Skip to content

J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1219
    posted: 07/24/08
  • NSM Daily Update #1219
    posted: 07/24/08
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1219
    posted: 07/24/08
  • Deep Inspection 5.1, 5.2, 5.3r4 and below #1201
    posted: 07/24/08
  • Deep Inspection 5.0 #1132
    posted: 04/01/08
  • Antivirus
    posted: 07/24/08
Microsoft Security Bulletins

January 2006

Prior Updates:

2008 |July |June |May |April |March |February |January
2007 |December |November |October |September |August |July |June |May |April |March |February |January
2006 |December |November |October |September |August |July |June |May |April |March |February |January
2005 |December |November |October |September |August |July |June |May |April |March |February |January
2004 |December |November |October |September |August |July |June |May |April |March |February |January
2003 |December |November |October

lock icon Login to learn more about how Juniper Networks products can protect you from these vulnerabilities. (If you don't already have a login, see Requesting Support.)

January 2006

Microsoft Security Bulletin MS06-001

Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)

Severity: Critical
Vulnerabilities:
  • Graphics Rendering Engine Vulnerability - CVE-2005-4560
    A remote code execution vulnerability exists in the Graphics Rendering Engine because of the way that it handles Windows Metafile (WMF) images. An attacker could exploit the vulnerability by constructing a specially crafted Windows Metafile (WMF) image that could potentially allow remote code execution if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, significant user interaction is required to exploit this vulnerability.

Microsoft Security Bulletin MS06-002

Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (908519)

Severity: Critical
Vulnerabilities:
  • Windows Embedded Web Font Vulnerability - CVE-2006-0010
    A remote code execution vulnerability exists in Windows because of the way that it handles malformed embedded Web fonts. An attacker could exploit the vulnerability by constructing a malicious embedded Web font that could potentially allow remote code execution if a user visited a malicious Web site or viewed a specially crafted e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Microsoft Security Bulletin MS06-003

Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution (902412)

Severity: Critical
Vulnerabilities:
  • TNEF Decoding Vulnerability - CVE-2006-0002
    A remote code execution vulnerability exists in Microsoft Outlook and Microsoft Exchange Server because of the way that it decodes the Transport Neutral Encapsulation Format (TNEF) MIME attachment. An attacker could exploit the vulnerability by constructing a specially crafted TNEF message that could potentially allow remote code execution when a user opens or previews a malicious e-mail message or when the Microsoft Exchange Server Information Store processes the specially crafted message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.