SecurityTracker.com Archives - Microsoft Various Operating System Flaws Lets Remote Users Execute Code and Local Users Gain Elevated Privileges or Deny Service

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker
Archives

Sign Up

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Affiliates

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Partners

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: OS (Microsoft) > Windows DLL (Any)

Vendors: Microsoft

Microsoft Various Operating System Flaws Lets Remote Users Execute Code and Local Users Gain Elevated Privileges or Deny Service

SecurityTracker Alert ID: 1011645

SecurityTracker URL: http://securitytracker.com/id?1011645

CVE Reference: CAN-2004-0207 , CAN-2004-0208 , CAN-2004-0209 , CAN-2004-0211 (Links to External Site)

Date: Oct 12 2004

Impact: Denial of service via local system, Execution of arbitrary code via local system, Execution of arbitrary code via network, Modification of system information, Root access via local system, Root access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): Windows NT 4 SP6 and SP6a, 2000 SP3 and SP4, 2003, and XP SP1

Description: Several vulnerabilities were reported in various components of Microsoft's operating systems. A remote user can execute arbitrary code on the target system. A local user can gain elevated privileges. A local user can cause denial of service conditions.

Microsoft reported that a local user can exploit a flaw in several Window Management application programming interfaces (APIs) to take full control of the target system [CVE: CAN-2004-0207]. The affected APIs allow a local user to modify the properties of an application that is running at a higher privilege level. As a result, the local user can gain the privileges of the target application.

Microsoft credits Brett Moore of Security-Assessment.com with reporting this flaw.

It is also reported that the Virtual DOS Machine (VDM) subsystem allows a local user to take full control of the operating system [CVE: CAN-2004-0208].

Microsoft credits eEye Digital Security with reporting this flaw.

It is also reported that a remote user can create a specially crafted Windows Metafile (WMF) or Enhanced Metafile (EMF) image that, when rendered on the target user's system, will execute arbitrary code [CVE: CAN-2004-0209]. The flaw resides in the processing of these image formats in the Graphics Rendering Engine.

Microsoft credits Patrick Porlan and also Mark Russinovich of Winternals Software with reporting this vulnerability.

It is also reported that the Windows kernel does not properly reset some values within certain CPU data structures [CVE: CAN-2004-0211]. A local user can execute code to exploit this flaw and cause the operating system to stop responding.

Microsoft credits hlt with reporting this flaw.

Impact: A remote user can execute arbitrary code on the target system with System level privileges.

A local user can gain elevated privileges.

A local user can cause the system to stop responding.

Vendor URL: www.microsoft.com/technet/security/bulletin/ms04-032.mspx (Links to External Site)

Cause: Access control error, Input validation error, State error

Underlying OS: Windows (NT), Windows (2000), Windows (2003), Windows (XP)

Message History: None.

Source Message Contents

Date: Tue, 12 Oct 2004 11:29:02 -0400
Subject: http://www.microsoft.com/technet/security/bulletin/ms04-032.mspx

 
 
 
MS04-032
 
http://www.microsoft.com/technet/security/bulletin/ms04-032.mspx

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2004, SecurityGlobal.net LLC