manila bulletin
DX Bulletin Reader 1.0
Use it to read DX bulletin news with ease. more>> Use it to read DX bulletin news with ease.
DX Bulletin Reader is a tool for viewing, archiving and searching the DX news bulletins. When the program displays a DX bulletin, it highlights all prefixes, callsigns, IOTA references and grid squares in different colors, and best of all, it highlights the items that are on your DXCC and IOTA Needed lists.
Every highlighted item has a tooltip with extra information, such as IOTA group name and prefix, country of the callsign, and latitude/longitude of the Grid Square. If the optional databases are installed, even more information is shown on the tooltips, including the full name and address for the US and Canadian callsigns. The Find function performs full text search in all archived bulletins.
MSDN & Security Bulletin Feeds 1.0
MSDN & Security Bulletin Feeds widget allows you to view and read the latest security news and feeds from Microsoft more>>
MSDN & Security Bulletin Feeds widget displays, right on your desktop, the latest news and feeds concerning security.
Stay up-to-date with the latest additions and news from Microsoft.
Microsoft Security Bulletin Q322273
Unchecked Buffer in Profile Service of Commerce Server more>> Summary:
Who should read this bulletin: System administrators using Microsoft? Commerce Server 2000 or Commerce Server 2002
Impact of vulnerability: Four vulnerabilities, each of which could run code of attacker?s choice.
Maximum Severity Rating: Critical
Recommendation: System administrators should install the patch immediately.
Affected Software:
Microsoft Commerce Server 2000 Microsoft Commerce Server 2002
<<lessMicrosoft Security Bulletin Q320920
Cumulative Patch for Windows Media Player more>> Summary
Who should read this bulletin: Customers using Microsoft? Windows Media? Player 6.4, 7.1 or Windows Media Player for Windows XP.
Impact of vulnerability: Three new vulnerabilities, the most serious of which could be used to run code of attackers choice.
Maximum Severity Rating: Critical
Recommendation: Customers running affected products should apply the patch immediately.
Affected Software:
Microsoft Windows Media Player 6.4
Microsoft Windows Media Player 7.1
Microsoft Windows Media Player for Windows XP
Cafe Manila 8.7.6
This software is a on-line real time simply manage your client machines. more>> <<less
Microsoft Security Bulletin MS01-033
Unchecked Buffer in Index Server ISAPI Extension more>> This update resolves the "Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise" security vulnerability in Windows 2000 computers running Internet Information Service (IIS) 5.0, and is discussed in Microsoft Security Bulletin MS01-033. Download now to prevent a malicious user from taking control of your Web server.<<less
Microsoft Security Bulletin MS02-026
Unchecked Buffer in ASP.NET Worker Process more>> Who should read this bulletin: Customers operating web servers running ASP.NET applications.
Impact of vulnerability: Denial of Service, Potentially Run Code of Attackers Choice.
Maximum Severity Rating: Moderate
Recommendation: Customers using StateServer mode should apply the patch. Customers who do not use StateServer mode need not take any action.
Affected Software:
Microsoft .NET Framework version 1.0, of which ASP.NET is a component.
When working with Microsoft ASP.NET, a component of the Microsoft .NET Framework provides for session state management through a variety of modes. One such mode, called StateServer, stores session state information in a separate running process that can run on either the same machine as the ASP.NET-based application or on a different machine. An unchecked buffer in one of the routines handles the processing of cookies in StateServer mode, resulting in a security vulnerability.
<<lessMicrosoft Security Bulletin MS07-002 2
Microsoft Security Bulletin MS07-002 is a useful program which can substitute a prior security update. more>>
Microsoft Security Bulletin MS07-002 2 is a useful program which can substitute a prior security update. See the frequently asked questions (FAQ) section of this bulletin for the complete list. Microsoft Knowledge Base Article 927198 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues.
Microsoft Security Bulletin MS04-020 2.0
Microsoft Security Bulletin MS04-020 Vulnerability in POSIX Could Allow Code Execution Vulnerability Identifiers: POSIX Vulnerability - CAN-2004-0210 - A privilege elevation vulnerability exists in more>> Microsoft Security Bulletin MS04-020
Vulnerability in POSIX Could Allow Code Execution
Vulnerability Identifiers: POSIX Vulnerability - CAN-2004-0210 - A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.
Impact of Vulnerability: Privilege Elevation
Windows NT4: Important
Windows 2000: Important
<<lessMicrosoft Security Bulletin (MS00-082) 2.0
Patch Available for Malformed MIME Header Vulnerability more>> Microsoft? has released a patch that eliminates a security vulnerability in Exchange Server 5.0 and Exchange Server 5.5. The vulnerability could enable a malicious user to cause an Exchange server to fail.<<less
Microsoft Security Bulletin MS03-039 824146
Critical update for NT/2000/XP/2003 more>> A security issue has been identified that could allow an attacker to remotely compromise a computer running Microsoft Windows and gain complete control over it. You can help protect your computer by installing this update from Microsoft.
Note: Windows 98, Windows 98 Second Edition (SE), and Windows 95 also are not affected by this issue. However, these products are no longer supported. Users of these products are strongly encouraged to upgrade to later versions.
<<lessMicrosoft Security Bulletin MS03-043 828035
Buffer Overrun in Could Allow Code Execution more>> A security vulnerability exists in the Messenger Service that could allow arbitrary code execution on an affected system. The vulnerability results because the Messenger Service does not properly validate the length of a message before passing it to the allocated buffer.
An attacker who successfully exploited this vulnerability could be able to run code with Local System privileges on an affected system, or could cause the Messenger Service to fail. The attacker could then take any action on the system, including installing programs, viewing, changing or deleting data, or creating new accounts with full privileges.
<<lessMicrosoft Security Bulletin MS03-005 810577
Unchecked Buffer in Windows Redirector more>> The Windows Redirector is used by a Windows client to access files, whether local or remote, regardless of the underlying network protocols in use. For example, the "Add a Network Place" Wizard or the NET USE command can be used to map a network share as a local drive, and the Windows Redirector will handle the routing of information to and from the network share.
A security vulnerability exists in the implementation of the Windows Redirector on Windows XP because an unchecked buffer is used to receive parameter information. By providing malformed data to the Windows Redirector, an attacker could cause the system to fail, or if the data was crafted in a particular way, could run code of the attacker?s choice.
<<lessMicrosoft Security Bulletin MS03-006 812709
Microsoft Security Bulletin MS03-006 812709 is a bulletin of security for Microsoft products that users can obtain assistance on a variety of topics. more>>
Microsoft Security Bulletin MS03-006 812709 is a bulletin of security for Microsoft products that users can obtain assistance on a variety of topics. For instance, it provides product documentation, assistance in determining hardware compatibility, access to Windows Update, online help from Microsoft, and other assistance. Users and programs can execute URL links to Help and Support Center by using the "hcp://" prefix in a URL link instead of "http://".
A security vulnerability is present in the Windows Me version of Help and Support Center, and results because the URL Handler for the "hcp://" prefix contains an unchecked buffer.
An attacker could exploit the vulnerability by constructing a URL that, when clicked on by the user, would execute code of the attacker's choice in the Local Computer security context. The URL could be hosted on a web page, or sent directly to the user in email. In the web based scenario, where a user then clicked on the URL hosted on a website, an attacker could have the ability to read or launch files already present on the local machine.
In the case of an e-mail borne attack, if the user was using Outlook Express 6.0 or Outlook 2002 in their default configurations, or Outlook 98 or 2000 in conjunction with the Outlook Email Security Update, then an attack could not be automated and the user would still need to click on a URL sent in e-mail. However if the user was not using Outlook Express 6.0 or Outlook 2002 in their default configurations, or Outlook 98 or 2000 in conjunction with the Outlook Email Security Update, the attacker could cause an attack to trigger automatically without the user having to click on a URL contained in an e-mail.
Requirements: Windows ME
Microsoft Security Bulletin MS03-047 828489
Vulnerability in Exchange Server 5.5 Could Allow Scripting Attack more>> A cross-site scripting (XSS) vulnerability results due to the way that Outlook Web Access (OWA) performs HTML encoding in the Compose New Message form.
An attacker could seek to exploit this vulnerability by having a user run script on the attackers behalf. The script would execute in the security context of the user. If the script executes in the security context of the user, the attackers code could then execute by using the security settings of the OWA Web site (or of a Web site that is hosted on the same server as the OWA Web site) and could enable the attacker to access any data belonging to the site where the user has access.
To exploit this vulnerability through OWA, an attacker would have to send an e-mail message that has a specially-formed link to the user. The user would then have to click the link. To exploit this vulnerability in another way, an attacker would have to know the name of the users Exchange server and then entice the user to open a specially-formed link from another source while the user is logged on to OWA.
Note: Customers who have customized any of the ASP pages in the File Information section in this document should backup those files before applying this patch as they will be overwritten when the patch is applied. Any customizations would then need to be reapplied to the new ASP pages. Please refer to the Microsoft Support Policy for the Customization of Outlook Web Access available at http://support.microsoft.com/default.aspx?scid=kb;en-us;327178
<<less
