Skip to content

J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1203
    posted: 07/02/08
  • NSM Daily Update #1203
    posted: 07/02/08
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1203
    posted: 07/02/08
  • Deep Inspection 5.1, 5.2, 5.3r4 and below #1201
    posted: 07/02/08
  • Deep Inspection 5.0 #1132
    posted: 04/01/08
  • Antivirus
    posted: 07/01/08
Microsoft Security Bulletins

February 2006

Prior Updates:

2008 |June |May |April |March |February |January
2007 |December |November |October |September |August |July |June |May |April |March |February |January
2006 |December |November |October |September |August |July |June |May |April |March |February |January
2005 |December |November |October |September |August |July |June |May |April |March |February |January
2004 |December |November |October |September |August |July |June |May |April |March |February |January
2003 |December |November |October

lock icon Login to learn more about how Juniper Networks products can protect you from these vulnerabilities. (If you don't already have a login, see Requesting Support.)

February 2006

Microsoft Security Bulletin MS06-004

Cumulative Security Update for Internet Explorer (910620)

Severity: Critical
Vulnerabilities:
  • WMF Image Parsing Memory Corruption Vulnerability - CVE-2006-0020
    A remote code execution vulnerability exists in Internet Explorer because of the way that it handles Windows Metafile (WMF) images. An attacker could exploit the vulnerability by constructing a specially crafted WMF image that could potentially allow remote code execution if a user visited a malicious Web site, opened or previewed an e-mail message, or opened a specially crafted attachment in e-mail. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Microsoft Security Bulletin MS06-005

Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565)

Severity: Critical
Vulnerabilities:
  • Windows Media Player Vulnerability - CVE-2006-0006
    A remote code execution vulnerability exists in Windows Media Player because of the way that it handles processing bitmap files. An attacker could exploit the vulnerability by constructing a malicious bitmap fie that could potentially allow remote code execution if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, significant user interaction is required to exploit this vulnerability.

Microsoft Security Bulletin MS06-006

Vulnerability in Windows Media Player Plugin Could Allow Remote Code Execution (911564)

Severity: Important
Vulnerabilities:
  • Windows Media Player Plugin Vulnerability - CVE-2006-0005
    A remote code execution vulnerability exists in Windows Media Player Plugin because of the way that it handles an EMBED element. An attacker could exploit the vulnerability by constructing a malicious EMBED element that could potentially allow remote code execution if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Microsoft Security Bulletin MS06-007

Vulnerability in TCP/IP Could Allow Denial of Service (913446)

Severity: Important
Vulnerabilities:
  • IGMP v3 DoS Vulnerability - CVE-2006-0021
    A denial of service vulnerability exists that could allow an attacker to send a specially crafted IGMP packet to an affected system. An attacker could cause the affected system to stop responding.

Microsoft Security Bulletin MS06-008

Vulnerability in Web Client Service Could Allow Remote Code Execution (911927)

Severity: Important
Vulnerabilities:
  • Web Client Vulnerability - CVE-2006-0013
    A remote code execution vulnerability exists in the way that Windows processes Web Client requests that could allow an attacker who successfully exploited this vulnerable to take complete control of the affected system.

Microsoft Security Bulletin MS06-009

Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190)

Severity: Important
Vulnerabilities:
  • Korean IME Vulnerability - CVE-2006-0008
    A privilege elevation vulnerability exists in the Windows and Office Korean Input Method Editor (IME). This vulnerability could allow a malicious user to take complete control of an affected system.

Microsoft Security Bulletin MS06-010

Vulnerability in PowerPoint 2000 Could Allow Information Disclosure (889167)

Severity: Important
Vulnerabilities:
  • PowerPoint Temporary Internet Files Information Disclosure Vulnerability - CVE-2006-0004
    An Information Disclosure vulnerability exists in PowerPoint. An attacker who successfully exploited this vulnerability could remotely attempt to access objects in the Temporary Internet Files Folder (TIFF) explicitly by name. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce useful information that could be used to try to further compromise the affected system.