Skip to content

J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1278
    posted: 10/07/08
  • NSM Daily Update #1278
    posted: 10/07/08
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1278
    posted: 10/07/08
  • Deep Inspection 5.1, 5.2, 5.3r4 and below #1274
    posted: 10/07/08
  • Deep Inspection 5.0 #1132
    posted: 04/01/08
  • Antivirus
    posted: 10/07/08
Microsoft Security Bulletins

May 2006

Prior Updates:

2008 |September |August |July |June |May |April |March |February |January
2007 |December |November |October |September |August |July |June |May |April |March |February |January
2006 |December |November |October |September |August |July |June |May |April |March |February |January
2005 |December |November |October |September |August |July |June |May |April |March |February |January
2004 |December |November |October |September |August |July |June |May |April |March |February |January
2003 |December |November |October

lock icon Login to learn more about how Juniper Networks products can protect you from these vulnerabilities. (If you don't already have a login, see Requesting Support.)

May 2006

Microsoft Security Bulletin MS06-018

Vulnerability in Microsoft Distributed Transaction Coordinator Could Lead to Denial of Service (913580)

Severity: Moderate
Vulnerabilities:
  • MSDTC Invalid Memory Access Vulnerability - CVE-2006-0034
    A denial of service vulnerability exists that could allow an attacker to send a specially crafted network message to an affected system. An attacker could cause the Microsoft Distributed Transaction Coordinator (MSDTC) to stop responding. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests.
  • MSDTC Stack Overflow Vulnerability - CVE-2006-1184
    A denial of service vulnerability exists that could allow an attacker to send a specially crafted network message to an affected system. An attacker could cause the Microsoft Distributed Transaction Coordinator (MSDTC) to stop responding. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests.

Microsoft Security Bulletin MS06-019

Vulnerability in Microsoft Exchange Could Allow Remote Code Execution (916803)

Severity: Critical
Vulnerabilities:
  • Exchange Calendar Vulnerability - CVE-2006-0027
    A remote code execution vulnerability exists in Microsoft Exchange Server that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. An attacker could exploit the vulnerability by constructing a malicious message that could potentially allow remote code execution when an Exchange Server processes an email with certain vCal or iCal properties. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Microsoft Security Bulletin MS06-020

Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433)

Severity: Critical
Vulnerabilities:
  • Flash Player Vulnerability - CVE-2006-0024
    A remote code execution vulnerability exists in Macromedia Flash Player from Adobe because of the way that it handles Flash Animation (SWF) files. An attacker could exploit the vulnerability by constructing a malicious Flash Animation (SWF) file that could potentially allow remote code execution if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.