft Windows and Internet Explorer. Further
information is available in the following US-CERT Vulnerability Notes:


VU#876678 - Microsoft Internet Explorer createTextRange()
vulnerability

Microsoft Internet Explorer fails to properly handle the
createTextRange() DHTML method, possibly allowing a remote,
unauthenticated attacker to execute arbitrary code.
(CVE-2006-1359)


VU#984473 - Microsoft Internet Explorer contains overflow in
processing script action handlers

A vulnerability in the Microsoft Internet Explorer web browser could
allow a remote attacker to crash the browser or possibly execute
arbitrary code on a vulnerable system.
(CVE-2006-1245)


VU#434641 - Microsoft Internet Explorer may automatically execute HTA
files

Microsoft Internet Explorer fails to properly handle HTA files. This
vulnerability may allow a remote attacker to execute arbitrary code.
(CVE-2006-1388)


VU#503124 - Microsoft Internet Explorer fails to handle specially
crafted, malformed HTML

Microsoft Internet Explorer fails to properly handle malformed HTML.
This vulnerability may allow a remote attacker to execute arbitrary
code on a vulnerable system.
(CVE-2006-1185)


VU#959049 - Multiple COM objects cause memory corruption in Microsoft
Internet Explorer

Microsoft Internet Explorer allows instantiation of COM objects not
designed for use in the browser, which may allow a remote attacker to
execute arbitrary code or crash IE.
(CVE-2006-1186)


VU#824324 - Microsoft Internet Explorer fails to properly handle HTML
elements with a specially crafted tag

Microsoft Internet Explorer fails to properly handle HTML element
tags, which may allow a remote, unauthenticated attacker to execute
arbitrary code.
(CVE-2006-1188)


VU#341028 - Microsoft Internet Explorer fails to properly handle
double-byte characters in specially crafted URLs

Microsoft Internet Explorer fails to properly handle double-byte
characters in URLs, which may allow a remote, unauthenticated attacker
to execute arbitrary code.
(CVE-2006-1189)


VU#234812 - Microsoft Windows contains a vulnerability in the
RDS.Dataspace ActiveX control in MDAC

Microsoft Windows fails to properly handle the RDS.Dataspace ActiveX
control possibly allowing a remote attacker to execute arbitrary code.
(CVE-2006-0003)


VU#641460 - Microsoft Windows Explorer fails to properly handle COM
objects

Microsoft Windows fails to properly handle COM Objects. This
vulnerability may allow a remote unauthenticated attacker to execute
arbitrary code on a vulnerable system.
(CVE-2006-0012)


II. Impact

A remote, unauthenticated attacker could execute arbitrary code with
the privileges of the user. If the user is logged on with
administrative privileges, the attacker could take complete control of
an affected system. An attacker may also be able to cause a denial of
service.


III. Solution

Apply Updates

Microsoft has provided updates for these vulnerabilities in the
Security Bulletins and on the Microsoft Update site.

Workarounds

Please see the US-CERT Vulnerability Notes for workarounds. Many of
these vulnerabilities can be mitigated by following the instructions
listed in the Securing Your Web Browser document.

Appendix A. References

* Microsoft Security Bulletin Summary for April 2006 -
<http://www.microsoft.com/technet/security/bulletin/ms06-apr.mspx>

* US-CERT Vulnerability Note VU#876678 -
<http://www.kb.cert.org/vuls/id/876678>

* US-CERT Vulnerability Note VU#984473 -
<http://www.kb.cert.org/vuls/id/984473>

* US-CERT Vulnerability Note VU#434641 -
<http://www.kb.cert.org/vuls/id/434641>

* US-CERT Vulnerability Note VU#503124 -
<http://www.kb.cert.org/vuls/id/503124>

* US-CERT Vulnerability Note VU#959049 -
<http://www.kb.cert.org/vuls/id/959049>

* US-CERT Vulnerability Note VU#824324 -
<http://www.kb.cert.org/vuls/id/824324>

* US-CERT Vulnerability Note VU#341028 -
<http://www.kb.cert.org/vuls/id/341028>

* US-CERT Vulnerability Note VU#234812 -
<http://www.kb.cert.org/vuls/id/234812>

* US-CERT Vulnerability Note VU#641460 -
<http://www.kb.cert.org/vuls/id/641460>

* CVE-2006-1359 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1359>

* CVE-2006-1245 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1245>

* CVE-2006-1388 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1388>

* CVE-2006-1185 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1185>

* CVE-2006-1186 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1186>

* CVE-2006-1188 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1188>

* CVE-2006-1189 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1189>

* CVE-2006-0003 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0003>

* CVE-2006-0012 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0012>

* Microsoft Update - <https://update.microsoft.com/microsoftupdate>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/#Internet_Ex
plorer>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-101A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-101A Feedback VU#876678" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

Apr 11, 2006: Initial release





-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRDwj9n0pj593lg50AQInJggAoOBNa20SU8JukBoK5elr5vWOLcAjycHt
Cg0+064ncCpQXoWiYPrLGVzg4/MCTVUygbYl85cePp5cHSHqpfuYXoBuZwSKu36+
olQdkbU1ejViA8A0XPsQ3EgtIRlDZSgL1ncYlRM8QxK8CF7QV616ta8q6H/3EDMM
i+tXy6gzQMqJeUthopzGcfpf6U5Qu9PCk/+Pj66GfFhHpARanLef2H28WFRazC+I
R+vLGLFLV0gp1Iy7t267l1BhN1w1z+fXD0WwYkiTwb0mzeize8Amdqlb5c4Vn4wh
HAF/XGiCe5qkMhM7kRLA70JsNfSkI38JPHWSo9/a04wFBKENCAwNpA==
=w6IC
-----END PGP SIGNATURE-----

[#] Mon Apr 17 2006 15:39:28 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-107A -- Mozilla Products Contain Multiple Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-107A


Mozilla Products Contain Multiple Vulnerabilities

Original release date: April 17, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Mozilla web browser, email and newsgroup client
* Mozilla SeaMonkey
* Firefox web browser
* Thunderbird email client
* Mozilla Suite

Any products based on Mozilla components, particularly Gecko may also
be affected.


Overview

The Mozilla web browser and derived products contain several
vulnerabilities, the most serious of which could allow a remote
attacker to execute arbitrary code on an affected system.


I. Description

Several vulnerabilities have been reported in the Mozilla web browser
and derived products. More detailed information is available in the
individual vulnerability notes, including:

VU#932734 - Mozilla crypto.generateCRMFRequest() vulnerability

A vulnerability exists in the Mozilla JavaScript routine
generateCRMFRequest() that may allow a remote attacker to execute
arbitrary code.
(CVE-2006-1728)

VU#968814 - Mozilla JavaScript security bypass vulnerability

Mozilla products fail to properly enforce security restrictions in
JavaScript. This vulnerability may allow a remote, unauthenticated
attacker to execute arbitrary code.
(CVE-2006-1726)

VU#179014 - Mozilla CSS integer overflow vulnerability

Mozilla products contain an integer overflow that could allow a
remote, unauthenticated attacker to execute arbitrary code.
(CVE-2006-1730)

VU#488774 - Mozilla XBL binding vulnerability

Mozilla products fail to properly restrict access to privileged XBL
bindings. This vulnerability may allow a remote, unauthenticated
attacker to execute arbitrary code.
(CVE-2006-1733)

VU#842094 - Mozilla JavaScript cloned parent vulnerability

Mozilla products fail to properly restrict access to a JavaScript
functions cloned parent. This vulnerability may allow a remote
attacker to execute arbitrary code on a vulnerable system.
(CVE-2006-1734)

VU#813230 - Mozilla products vulnerable to privilege escalation via
XBL.method.eval

A vulnerability in the way Mozilla products and derivative programs
handle certain XBL methods could allow a remote attacker to execute
arbitrary code on a vulnerable system.
(CVE-2006-1735)

VU#736934 - Mozilla products vulnerable to memory corruption via a
particular sequence of HTML tags

A vulnerability in the way Mozilla products and derivative programs
handle certain HTML tags could allow a remote attacker to execute
arbitrary code on a vulnerable system.
(CVE-2006-0749)

VU#935556 - Mozilla products may allow CSS border-rendering code to
write past the end of an array

A vulnerability in the way Mozilla products and derivative programs
handle certain CSS methods could allow a remote attacker to crash the
application or execute arbitrary code on a vulnerable system.
(CVE-2006-1739)

VU#350262 - Mozilla DHTML memory corruption vulnerabilities

Mozilla products contain to multiple, unspecified vulnerabilities in
the way they handle DHTML. These vulnerabilities may allow a remote
attacker to execute arbitrary code or cause a denial-of-service
condition.
(CVE-2006-1724)

VU#252324 - Mozilla display style vulnerability

Mozilla products contain an unspecified vulnerability in the way they
handle display styles. This vulnerability may allow a remote attacker
to execute arbitrary code or cause a denial-of-service condition.

VU#329500 - Mozilla products vulnerable to memory corruption via large
regular expression in JavaScript

A vulnerability in the way the JavaScript engine of Mozilla products
and derivative programs handles a large regular expression could allow
a remote attacker to crash the application or execute arbitrary code
on a vulnerable system.


II. Impact

The most severe impact of these vulnerabilities could allow a remote
attacker to execute arbitrary code with the privileges of the user
running the affected application. Other effects include a denial of
service or local information disclosure.


III. Solution

Upgrade

Upgrade to Mozilla Firefox 1.5.0.2, Mozilla Thunderbird 1.5.0.2, or
SeaMonkey 1.0.1. According to Mozilla.org, Thunderbird 1.5.0.2 is
to be released on April 18, 2006.

Users are strongly encourages to apply the workarounds described in
the individual vulnerability notes until updates can be applied.


Appendix A. References

* Mozilla Foundation Security Advisories -
<http://www.mozilla.org/security/announce/>

* Mozilla Foundation Security Advisories -
<http://www.mozilla.org/projects/security/known-vulnerabilities.ht
ml>

* US-CERT Vulnerability Note VU#932734 -
<http://www.kb.cert.org/vuls/id/932734>

* US-CERT Vulnerability Note VU#968814 -
<http://www.kb.cert.org/vuls/id/968814>

* US-CERT Vulnerability Note VU#179014 -
<http://www.kb.cert.org/vuls/id/179014>

* US-CERT Vulnerability Note VU#488774 -
<http://www.kb.cert.org/vuls/id/488774>

* US-CERT Vulnerability Note VU#842094 -
<http://www.kb.cert.org/vuls/id/842094>

* US-CERT Vulnerability Note VU#813230 -
<http://www.kb.cert.org/vuls/id/813230>

* US-CERT Vulnerability Note VU#736934 -
<http://www.kb.cert.org/vuls/id/736934>

* US-CERT Vulnerability Note VU#935556 -
<http://www.kb.cert.org/vuls/id/935556>

* US-CERT Vulnerability Note VU#350262 -
<http://www.kb.cert.org/vuls/id/350262>

* US-CERT Vulnerability Note VU#252324 -
<http://www.kb.cert.org/vuls/id/252324>

* US-CERT Vulnerability Note VU#329500 -
<http://www.kb.cert.org/vuls/id/329500>

* US-CERT Vulnerability Notes Related to April Mozilla Security
Advisories -
<http://www.kb.cert.org/vuls/byid?searchview&query=mozilla_April_2
006>

* CVE-2006-1726 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1726>

* CVE-2006-1728 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1728>

* CVE-2006-1730 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1730>

* CVE-2006-1733 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1733>

* CVE-2006-1734 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1734>

* CVE-2006-1735 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735>

* CVE-2006-0749 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0749>

* CVE-2006-1739 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1739>

* CVE-2006-1724 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1724>

* Firefox - Rediscover the Web - <http://www.mozilla.com/firefox/>

* Thunderbird - Reclaim your inbox -
<http://www.mozilla.com/thunderbird/>

* The SeaMonkey Project -
<http://www.mozilla.org/projects/seamonkey/>

* Mozilla Suite - The All-in-One Internet Application Suite -
<http://www.mozilla.org/products/mozilla1.x/>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/browser_secu
rity.html#Mozilla_Firefox>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-107A.html>
____________________________________________________________________

[#] Wed Apr 19 2006 15:08:22 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-109A -- Oracle Products Contain Multiple Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-109A


Oracle Products Contain Multiple Vulnerabilities

Original release date: April 19, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Oracle Database 10g
* Oracle9i Database
* Oracle8i Database
* Oracle Enterprise Manager 10g Grid Control
* Oracle Application Server 10g
* Oracle Collaboration Suite 10g
* Oracle9i Collaboration Suite
* Oracle E-Business Suite Release 11i
* Oracle E-Business Suite Release 11.0
* Oracle Pharmaceutical Applications
* JD Edwards EnterpriseOne, OneWorld Tools
* Oracle PeopleSoft Enterprise Tools
* Oracle Workflow
* Oracle Developer Suite 6i

For more information regarding affected product versions, please see
the Oracle Critical Patch Update - April 2006.


Overview

Oracle products and components are affected by multiple
vulnerabilities. The impacts of these vulnerabilities include remote
execution of arbitrary code, information disclosure, and denial of
service.


I. Description

Oracle has released Critical Patch Update - April 2006. This update
addresses more than thirty vulnerabilities in different Oracle
products and components.

The Critical Patch Update provides information about affected
components, access and authorization required, and the impact of the
vulnerabilities on data confidentiality, integrity, and availability.
MetaLink customers should refer to MetaLink Note 293956.1 (login
required) for more information on terms used in the Critical Patch
Update.

According to Oracle, none of the vulnerabilities corrected in the
Oracle Critical Patch Update affect Oracle Database Client-only
installations.

The PL/SQL Gateway vulnerability identified as PLSQL01 in the Oracle
Critical Patch Update corresponds to US-CERT Vulnerability Note
VU#169164, which includes further details including workarounds.

In most cases, Oracle does not associate Vuln# identifiers (e.g.,
DB01) with other available information. As more details about
vulnerabilities and remediation strategies becomes available, we will
update the individual vulnerability notes.


II. Impact

The impact of these vulnerabilities varies depending on the product,
component, and configuration of the system. Potential consequences
include the execution of arbitrary code or commands, information
disclosure, and denial of service. Vulnerable components may be
available to unauthenticated, remote attackers. An attacker who
compromises an Oracle database may be able to gain access to sensitive
information.


III. Solution

Apply a patch

Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update - April 2006. Note that this Critical Patch
Update only lists newly corrected issues. Updates to patches for
previously known issues are not listed.

As noted in the update, some patches are cumulative, others are not:

The Oracle Database, Oracle Application Server, Oracle Enterprise
Manager Grid Control, Oracle Collaboration Suite, JD Edwards
EnterpriseOne and OneWorld Tools, and PeopleSoft Enterprise Portal
Applications patches in the Updates are cumulative; each successive
Critical Patch Update contains the fixes from the previous Critical
Patch Updates.
Oracle E-Business Suite and Applications patches are not
cumulative, so E-Business Suite and Applications customers should
refer to previous Critical Patch Updates to identify previous fixes
they wish to apply.

Patches for some platforms and components were not available when the
Critical Patch Update was published on April 18, 2006. Please see
MetaLink Note 360465.1 (login required) for more information.

Known issues with Oracle patches are documented in the
pre-installation notes and patch readme files. Please consult these
documents specific to your system before applying patches.


Appendix A. Vendor Information

Oracle

Please see Oracle Critical Patch Update - April 2006 and Critical
Patch Updates and Security Alerts.


Appendix B. References

* US-CERT Vulnerability Note VU#169164 -
<http://www.kb.cert.org/vuls/id/169164>

* US-CERT Vulnerability Notes Related to Critical Patch Update -
April 2006 -
<http://www.kb.cert.org/vuls/byid?searchview&query=oracle_cpu_apri
l_2006>

* Critical Patch Update - April 2006 -
<http://www.oracle.com/technology/deploy/security/pdf/cpuapr2006.h
tml>

* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>

* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_
to_advisory_mapping.html>

* Oracle Database Security Checklist (PDF) -
<http://www.oracle.com/technology/deploy/security/pdf/twp_security
_checklist_db_database.pdf>

* MetaLink Note 293956.1 (login required) -
<http://metalink.oracle.com/metalink/plsql/showdoc?db=Not&id=29395
6.1>

* MetaLink Note 360465.1 (login required) -
<http://metalink.oracle.com/metalink/plsql/showdoc?db=Not&id=36046
5>

* Details Oracle Critical Patch Update April 2006 -
<http://www.red-database-security.com/advisory/oracle_cpu_apr_2006
.html>


____________________________________________________________________

Information used in this document came from Oracle, NGSSoftware, and
Red-Database-Security.

Oracle credits the following individuals for providing information
regarding vulnerabilities addressed in the Critical Patch Update -
April 2006: Esteban Martinez Fayo of Application Security, Inc.,
Alexander Kornbrust of Red-Database-Security, David Litchfield of
NGSSoftware Ltd., and noderat ratty.
____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-109A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-109A Feedback VU#169164" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

Apr 19, 2006: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBREaGLH0pj593lg50AQIzvggAgNb5fxLcz2yYOHgduSIARMlORM6ndZyi
4h/k1iO0w4GEq2sH1jE4gg2fnc2vgumHRssaMX7lzeAdM8qD3jUqMNuRT83Ywrjh
qOCXHykdx62L5x1Nf2tn8zhTZt0kzmOmHXkUEQRAiqRbtZ6f15am6skjCUy9B9jl
ber/NpM/9XQAK5Ku4wwcX3rMLlBvigOnDp+2JKWM+e4vT4M3XOibJnQAiSGqE4ez
habCOOOkMye+i//l2VQwvc/d5woPdo5fpfTW6owMUd6gngvECy3tgeP54brdbQ8u
tYxo8HxhYmph+9tkyVFTt95e0A93pDHX7lJAzz4OFvxxXS0ZrApnEQ==
=veVp
-----END PGP SIGNATURE-----

[#] Tue May 09 2006 16:16:12 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-129A -- Microsoft Windows and Exchange Server Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-129A


Microsoft Windows and Exchange Server Vulnerabilities

Original release date: May 9, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Windows
* Microsoft Exchange Server

For more complete information, refer to the Microsoft Security
Bulletin Summary for May 2006.


Overview

Microsoft has released updates that address critical vulnerabilities
in Microsoft Windows and Exchange Server. Exploitation of these
vulnerabilities could allow a remote, unauthenticated attacker to
execute arbitrary code or cause a denial of service on a vulnerable
system.


I. Description

Microsoft Security Bulletin Summary for May 2006 addresses
vulnerabilities in Microsoft Windows and Exchange Server. Further
information is available in the following US-CERT Vulnerability Notes:


VU#303452 - Microsoft Exchange fails to properly handle vCal and iCal
properties

Microsoft Exchange Server does not properly handle the vCal and iCal
properties of email messages. Exploitation of this vulnerability may
allow a remote, unauthenticated attacker to execute arbitrary code on
an Exchange Server.
(CVE-2006-0027)


VU#945060 - Adobe Flash products contain multiple vulnerabilities

Several vulnerabilities in Adobe Macromedia Flash products may allow a
remote attacker to execute code on a vulnerable system.
(CVE-2006-0024)


VU#146284 - Macromedia Flash Player fails to properly validate the
frame type identifier read from a "SWF" file

A buffer overflow vulnerability in some versions of the Macromedia
Flash Player may allow a remote attacker to execute code on a
vulnerable system.
(CVE-2005-2628)


II. Impact

A remote, unauthenticated attacker could execute arbitrary code on a
vulnerable system. An attacker may also be able to cause a denial of
service.


III. Solution

Apply Updates

Microsoft has provided updates for these vulnerabilities in the
Security Bulletins. Microsoft Windows updates are available on the
Microsoft Update site.

Workarounds

Please see the US-CERT Vulnerability Notes for workarounds.


Appendix A. References

* Microsoft Security Bulletin Summary for May 2006 -
<http://www.microsoft.com/technet/security/bulletin/ms06-may.mspx>

* Technical Cyber Security Alert TA06-075A -
<http://www.us-cert.gov/cas/techalerts/TA06-075A.html>

* US-CERT Vulnerability Note VU#303452 -
<http://www.kb.cert.org/vuls/id/303452>

* US-CERT Vulnerability Note VU#945060 -
<http://www.kb.cert.org/vuls/id/945060>

* US-CERT Vulnerability Note VU#146284 -
<http://www.kb.cert.org/vuls/id/146284>

* CVE-2006-0027 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0027>

* CVE-2006-0024 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0024>

* CVE-2005-2628 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2628>

* Microsoft Update - <https://update.microsoft.com/microsoftupdate>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-129A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-129A Feedback VU#303452" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

May 9, 2006: Initial release





-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRGDvB30pj593lg50AQJkAQf9FqFX8S29GmV1pKfRCfkEY9ooi/ygyeyu
l+z2OpoJsu4BHhYbXahssZLutNh0UtpC2Qv17sgHP2xg2sIokqgqkdMH1WQn4kAw
x6RWPlI7hraIg/tY1lSZayZris4XMuDzNiqfpa/gN7oOSOtnIZ6Ky5+h5nIk+xxk
Q50BdlEHmw5e62LyW7qnBAoHuHzEQq/xS52DtTat+aigRYePq3SX2f8S4BpZyKzq
kQKN7kn2keseziuKCMEMNIH0bUunUr6M2kRsBPIBUrAi03Fmgx2Qfy7yMHRV/0Gg
A2jjB48O4m+fuHHQSVSP2gCtSbe9ChiWJ8Db1nY1pnsQ42fZvqQekg==
=nxe/
-----END PGP SIGNATURE-----

[#] Fri May 12 2006 16:55:10 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-132A -- Apple Mac Products Affected by Multiple Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-132A


Apple Mac Products Affected by Multiple Vulnerabilities

Original release date: May 12, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Apple Mac OS X version 10.3.9 (Panther) and version 10.4.6 (Tiger)
* Apple Mac OS X Server version 10.3.9 and version 10.4.6
* Apple Safari web browser
* Apple Mail

Previous versions of Mac OS X may also be affected. Please see Apple
Security Update 2006-003 for further information.


Overview

Apple has released Security Update 2006-003 to correct multiple
vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web
browser, Mail, and other products. The most serious of these
vulnerabilities may allow a remote attacker to execute arbitrary code.
Impacts of other vulnerabilities include bypassing security
restrictions and denial of service.


I. Description

Apple Security Update 2006-003 resolves a number of vulnerabilities
affecting Mac OS X, OS X Server, Safari web browser, Mail, and other
products. Further details are available in the individual
Vulnerability Notes.


II. Impact

The impacts of these vulnerabilities vary. For information about
specific impacts, please see the Vulnerability Notes. Potential
consequences include remote execution of arbitrary code or commands,
bypass of security restrictions, and denial of service.


III. Solution

Install an update

Install Apple Security Update 2006-003. This and other updates are
available via Apple Update.

Disable "Open 'safe' files after downloading"

For additional protection, disable the option to "Open 'safe' files
after downloading," as specified in "Securing Your Web Browser."


Appendix A. References

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/#Safari>

* Apple Security Update 2006-003 -
<http://docs.info.apple.com/article.html?artnum=303737>

* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>


____________________________________________________________________

These vulnerabilities were reported in Apple Security Update 2006-003.
Please see the Vulnerability Notes for individual reporter
acknowledgements.
____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-132A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-132A Feedback VU#519473" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

May 12, 2006: Initial release





-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRGTxnX0pj593lg50AQKebgf+PTa7qCt6QQRcXGlJ3vjPFOdO1VNRMGr8
WOP8JKHbCK93O3E6YtHJ3nQTJBfyq169TQijWvoWvjjXM603DojGXUXgTBZFhTSG
c4L0jE2+nD3273nZXGPreFJAsPxK6me7d4Of/KQ/prJnUfrnWNxfrP90CmXRKNLD
+4eC4BEjNXCqpb0ki62WQM7NED6IgfgNZWfO7faTSRYNRdEyLAgetQxZVm5eepyK
BJO3rRBBRkOIkIIG5o/J5ViqgiuUP75N37QqTc7BtyzQR2OeWepytJvkMvJUBVAG
r0fLUKvhT4wdHxsNGVGCxLNf3NHG1UuWNO3UZ9MeBmREdmeT+K0l9A==
=cabu
-----END PGP SIGNATURE-----

[#] Fri May 12 2006 17:21:42 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-132B -- Apple QuickTime Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


National Cyber Alert System

Technical Cyber Security Alert TA06-132B


Apple QuickTime Vulnerabilities

Original release date: May 12, 2006
Last revised: --
Source: US-CERT


Systems Affected

Apple QuickTime on systems running

* Apple Mac OS X
* Microsoft Windows


Overview

Apple QuickTime contains multiple vulnerabilities. Exploitation of
these vulnerabilities could allow a remote attacker to execute
arbitrary code or cause a denial-of-service condition.


I. Description

Apple QuickTime 7.1 resolves multiple vulnerabilities in the way
different types of image and media files are handled. An attacker
could exploit these vulnerabilities by convincing a user to access
a specially crafted image or media file with a vulnerable version
of QuickTime. Since QuickTime configures most web browsers to
handle QuickTime media files, an attacker could exploit these
vulnerabilities using a web page.

For more information, please refer to the Vulnerability Notes.


II. Impact

The impacts of these vulnerabilities could allow an remote,
unauthenticated attacker to execute arbitrary code or commands, and
cause a denial-of-service condition. For further information,
please see the Vulnerability Notes.


III. Solution

Upgrade

Upgrade to QuickTime 7.1. This and other updates for Mac OS X are
available via Apple Update.

Disable QuickTime in your web browser

An attacker may be able to exploit this vulnerability by persuading
a user to access a specially crafted file with a web
browser. Disabling QuickTime in your web browser will defend
against this attack vector. For more information, refer to the
Securing Your Web Browser document.


Appendix A. References

* Vulnerability Notes for QuickTime 7.1 -
<http://www.kb.cert.org/vuls/byid?searchview&query=QuickTime_7.1>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/>

* About the security content of the QuickTime 7.1 Update -
<http://docs.info.apple.com/article.html?artnum=303752>

* Apple QuickTime 7.1 -
<http://www.apple.com/support/downloads/quicktime71.html>

* Standalone Apple QuickTime Player -
<http://www.apple.com/quicktime/download/standalone.html>

* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-132B.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-132B Feedback VU#289705" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

May 12, 2006: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRGT7JH0pj593lg50AQI2Uwf/U3zGDrR8UkWK4ry6AYMS7HPMdbiF6Vmo
9gP9Luc6Kj8zzxCWhnNKNzEq2P0B1oD03WcPFaIPnwvQJGApeUDRimyhQj8RDjME
yAUt/reWG7RZ0Z2w/qaiZP7pQ7SjyIUKkN2OCG8LMmGKqsiCdFXoss/Bu0yFMH11
uvgwibfvkOdRLAPmRTVWk+gJEAdw3xFySm9r92qmig6CxKi7GAIpi9Gf7MXcRsKg
oG3y5f06Kiq8ACYszPKneHE7WNvLP1ewuaWmf7PHiNebAB+W5hfwA2yEh6e6PSV2
eBi5cpigfXBrsjXk4L7wYrD8UcRl7nN8iqzWpMwYJkSloUmcYL1BBg==
=LsFu
-----END PGP SIGNATURE-----

[#] Fri May 19 2006 21:57:30 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-139A -- Microsoft Word Vulnerability

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


National Cyber Alert System

Technical Cyber Security Alert TA06-139A


Microsoft Word Vulnerability

Original release date: May 19, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Word 2003
* Microsoft Word XP (2002)

Microsoft Word is included in Microsoft Works Suite and Microsoft
Office. Other versions of Word, and other Office programs may be
affected or act as attack vectors.


Overview

A buffer overflow vulnerability in Microsoft Word could allow an
attacker to execute arbitrary code on a vulnerable system.


I. Description

Microsoft Word contains a buffer overflow vulnerability. Opening a
specially crafted Word document, including documents hosted on web
sites or attached to email messages, could trigger the
vulnerability.

Office documents can contain embedded objects. For example, a
malicious Word document could be embedded in an Excel or PowerPoint
document. Office documents other than Word documents could be used
as attack vectors.

For more information, please see Vulnerability Note VU#446012.


II. Impact

By convincing a user to open a specially crafted Word document, an
attacker could execute arbitrary code on a vulnerable system. If
the user has administrative privileges, the attacker could gain
complete control of the system.


III. Solution

At the time of writing, there is no complete solution available.
Consider the following workarounds:

Do not open untrusted Word documents

Do not open unfamiliar or unexpected Word or other Office
documents, including those received as email attachments or hosted
on a web site. Please see Cyber Security Tip ST04-010 for more
information.

Do not rely on file extension filtering

In most cases, Windows will call Word to open a document even if
the document has an unknown file extension. For example, if
document.d0c (note the digit "0") contains the correct file header
information, Windows will open document.d0c with Word.


Appendix A. References

* Vulnerability Note VU#446012 -
<http://www.kb.cert.org/vuls/id/446012>

* Cyber Security Tip ST04-010 -
<http://www.us-cert.gov/cas/tips/ST04-010.html>


____________________________________________________________________

Information used in this document came from SANS and Microsoft.
____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-139A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-139A Feedback VU#446012" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

May 19, 2006: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRG52p30pj593lg50AQKmsgf/SsFJRdioulQM941Cq2WA1tv+Y+3XcDme
kW13FyXDSiSVjkLeGTS3CvmELieeyS8WNgF/bF5b4nU7U8PmYYlm5SB4gygsgg9q
F7zNlw8EJoVxZTHDnFr8vq3IovhGsTsBwA0TyySUZHQkS6X5ESf65AzongmgRRT4
Oi4AUQd3n/XZdwrWtO7LPkaPF6IVTF28whLRwaeX+N7m10opL2WuqGrlbJ24VOJm
x6UbIRRIhLNdubLGUi3iDA1+Ds1LsnZR22COvvNoQ2F3mA2ahP4D4rBrLTyqnLye
zBCrGIIB0Wkvvh8yVelLKIplTWY/elUjwTUPsdQWsDeAm0AXKJjwPw==
=1Nea
-----END PGP SIGNATURE-----

[#] Fri Jun 02 2006 14:56:46 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-153A -- Mozilla Products Contain Multiple Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-153A


Mozilla Products Contain Multiple Vulnerabilities

Original release date: June 2, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Mozilla SeaMonkey
* Firefox web browser
* Thunderbird email client

Any products based on Mozilla components, particularly Gecko, may also
be affected.


Overview

The Mozilla web browser and derived products contain several
vulnerabilities, the most serious of which could allow a remote
attacker to execute arbitrary code on an affected system.


I. Description

Several vulnerabilities have been reported in the Mozilla web browser
and derived products. More detailed information is available in the
individual vulnerability notes, including:


VU#237257 - Mozilla privilege escalation using addSelectionListener

A privilege escalation vulnerability exists in the Mozilla
addSelectionListener method. This may allow a remote attacker to
execute arbitrary code.


VU#421529 - Mozilla contains a buffer overflow vulnerability in
crypto.signText()

Mozilla products contain a buffer overflow in the crypto.signText()
method. This may allow a remote attacker to execute arbitrary code.


VU#575969 - Mozilla may process content-defined setters on object
prototypes with elevated privileges

Mozilla allows content-defined setters on object prototypes to execute
with elevated privileges. This may allow a remote attacker to execute
arbitrary code.


VU#243153 - Mozilla may associate persisted XUL attributes with an
incorrect URL

Mozilla can allow persisted XUL attributes to associate with the wrong
URL. This may allow a remote attacker to execute arbitrary code.


VU#466673 - Mozilla contains multiple memory corruption
vulnerabilities

Mozilla contains several memory corruption vulnerabilities. This may
allow a remote attacker to execute arbitrary code.


II. Impact

The most severe impact of these vulnerabilities could allow a remote
attacker to execute arbitrary code with the privileges of the user
running the affected application. Other effects include a denial of
service or local information disclosure.


III. Solution

Upgrade

Upgrade to Mozilla Firefox 1.5.0.4, Mozilla Thunderbird 1.5.0.4, or
SeaMonkey 1.0.2.

Disable JavaScript

These vulnerabilities can be mitigated by disabling JavaScript.


Appendix A. References

* US-CERT Vulnerability Note VU#237257 -
<http://www.kb.cert.org/vuls/id/237257>

* US-CERT Vulnerability Note VU#421529 -
<http://www.kb.cert.org/vuls/id/421529>

* US-CERT Vulnerability Note VU#575969 -
<http://www.kb.cert.org/vuls/id/575969>

* US-CERT Vulnerability Note VU#243153 -
<http://www.kb.cert.org/vuls/id/243153>

* US-CERT Vulnerability Note VU#466673 -
<http://www.kb.cert.org/vuls/id/466673>

* Mozilla Foundation Security Advisories -
<http://www.mozilla.org/security/announce/>

* US-CERT Vulnerability Notes Related to June Mozilla Security
Advisories -
<http://www.kb.cert.org/vuls/byid?searchview&query=firefox_1504>

* Mozilla Foundation Security Advisories -
<http://www.mozilla.org/projects/security/known-vulnerabilities.html>

* Firefox - Rediscover the Web - <http://www.mozilla.com/firefox/>

* Thunderbird - Reclaim your inbox -
<http://www.mozilla.com/thunderbird/>

* The SeaMonkey Project -
<http://www.mozilla.org/projects/seamonkey/>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/browser_security.html#Mozilla_Firefox>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-153A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-153A Feedback VU#237257" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

Jun 2, 2006: Initial release




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRICC5H0pj593lg50AQKT/Af+IMgN13YNpubQiBvQsAQkXHTbjQnWuM7q
XyvsEZHT/DAEUVr9kR1wx5IlS+lwELN9jq2QwfFJz7E+1psUJd5o9wLD/KUTlrUk
baclGN/pEIR8jp1zyCVCCTbCeFig9RNA7vaGYzdbNjhXWhJANagK0bIK3Y9xS2ug
B2i33KtkApsZ4Jn9/hXrtqkUhgf1FaBIWlq9By2gsVraAdRYiObtR3YfDDwX0d/H
8PHNxtdg+bOJEaYoQxYzxWDdx06wr7ZVzvGhkacWIyOmC35x/9mTmFOeZrH9ecjq
3fDxx3gUXSKIn4yToKnfxqCD8nA6vi9b22LW+CIKuSPosbloWaw9ew==
=nbAW
-----END PGP SIGNATURE-----

[#] Tue Jun 13 2006 18:41:11 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-164A -- Microsoft Windows, Internet Explorer, Media Player, Word, PowerPoint, and Exchange Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


National Cyber Alert System

Technical Cyber Security Alert TA06-164A


Microsoft Windows, Internet Explorer, Media Player, Word, PowerPoint, and
Exchange Vulnerabilities

Original release date: June 13, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Windows
* Microsoft Windows Media Player
* Microsoft Internet Explorer
* Microsoft PowerPoint for Windows and Mac OS X
* Microsoft Word for Windows
* Microsoft Office
* Microsoft Works Suite
* Microsoft Exchange Server Outlook Web Access

For more complete information, refer to the Microsoft Security
Bulletin Summary for June 2006.


Overview

Microsoft has released updates that address critical vulnerabilities
in Microsoft Windows, Word, PowerPoint, Media Player, Internet
Explorer, and Exchange Server. Exploitation of these vulnerabilities
could allow a remote, unauthenticated attacker to execute arbitrary
code or cause a denial of service on a vulnerable system.


I. Description

Microsoft Security Bulletin Summary for June 2006 addresses
vulnerabilities in Microsoft Windows, Word, PowerPoint, Media Player,
Internet Explorer, and Exchange Server. Further information is
available in the following US-CERT Vulnerability Notes:

VU#722753 - Microsoft IP Source Route Vulnerability

A vulnerability in Microsoft Windows could allow a remote attacker to
execute arbitrary code on a vulnerable system.
(CVE-2006-2379)

VU#446012 - Microsoft Word object pointer memory corruption
vulnerability

A memory corruption vulnerability in Microsoft Word could allow a
remote attacker to execute arbitrary code with the privileges of the
user running Word.
(CVE-2006-2492)

VU#190089 - Microsoft PowerPoint malformed record vulnerability

Microsoft PowerPoint fails to properly handle malformed records. This
may allow a remote attacker to execute arbitrary code on a vulnerable
system.
(CVE-2006-0022)

VU#923236 - Microsoft Windows ART image handling buffer overflow

Microsoft Windows ART image handling routines are vulnerable to a
heap-based buffer overflow. This vulnerability may allow a remote,
unauthenticated attacker to execute arbitrary code on a vulnerable
system.
(CVE-2006-2378)

VU#390044 - Microsoft JScript memory corruption vulnerability

Microsoft JScript contains a memory corruption vulnerability. This
vulnerability may allow a remote, unauthenticated attacker to execute
arbitrary code on a vulnerable system.
(CVE-2006-1313)

VU#338828 - Microsoft Internet Explorer exception handling
vulnerability

Microsoft Internet Explorer fails to properly handle exception
conditions. This may allow a remote, unauthenticated attacker to
execute arbitrary code.
(CVE-2006-2218)

VU#417585 - Microsoft DXImageTransform Light filter fails to validate
input

The Microsoft DXImageTransform Light COM object fails to validate
input, which may allow a remote attacker to execute arbitrary code on
a vulnerable system.
(CVE-2006-2383)

VU#959049 - Multiple COM objects cause memory corruption in Microsoft
Internet Explorer

Microsoft Internet Explorer (IE) allows instantiation of COM objects
not designed for use in the browser, which may allow a remote attacker
to execute arbitrary code or crash IE.
(CVE-2006-2127)

VU#136849 - Microsoft Internet Explorer UTF-8 decoding vulnerability

Microsoft Internet Explorer fails to properly decode UTF-8 encoded
HTML. This may allow a remote, unauthenticated attacker to execute
arbitrary code on a vulnerable system.
(CVE-2006-2382)

VU#909508 - Microsoft Graphics Rendering Engine fails to properly
handle WMF images

Microsoft Windows Graphics Rendering Engine contains a vulnerability
that may allow a remote attacker to execute arbitrary code on a
vulnerable system.
(CVE-2006-2376)

VU#608020 - Microsoft Windows Media Player PNG processing buffer
overflow

Microsoft Windows Media Player contains a stack-based buffer overflow
vulnerability that may allow a remote, unauthenticated attacker to
execute arbitrary code on a vulnerable system.
(CVE-2006-0025)

VU#814644 - Microsoft Remote Access Connection Manager service
vulnerable to buffer overflow

A vulnerability in the Microsoft Remote Access Connection Manager may
allow a remote attacker to execute arbitrary code on a vulnerable
system.
(CVE-2006-2371)

VU#631516 - Microsoft Routing and Remote Access does not properly
handle RPC requests

There is a vulnerability in the Microsoft Windows Routing and Remote
Access Service that could allow an attacker to take control of the
affected system.
(CVE-2006-2370)

VU#138188 - Microsoft Outlook Web Access for Exchange Server script
injection vulnerability

A script injection vulnerability exists in Microsoft Exchange Server
running Outlook Web Access.
(CVE-2006-1193)

In MS06-027 Microsoft has released updates for the Word vulnerability
described in Technical Cyber Security Alert TA06-139A.


II. Impact

A remote, unauthenticated attacker could execute arbitrary code on a
vulnerable system. An attacker may also be able to cause a denial of
service.


III. Solution

Apply Updates

Microsoft has provided updates for these vulnerabilities in the
Security Bulletins. Microsoft Windows updates are available on the
Microsoft Update site.

Workarounds

Please see the US-CERT Vulnerability Notes for workarounds.


Appendix A. References

* Microsoft Security Bulletin Summary for June 2006 -
<http://www.microsoft.com/technet/security/bulletin/ms06-jun.mspx>

* Technical Cyber Security Alert TA06-139A -
<http://www.us-cert.gov/cas/techalerts/TA06-139A.html>

* US-CERT Vulnerability Notes for Microsoft Updates for June 2006 -
<http://www.kb.cert.org/vuls/byid?searchview&query=ms06-june>

* US-CERT Vulnerability Note VU#446012 -
<http://www.kb.cert.org/vuls/id/446012>

* US-CERT Vulnerability Note VU#190089 -
<http://www.kb.cert.org/vuls/id/190089>

* US-CERT Vulnerability Note VU#923236 -
<http://www.kb.cert.org/vuls/id/923236>

* US-CERT Vulnerability Note VU#390044 -
<http://www.kb.cert.org/vuls/id/390044>

* US-CERT Vulnerability Note VU#338828 -
<http://www.kb.cert.org/vuls/id/338828>

* US-CERT Vulnerability Note VU#417585 -
<http://www.kb.cert.org/vuls/id/417585>

* US-CERT Vulnerability Note VU#136849 -
<http://www.kb.cert.org/vuls/id/136849>

* US-CERT Vulnerability Note VU#909508 -
<http://www.kb.cert.org/vuls/id/909508>

* US-CERT Vulnerability Note VU#722753 -
<http://www.kb.cert.org/vuls/id/722753>

* US-CERT Vulnerability Note VU#959049 -
<http://www.kb.cert.org/vuls/id/959049>

* US-CERT Vulnerability Note VU#138188 -
<http://www.kb.cert.org/vuls/id/138188>

* US-CERT Vulnerability Note VU#608020 -
<http://www.kb.cert.org/vuls/id/608020>

* US-CERT Vulnerability Note VU#814644 -
<http://www.kb.cert.org/vuls/id/814644>

* US-CERT Vulnerability Note VU#631516 -
<http://www.kb.cert.org/vuls/id/631516>

* CVE-2006-2492 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2492>

* CVE-2006-0022 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0022>

* CVE-2006-2378 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2378>

[#] Fri Jun 16 2006 20:58:18 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-167A -- Microsoft Excel Vulnerability

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



National Cyber Alert System

Technical Cyber Security Alert TA06-167A


Microsoft Excel Vulnerability

Original release date: June 16, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Excel 2003
* Microsoft Excel XP (2002)
* Microsoft Excel for Mac

Microsoft Excel is included with Microsoft Office. Other versions of
Excel, and other Office programs may be affected or act as attack
vectors.


Overview

An unspecified vulnerability in Microsoft Excel could allow an
attacker to execute arbitrary code on a vulnerable system.


I. Description

Microsoft Excel contains an unspecified vulnerability. Opening a
specially crafted Excel document, including documents hosted on web
sites or attached to email messages, could trigger the vulnerability.

Office documents can contain embedded objects. For example, a
malicious Excel document could be embedded in an Word or PowerPoint
document. Office documents other than Excel documents could be used as
attack vectors.

For more information, please see Vulnerability Note VU#802324.


II. Impact

By convincing a user to open a specially crafted Excel document, an
attacker could execute arbitrary code on a vulnerable system. If the
user has administrative privileges, the attacker could gain complete
control of the system.


III. Solution

At the time of writing, there is no complete solution available.
Consider the following workarounds:

Do not open untrusted Excel documents

Do not open unfamiliar or unexpected Excel or other Office documents,
including those received as email attachments or hosted on a web site.
Please see Cyber Security Tip ST04-010 for more information.

Do not rely on file extension filtering

In most cases, Windows will call Excel to open a document even if the
document has an unknown file extension. For example, if document.x1s
(note the digit "1") contains the correct file header information,
Windows will open document.x1s with Excel.


Appendix A. References

* Vulnerability Note VU#802324 -
<http://www.kb.cert.org/vuls/id/802324>

* Cyber Security Tip ST04-010 -
<http://www.us-cert.gov/cas/tips/ST04-010.html>


____________________________________________________________________

Information used in this document came from SANS and Microsoft.
____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-167A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-167A Feedback VU#802324" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

June 16, 2006: Initial release





-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRJNTQn0pj593lg50AQJ9AwgAnn0Hf8DqOzIg9oERRJ0ypWO3Q26gjasr
jK9g3pqGhBPX9P7BxOpqRlM9j28WcE3jSQ/P2N0FaKOa4SLWfwPP32mHIbmFEDuG
QTuu9A+qbg3ib0ScsHPWdI4nrI8QDqhOO7OEpFXMjJsqb/FXkA7TaKp6r+/6yeyb
mDVhCrI9bVGPcT9EAPLz0CwpIQGzbesc+e9eHBowLyDeHBzvaeLTtBSTG3VVcbbH
akqG3WfE0XUF1riZMoN4q9MEq8hwbEmScSGpQGbAK/0ZoqSq3yXUAG/utKuSfJCT
BzevQTih8Q3AG8IHHS4tz2XZiCr5/prhbc/Y8tEeT87LaJfiMWRooA==
=80HN
-----END PGP SIGNATURE-----

[#] Tue Jul 11 2006 18:57:12 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-192A -- Microsoft Windows, Office, and IIS Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA06-192A


Microsoft Windows, Office, and IIS Vulnerabilities

Original release date: July 11, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Microsoft Windows
* Microsoft Internet Information Services (IIS)
* Microsoft Office
* Microsoft Office for Mac
* Microsoft Access
* Microsoft Excel and Excel Viewer
* Microsoft FrontPage
* Microsoft InfoPath
* Microsoft OneNote
* Microsoft Outlook
* Microsoft PowerPoint
* Microsoft Project
* Microsoft Publisher
* Microsoft Visio
* Microsoft Word and Word Viewer


Overview

Microsoft has released updates that address critical vulnerabilities
in Microsoft Windows, IIS, and Office. Exploitation of these
vulnerabilities could allow a remote, unauthenticated attacker to
execute arbitrary code or cause a denial of service on a vulnerable
system.


I. Description

Microsoft Security Bulletin Summary for July 2006 addresses
vulnerabilities in Microsoft products including Windows, IIS, and
Office. Further information is available in the following US-CERT
Vulnerability Notes:


VU#395588 - Microsoft Internet Information Services vulnerable to
remote code execution via specially crafted ASP file

Microsoft Internet Information Services (IIS) contains a buffer
overflow vulnerability. This may allow a remote, authenticated
attacker to execute arbitrary code on a vulnerable system.
(CVE-2006-0026)


VU#189140 - Microsoft Server Service Mailslot vulnerable to heap
overflow

A buffer overflow vulnerability in the Microsoft mailslot server
service may allow a remote attacker to execute arbitrary code on a
vulnerable system.
(CVE-2006-1314)


VU#257164 - Microsoft DHCP Client service contains a buffer overflow

Microsoft DHCP Client service contains a buffer overflow. This
vulnerability may allow a remote attacker to execute arbitrary code on
a vulnerable system.
(CVE-2006-2372)


VU#802324 - Microsoft Excel vulnerability

An unspecified vulnerability in Microsoft Excel could allow an
attacker to execute arbitrary code on a vulnerable system.
(CVE-2006-3059)


VU#580036 - Microsoft Office fails to properly handle malformed
strings

Microsoft Office fails to properly handle specially crafted strings.
This vulnerability could allow a remote attacker to execute arbitrary
code.
(CVE-2006-1316)


VU#609868 - Microsoft Office string parsing vulnerability

Microsoft Office fails to properly parse strings. This vulnerability
could allow a remote attacker to execute arbitrary code.
(CVE-2006-1540)


VU#409316 - Microsoft Office fails to properly handle document
properties

Microsoft Office contains a buffer overflow when handling specially
crafted document properties. This vulnerability could allow a remote
attacker to execute arbitrary code.
(CVE-2006-2389)


VU#459388 - Microsoft Office fails to properly handle PNG images

Microsoft Office applications fail to properly handle PNG images. This
vulnerability may allow a remote attacker to execute arbitrary code on
a vulnerable system.
(CVE-2006-0033)


VU#668564 - Microsoft Office fails to properly handle GIF images

Microsoft Office applications fail to properly handle GIF images. This
vulnerability may allow a remote attacker to execute arbitrary code on
a vulnerable system.
(CVE-2006-0007)


In MS06-037, Microsoft has released updates for the Excel
vulnerability (VU#802324) described in Technical Cyber Security Alert
TA06-167A.


II. Impact

A remote, unauthenticated attacker could execute arbitrary code on a
vulnerable system. An attacker may also be able to cause a denial of
service.


III. Solution

Apply a patch from your vendor

Microsoft has provided updates for these vulnerabilities in the
Security Bulletins. Updates for Microsoft Windows and Microsoft Office
XP and later are available on the Microsoft Update site. Microsoft
Office 2000 updates are available on the Microsoft Office Update site.
Apple Mac OS X users should obtain updates from the Mactopia web site.

System administrators may wish to consider using Windows Server Update
Services (WSUS).

Workaround

Please see the following Vulnerability Notes for workarounds.


Appendix A. References

* Microsoft Security Bulletin Summary for July 2006 -
<http://www.microsoft.com/technet/security/bulletin/ms06-jul.mspx>

* Technical Cyber Security Alert TA06-167A -
<http://www.us-cert.gov/cas/techalerts/TA06-167A.html>

* US-CERT Vulnerability Notes for Microsoft July 2006 updates -
<http://www.kb.cert.org/vuls/byid?searchview&query=ms06-jul>

* US-CERT Vulnerability Note VU#395588 -
<http://www.kb.cert.org/vuls/id/395588>

* US-CERT Vulnerability Note VU#189140 -
<http://www.kb.cert.org/vuls/id/189140>

* US-CERT Vulnerability Note VU#257164 -
<http://www.kb.cert.org/vuls/id/257164>

* US-CERT Vulnerability Note VU#802324 -
<http://www.kb.cert.org/vuls/id/802324>

* US-CERT Vulnerability Note VU#580036 -
<http://www.kb.cert.org/vuls/id/580036>

* US-CERT Vulnerability Note VU#609868 -
<http://www.kb.cert.org/vuls/id/609868>

* US-CERT Vulnerability Note VU#409316 -
<http://www.kb.cert.org/vuls/id/409316>

* US-CERT Vulnerability Note VU#459388 -
<http://www.kb.cert.org/vuls/id/459388>

* US-CERT Vulnerability Note VU#668564 -
<http://www.kb.cert.org/vuls/id/668564>

* CVE-2006-0026 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0026>

* CVE-2006-1314 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1314>

* CVE-2006-2372 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2372>

* CVE-2006-3059 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3059>

* CVE-2006-1316 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1316>

* CVE-2006-1540 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1540>

* CVE-2006-2389 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2389>

* CVE-2006-0033 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0033>

* CVE-2006-0007 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0007>

* Microsoft Update - <https://update.microsoft.com/microsoftupdate>

* Microsoft Office Update - <http://officeupdate.microsoft.com>

* Mactopia - <http://www.microsoft.com/mac>

* Windows Server Update Services -
<http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-192A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-192A Feedback VU#802324" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>

[#] Wed Jul 19 2006 16:17:02 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert TA06-200A -- Oracle Products Contain Multiple Vulnerabilities

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA06-200A


Oracle Products Contain Multiple Vulnerabilities

Original release date: July 19, 2006
Last revised: --
Source: US-CERT


Systems Affected

* Oracle10g Database
* Oracle9i Database
* Oracle8i Database
* Oracle Enterprise Manager 10g Grid Control
* Oracle Application Server 10g
* Oracle Collaboration Suite 10g
* Oracle9i Collaboration Suite
* Oracle E-Business Suite Release 11i
* Oracle E-Business Suite Release 11.0
* Oracle Pharmaceutical Applications
* JD Edwards EnterpriseOne, OneWorld Tools
* Oracle PeopleSoft Enterprise Portal Solutions

For more information regarding affected product versions, please see
the Oracle Critical Patch Update - July 2006.


Overview

Oracle products and components are affected by multiple
vulnerabilities. The impacts of these vulnerabilities include remote
execution of arbitrary code, information disclosure, and denial of
service.


I. Description

Oracle has released Critical Patch Update - July 2006. This update
addresses numerous vulnerabilities in different Oracle products and
components.

The Critical Patch Update provides information about affected
components, access and authorization required, and the impact of the
vulnerabilities on data confidentiality, integrity, and availability.
MetaLink customers should refer to MetaLink Note 293956.1 (login
required) for more information on terms used in the Critical Patch
Update.

According to Oracle, four of the vulnerabilities corrected in the
Oracle Critical Patch Update - July 2006 affect Oracle Database
client-only installations.

We believe that the Oracle Database vulnerability identified as Oracle
Vuln# DB06 in the Oracle Critical Patch Update corresponds to US-CERT
Vulnerability Note VU#932124, which includes further details as well
as workarounds. In most cases, Oracle does not associate Vuln#
identifiers (e.g., DB01) with other available information. As more
details about vulnerabilities and remediation strategies become
available, we will update the individual
vulnerability notes.


II. Impact

The impact of these vulnerabilities varies depending on the product,
component, and configuration of the system. Potential consequences
include the execution of arbitrary code or commands, information
disclosure, and denial of service. Vulnerable components may be
available to unauthenticated, remote attackers. An attacker who
compromises an Oracle database may be able to gain access to sensitive
information.


III. Solution

Apply a patch from Oracle

Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update - April 2006. Note that this Critical Patch
Update only lists newly corrected issues. Updates to patches for
previously known issues are not listed.

As noted in the update, some patches are cumulative, others are not:

The Oracle Database, Oracle Application Server, Oracle Enterprise
Manager Grid Control, Oracle Collaboration Suite, JD Edwards
EnterpriseOne and OneWorld Tools, and PeopleSoft Enterprise Portal
Applications patches in the Updates are cumulative; each successive
Critical Patch Update contains the fixes from the previous Critical
Patch Updates.

Oracle E-Business Suite and Applications patches are not
cumulative, so E-Business Suite and Applications customers should
refer to previous Critical Patch Updates to identify previous fixes
they want to apply.

Patches for some platforms and components were not available when the
Critical Patch Update was published on July 18, 2006. Please see
MetaLink Note 372930.1 (login required) for more information.


Appendix A. References

* US-CERT Vulnerability Note VU#932124 -
<http://www.kb.cert.org/vuls/id/932124>

* US-CERT Vulnerability Notes Related to Critical Patch Update -
July 2006 -
<http://www.kb.cert.org/vuls/byid?searchview&query=oracle_cpu_july
_2006>

* Critical Patch Update - July 2006 -
<http://www.oracle.com/technology/deploy/security/pdf/cpujul2006.h
tml>

* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>

* Oracle Database Security Checklist (PDF) -
<http://www.oracle.com/technology/deploy/security/pdf/twp_security
_checklist_db_database.pdf>

* MetaLink Note 293956.1 (login required) -
<http://metalink.oracle.com/metalink/plsql/showdoc?db=Not&id=29395
6.1>

* MetaLink Note 372930.1 (login required) -
<http://metalink.oracle.com/metalink/plsql/showdoc?db=Not&id=37293
0.1>

* Details Oracle Critical Patch Update July 2006 -
<http://www.red-database-security.com/advisory/oracle_cpu_jul_2006
.html>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-200A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-200A Feedback VU#932124" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

July 19, 2006: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRL6QWH0pj593lg50AQJZMggAlatBR7sK2XPCUHkRWSpfrg+oF6pnEf4V
bX9MZ0KD9JnLPur9kh4WvRtM+Jd5Qu3qAjlE7wVPZe2IzTJMYBFuEyeKtdLT4dio
tVZNbUgrgly9qH+7t5GcjL+mEYrgZY7ex8KSIckE6TXciqjffbvx3aSS28FaBJDK
t6MzMVs2GPOE6GQ1aVNaSBaAUqz78JR7SCa5Iv9/hSafulsyMYn82s9pPvPrKtuU
eCSCD/m4/XZNSthfjso2fOpo5WEABvxSpLYtJ6VkWWJgRxsiKIbw1yLLtVUM/Ky3
jaFrW+auc3DvFoORxbY052r//35VYBXYJu4U4y+dKTgz4wuYADz8fA==
=q9ES
-----END PGP SIGNATURE-----

[#] Tue Jul 25 2006 11:03:51 EDT from "US-CERT Technical Alerts" <technical-alerts@us-cert.gov> to technical-alerts@us-cert.gov

Subject: US-CERT Technical Cyber Security Alert -- New US-CERT PGP Key

[Reply] [ReplyQuoted] [Headers] [Print]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

New US-CERT PGP Key

US-CERT has generated a new PGP key. We use this key to sign all
publications, including documents sent to this list. Effective
immediately, this new key is available and will be valid until Monday,
October 1, 2007. To obtain further information or to download the new
US-CERT public PGP key, please visit

<http://www.us-cert.gov/pgp/encryptmail.html> or
<https://www.us-cert.gov/pgp/encryptmail.html>

A copy of the new key has also been included at the bottom of this
message and sent to public PGP key servers.

In accordance with good key management practices, we have also generated
a revocation certificate for the existing PGP key. The revocation
certificate for PGP key id 0x77960E74 has also been included below and
sent to the public PGP key servers.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRMYvmexOF3G+ig+rAQJgrwf9EcIj5/hwRMeR0NV0+rA+UFJTVUPZd6Rs
BQB6BNMAMjU5Wu2v/5dq9BI2pPEwxob6TvjrPvvJ5j9VlCb6vA4UcgtoMzPdLDK8
FOJj7Gi9XrS58dwNziovLN+ELuYreEmjBr5CWAJd2TQDsGAThbSZrJg0BusPiX7S
pqBI9oKW/C85J1eHbgJBTVNJ/p2001V8lZkkH3RWovoX0CHN5acQGUFmzNK3RuuL
QBE029H4fSjo83OHa6naSMjC+wdLo0QpvexVgZ8Qcq+bh5NHedg1+MAASru/9pZN
YyLv6fmc542wL+Mo2maI8ZYYZ0GGtprtm7h3zFTwtQomLOhOaI6daw==
=xbac
-----END PGP SIGNATURE-----

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.1 (GNU/Linux)

mQELBEM5USwBCADWUsrqh414Dhq3ISsfwhxvO3wQnqNhIyL8llfNgH7x+G3hHqMi
vwEQB+j/H3bDvHYh4EG2OYvNM9kNzregmG7ZxtkzvphRmCCIOz6qJuMkw9cW/3q4
q+vet/7RxMM5DmwNSNebzeTlP0FAFlkBADyGGvafRfkVkCIAR8tl4J+OoW4dKVXj
NiwGlopceFCgMlSagqKm5PCCcFo+5HCrbRrMQTJ2qv9VPXrqN8b+9BlY01Iv4wTg
gFgASFTVaOH5OqPBZqln6EXHPUcJBh3+2LyKNdR5oFrYNp7AmV6z4InBBNlJv6DB
cve3eLvGgtV4okbp+SlFn4gn0HwZWVSxJj9pAAYpiQEfBCABAgAJBQJExV1iAh0C
AAoJEH0pj593lg50D8UH/0aEYYNEn8cDbxWyxwPWGdXyqLjwGvJgEHutcoPsZVlq
wDqKrVsYSbJL2t4MCf8pySp9fRTW5kVJRd3dyZmOlwP1sy5gtpB1YZXzep0t1v9r
cmBpeZgaDcgZi4imsbGbBaoBmF2x/8lb992H7Ft9WCzHxfGRbbZnb2VRYKUZTkea
w8I937xC3RK4kHWbWwQnSCjdP8qpCtnPVL85PzFJH5ppyrgz5FnBqpss6IXzhbpo
aF1FPy7HzBcBqbdBZ/iMygEpBcvSLgJlEHEj1xGC8ODbBlQiFvrb+K7MYi/xipv1
gQhymMxeq+jSwQug0erws58gJgjzm6NHfaVcFqoT26u0LFVTLUNFUlQgT3BlcmF0
aW9ucyBLZXkgPHVzLWNlcnRAdXMtY2VydC5nb3Y+iQE9BBMBAgAnBQJDOVEsAhsP
BQkB5nmABwsJCAcDAgEEFQIIAwQWAgMBAh4BAheAAAoJEH0pj593lg50/eYH/3Dm
LlQv1hTXISO7qd3W2D6ys5r9ry2H5JUX4supuzTyG7TyxdgaCoruNWVxlG6fWSHz
w0WpcsdlUI4PIgG24y55NjobK1/55dhfvrCvruMTR+15kzXaR3qjetuVX1oF9G1Y
uvWMWL9TVGprWpMN+5fPpT/tfx69vlceriQHzgyM2lNosxnmq2Mv5MpQ4tm/JH3i
e0iAJQUtI4dnzwPd3idolAtpStpbPCDLNdj+VPtD7s1EzK6bfqcvYlGmxi9N5ZN7
vwS9/z1+5QTG254TSxTS3CTJ7bn3nnkyD/P0Dxidpy4hLmO+vdKAapJAIVonyAIb
6DjS8CC0zz/4PbAQACeJAhwEEAECAAYFAkM5VVQACgkQkmWwKdAVCMwDcg//d5Fj
dKiLnFjWFjtsWNvczmQogJAXwDBC9Qo2S+WdjbxiR34cvgmYdtrbz73JVBmng+QR
b3XZHLotsizOnPedA4/5q+K7neuXei9D0Q9fwIRgeoH+okyxT14H6YIwhKO3CUug
Qsy2vgCiwEB+Hm/On9hcrCOA2dzaKIOuaGii7EugcjOHHhYMzpWnkaDPqtsnUmS3
Erq0i5yuNUYd5LY8d+pisui89dtirtJJqUMAbOaNgJ1zEjBb/LmtwxlrKnBVXzbz
a94Xl/LYqvKRFKTxzpDBk7NvQlczEgD0LYJZR4lx8s1RT3+va+fOO1QMVaCauWL8
TZejf5tC32fpjnmbHoczC9hmczZMGAJeLaOv/dUhfxnMh5InSnmalH+ef8r1G8Iz
Et8rZaKxfkpnZwfxq6g5D83yFh9TTissV4L0mv681XAYY0CLYCcYOBnss0S9Irsh
nZCvr+jWiPs2tPZHLrxF5qul63kMDiW6UyCtETpSykOAgw/Y1bSVYs6szNhzfVb/
h5AMFvMU6lv5aIlEdcpmjNA1PBZTiwTdSbHf7viepxXU7qtk+m3MdXwMtQfkGiuF
TYwfGLV3UEDOz0pwR7NRzeGCf05tu6U7uclELP+KlbLBSIdoOu45pgIcqiEfgsxn
BM249hK/tSyzjXifiVF5rwREy94Zy7RyZu2qUl2JARwEEAECAAYFAkM5VgAACgkQ
GGhJ7PDhh9C8nQgAie9Ru1pn1sbHVgEZ+EkDzhUB6tsLy2FvYQcVAOQKkUy6Lky+
+QBYAES1y2Bn0yxYeYZSexxBcfTDMAHAHKh2ftEAoI2f/Onvzqi4XbjXTuuI/d42
NaHitQXDTtHrtDb/A33143F6G6VANVL1bU3soatykITjoScx1dPGwjfZ//65gsIb
RcYlP28IUh9xEY1Pvk0LYuHulNSuN7NPRHjS81DPP9nD1hAWpkKy1+AO5rBK1wsn
Omo84N9BtdR+DrbAeYQfJ7xMkR433b+rgA2+GqRGRrWTrDP30YIhvfIbSFC0nmvg
6g60FFLh1CCUXXMsqR0jteoStoYSFWCoQoY7UokBHAQQAQIABgUCQzlXIAAKCRCt
eyDjlL8Bg56KCACYJ22XXEvOt+UN5Tau5/A/sDuEW/zMPYovpeIctkHpCBR9mfZp
P+wFwdfiUoPBeng6kTM4mtOtmAMuwwc0Iw6EIhQCsqw5pL7+sYCNx1DzVQafY9RJ
HaXVPjI9M1lZ1AY115SLYOvo16UUaithxzM4uZRonJX7SzYkGS08/ciktf+dX6OQ
V1wfZxyA8wAw+VnijhJRhVwLoDNDpKIVAV7n1iYo0VTlEH4YfElAsLMZFhXJkXqd
VhK4TlvoGN/FzWkNbLOZjcY9t1lZe5bWm+kE+kohMQGfRznfcsI8XU/+5bPgniFC
uzUBmO6XUGSjpcS2n4vqEL/K7Aw3FjtWV/nlmQEMBETFTY8BCADBt6HgFpI//CdQ
FqRxynNg4+iUhuTEUBB4poozm3IrZCmsSXfi0z4DYiwNat5GjZe/bhowRqxYgS3u
uuV9BaUAPmwhCUWzhY7rX37dC9Zaq5qOJWUxmnMaQOVftHqM8JU14l+pT+joxIs7
NzpUqiQGmrgWALTMiazip04BGE3Q5Ual4oDQl9Ty9BIG0uzDrseiN+1pESW1tdXZ
/W4xK0+HvSTRhz5TbE2cE3+OveXd2GU5x0nAGBn1vfuWB83Ez8R/r+Syv3n8NL6J
z8OOtJ8R2ziO42TDCV5C2Tk5GuxiWThKIo4vHWJvRDlWG1g7cyA+2NZhm3rn6N3t
4iRsrMlrAAkBAbQuVVMtQ0VSVCBQdWJsaWNhdGlvbnMgS2V5IDx1cy1jZXJ0QHVz
LWNlcnQuZ292PokBOQQTAQIAIwUCRMVNjwIbAwUJAjwrAAULBwMCAQMVAgMDFgIB
Ah4BAheAAAoJEOxOF3G+ig+r45cH/34FgKXUbz3YVZvGGcOS1T5YzfBLWdWlL+az
Zw1B0sdR51KT2YCXJAL0OcI1V1d8yfYQcaDv47wl7OPYrgeKi/fzxWaipuJidDDD
W5SJY9XRCOkSLM7Q4N8uQ39OkLmStC1QS1h+Lo7Y0gjhds6unBAuc080fYHtIxuE
BQa4WDjL3wOCUqCqfXsMXbuYAeJJ7wT4BVFQ7yZFr9BjxtjbQX5W0gsF/tG3lpTS
oiOJ6cHhj/8q5/cy2rOFxQDrZSCvxF6pIqFOfv7WlDs9zfOqTCRRLZMi/UU3s+8z
MqcN0toqfARiKxq3MlmSFqmKlcBbA2LAEEVTy8TbcSyssO0CNV6JAhwEEAECAAYF
AkTFUeIACgkQkmWwKdAVCMyIFw/8DONNRy1fTRm/WovBzVkc99lPg0MnuWOLTGex
T49kPHhOGQnE/zDZJ8d57STFFldkWwQqbI16v17v3Xv9Rky4mkIQRwt/UWusEWg9
JZpdpO/N7GcFVHw4Kg6KMyjlrzsr1if7r6ZYkxk5JojfItNLuWaSsvfsOQ0/KEE3
lwryS/5FFcVaXsUWHDoFma1wgZs81ZIgs45gu6WWS+ibEG9d/3cB4jKbjZWYRI0L
vmXpzhGMSQwu/o6KMQUetj2qU+z52EQo7Rp9lEK36Xy+sgPbHa2MCJgSRQxsQ39f
eaKBwSOpq9Rc5v6JXSJrgKCSXn3l446OyPTHAo4O7tLsa+fAn22WNp0uJNk2pFXR
wyw5wlAD6y32cWA9lFs2ERjnZmOA5n3axfE9SpD719wxe+R25uE9ZjwF4seiY7Jb
RBLja3vM09DoLpF1IlwMpOacjeCRA+2x8uWDesalB7yljAFgKsGwWy8KCD5Aps3A
ee40k9y/kcXD6z4NwiAdW+0eqkQobttfXZo63NLM9zjI3JUvT8MBxYJDRNujOYUW
vPHxMIHqq1StZwl0JWs7JFFPHVS3SKBcaucGQ0KD8Gqzy9NoTG3AOvm9+CHBBqpz
IwMBtWnexrVrjad5sUusncYOFQEzNXFSb7mtftS9yP0AygNF7EsaXLraX9F0OSxd
L8muFaWJARwEEAECAAYFAkTFUg0ACgkQrXsg45S/AYN0bQf7Bo14QoO3lfDhC1qB
PMSRmeHIIUzEUynTZ6rseQonDwKNbdpfsFpfl4f546J2vhU7yJlTScHh8v63mWSH
mXSeMHD0xAvOnmZP7eJvZBIvxXSJQEWwnjBA+/zWg/TwbBiQfY49yShGXxKqR6Yf
VzrHB6koLryJ2/bayyMBPVitAKfX5tgNrN5S42P0J/ap9DLFh+cMvNwD55xpCCET
KJDLsU84AjbdEu/v3AbnaHa7wGm4JYERPMV5+ByRxiEFvh4VHBYrke5djePk1RBm
t5ivgbB50t4IMUXL7D/5drP4cY/oO2uecaPxaYAyb6jWtEtF2kRa2cGkY7s0ch+D
01uSJg==
=hjVC
-----END PGP PUBLIC KEY BLOCK-----

Go to page: First ... 4 5 6 7 [8] 9 10 11 12 ... Last