Top: Advisories: Windows

• CA-2000-04 Love Letter Worm
  The Love Letter Worm is a malicious VBScript program that spreads in a variety of ways. Users can be infected by various means, including email, Windows file sharing, IRC, USENET news, and possibly via web pages.
  
• CA-2000-07 Microsoft Office 2000 UA ActiveX Control Incorrectly Marked "Saf
  The Microsoft Office 2000 UA ActiveX control is incorrectly marked as "safe for scripting". This vulnerability may allow for an intruder to disable macro warnings in Office products and, subsequently, execute arbitrary code. This vulnerability may be exploited by viewing an HTML document via a web page, newsgroup posting, or email message.
  
• CA-2000-10 Inconsistent Warning Messages in Internet Explorer
  Several flaws exist in Microsoft Internet Explorer that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information. These problems are different from the problems reported in CERT advisories CA-2000-05 and CA-2000-08, but they have a similar impact.
  
• CA-2000-12 HHCtrl ActiveX Control Allows Local Files to be Executed
  The HHCtrl ActiveX control has a serious vulnerability that allows remote intruders to execute arbitrary code, if the intruder can cause a compiled help file (CHM) to be stored "locally."
  
• CA-2000-14 Microsoft Outlook and Outlook Express Cache Bypass Vulnerability
  Microsoft recently released Microsoft Security Bulletin MS00-046, in which they announced a patch for the "Cache Bypass" vulnerability. By exploiting this vulnerability, an attacker can use an HTML-formatted message to read certain types of files on the victim's machine.
  
• CA-2000-16: Microsoft "IE Script"/Access/OBJECT Tag Vulnerability
  Under certain conditions, Internet Explorer can open Microsoft Access database or project files containing malicious code and execute the code without giving a user prior warning. Access files that are referenced by OBJECT tags in HTML documents can allow attackers to execute arbitrary commands using Visual Basic for Applications or macros.
  
• CA-2001-06: Automatic Execution of Embedded MIME Types
  Microsoft Internet Explorer has a vulnerability triggered when parsing MIME parts in a document that allows a malicious agent to execute arbitrary code.
  
• CA-2001-13: Buffer Overflow In IIS Indexing Service DLL
  A vulnerability exists in the Indexing Services used by Microsoft IIS 4.0 and IIS 5.0 running on Windows NT, Windows 2000, and beta versions of Windows XP. This vulnerability allows a remote intruder to run arbitrary code on the victim machine.
  
• CA-99-04 Melissa Macro Virus
  At approximately 2:00 PM GMT-5 on Friday March 26 1999 we began receiving reports of a Microsoft Word 97 and Word 2000 macro virus which is propagating via email attachments. The number and variety of reports we have received indicate that this is a widespread attack affecting a variety of sites.
  
• CA-99-06 ExploreZip Trojan Horse Program
  This advisory reports on the "ExploreZip" Trojan horse, which is propagated by email and which destroys files.
  

[ 1 2 3 4 ]