﻿<?xml version="1.0" encoding="utf-8"?>
<Document Type="Vulnerability Information" Version="091">
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050019"/>
<P Name="VulnerabilityName" Value="MS05-019"/>
<P Name="CVEID" Value="CAN-2005-0048;CAN-2004-0790;CAN-2004-1060;CAN-2004-0230;CAN-2005-0688"/>
<P Name="MalwareName" Value="HKTL_EXPLANI.A;HKTL_PNGEXP.A;HKTL_PNGFILE.A"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security bulletin resolves newly discovered, privately-reported vulnerabilities affecting Windows. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. However, an attacker who successfully exploited the most severe of these vulnerabilities would most likely cause the affected system to stop responding."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050017"/>
<P Name="VulnerabilityName" Value="MS05-017"/>
<P Name="CVEID" Value="CAN-2005-0059"/>
<P Name="MalwareName" Value="HKTL_EXPLANI.A;HKTL_PNGEXP.A;HKTL_PNGFILE.A"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Message Queuing Could Allow Code Execution (892944)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows XP;64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP Service Pack 1"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A remote code execution vulnerability exists in Message Queuing that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050016"/>
<P Name="VulnerabilityName" Value="MS05-016"/>
<P Name="CVEID" Value="CAN-2005-0063"/>
<P Name="MalwareName" Value="HKTL_EXPLANI.A;HKTL_PNGEXP.A;HKTL_PNGFILE.A"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium);Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A remote code execution vulnerability exists in the Windows Shell because of the way that it handles application association. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of the affected system. However, user interaction is required to exploit this vulnerability."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050018"/>
<P Name="VulnerabilityName" Value="MS05-018"/>
<P Name="CVEID" Value="CAN-2005-0060;CAN-2005-0061;CAN-2005-0550;CAN-2005-0551"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium);Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security bulletin resolves newly-discovered, privately-reported vulnerabilities affecting Windows. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050042"/>
<P Name="VulnerabilityName" Value="MS05-042"/>
<P Name="CVEID" Value="CAN-2005-1981;CAN-2005-1982"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="This security bulletin resolves the following vulnerabilities found in Microsoft Windows: (1) the Kerberos vulnerability, which is a denial of service vulnerability that allows an attacker to send a specially crafted message to a Windows domain controller, making the service that is responsible for authenticating users in an Active Directory domain to stop responding, and (2)the PKINIT vulnerability, which is an information disclosure and spoofing vulnerability that allows an attacker to manipulate certain information that is sent from a domain controller and potentially access sensitive client network communication."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050043"/>
<P Name="VulnerabilityName" Value="MS05-043"/>
<P Name="CVEID" Value="CAN-2005-1984"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Print Spooler Service Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A remote code execution vulnerability in the Printer Spooler service allows an attacker who successfully exploits this vulnerability to take complete control of the affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050040"/>
<P Name="VulnerabilityName" Value="MS05-040"/>
<P Name="CVEID" Value="CAN-2005-0058"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Telephony Service Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security advisory explains a vulnerability in the Telephony Application Programming Interface (TAPI) service that could allow remote code execution. Attackers who successfully exploits the said vulnerability can take complete control of an affected system. They could then install programs, view, change, or delete data, and create new accounts with full user rights"/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050041"/>
<P Name="VulnerabilityName" Value="MS05-041"/>
<P Name="CVEID" Value="CAN-2005-1218"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Remote Desktop Protocol Vulnerability Could Allow Denial of Service"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="A remote malicious user can use the process employed by the Remote Desktop Protocol (RDP) to validate data to cause a denial of service (DoS) attack, which stops an affected machine from responding and causing it to automatically restart."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050039"/>
<P Name="VulnerabilityName" Value="MS05-039"/>
<P Name="CVEID" Value="CAN-2005-1983"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Service Pack 1"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="An unchecked buffer in the Plug and Play service results in this vulnerability. Once successfully exploited, this vulnerability permits an attacker to have complete virtual control of an affected system. This vulnerability involves a remote code execution and local elevation of privilege. It can be exploited over the Internet."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050038"/>
<P Name="VulnerabilityName" Value="MS05-038"/>
<P Name="CVEID" Value="CAN-2005-1988;CAN-2005-1989;CAN-2005-1990 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows 2000 Service Pack 4"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security bulletin resolves the following vulnerabilities found in Internet Explorer: (1) JPEG Image Rendering Memory Corruption vulnerability, which allows remote code execution when exploited by a remote malicious user, (2) Web Folder Behaviors Cross-Domain vulnerability, allows information disclosure or remote code execution on an affected system, and (3) COM Object Instantiation Memory Corruption vulnerability, which exists in the way Internet Explorer lists the instances of COM Objects that are not intended to be used in Internet Explorer."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2003007"/>
<P Name="VulnerabilityName" Value="MS03-007"/>
<P Name="CVEID" Value="CAN-2003-0109"/>
<P Name="MalwareName" Value="AGOBOT FAMILY;BKDR_RBOT.B;BKDR_SDBOT.CC;TROJ_KAHT.A;TROJ_ROLARK.A;TROJ_WCOT.A;WORM_GAOBOT.AC;WORM_KIBUV.B;WORM_MUMU.C;WORM_NACHI.A;WORM_NACHI.B;WORM_NACHI.C;WORM_NACHI.D;WORM_NACHI.F;WORM_NACHI.G;WORM_NACHI.I;WORM_NACHI.K;WORM_RBOT.AA;WORM_RBOT.AB;WORM_RBOT.AE;WORM_RBOT.AF;WORM_RBOT.AJ;WORM_RBOT.BZ;WORM_RBOT.CC;WORM_RBOT.EM;WORM_RBOT.R;WORM_RBOT.TW;WORM_RBOT.W;WORM_RBOT.WU;WORM_RBOT.ZA;WORM_SDBOT.BV;WORM_SDBOT.CC;WORM_SDBOT.DZ;WORM_SDBOT.FB;WORM_SDBOT.FC;WORM_SDBOT.FD;WORM_SDBOT.FE;WORM_SDBOT.FQ;WORM_SDBOT.G;WORM_SDBOT.GO;WORM_SDBOT.IG;WORM_SDBOT.IY;WORM_SDBOT.JG;WORM_SDBOT.JS;WORM_SDBOT.JT;WORM_SDBOT.JY;WORM_SDBOT.K;WORM_SDBOT.KY;WORM_SDBOT.M;WORM_SDBOT.MD;WORM_SDBOT.MG;WORM_SDBOT.MH;WORM_SDBOT.PF;WORM_SDBOT.WY;WORM_SDBOT.ZY;WORM_SPYBOT.AP;WORM_SPYBOT.CG;WORM_SPYBOTER.CY;WORM_SPYBOTER.CZ"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low;Very Low;Very Low;Very Low;Low;Low;Low;Medium;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Unchecked Buffer In Windows Component Could Cause Server Compromise"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT 4.0;Microsoft Windows NT 4.0, Terminal Server Edition;Microsoft Windows 2000;Microsoft Windows XP"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to execute arbitrary code through a WebDAV request to IIS 5.0. This is caused by a buffer overflow in NTDLL.DLL on Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040026"/>
<P Name="VulnerabilityName" Value="MS04-026"/>
<P Name="CVEID" Value="CAN-2004-0203"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting and Spoofing Attacks (842436)"/>
<P Name="AffectedSoftware" Value="Microsoft Exchange Server 5.5 SP4;Outlook Web Access"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="A cross-site scripting and spoofing vulnerability exists in Outlook Web Access (OWA) for Microsoft Exchange Server 5.5 that could cause a user to run a script on the attacker's behalf."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040038"/>
<P Name="VulnerabilityName" Value="MS04-038"/>
<P Name="CVEID" Value="CAN-2004-0842;CAN-2004-0727;CAN-2004-0216;CAN-2004-0839;CAN-2004-0844;CAN-2004-0843;CAN-2004-0841;CAN-2004-0845"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (834707)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP, Microsoft Windows XP Service Pack 1, and Microsoft Windows XP Service Pack 2;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me);Internet Explorer 5.01 Service Pack 3 on Windows 2000 SP3;Internet Explorer 5.01 Service Pack 4 on Windows 2000 SP4;Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Me;Internet Explorer 6 on Windows XP;Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 3, on Microsoft Windows 2000 Service Pack 4, on Microsoft Windows XP, or on Microsoft Windows XP Service Pack 1;Internet Explorer 6 Service Pack 1 on Microsoft Windows NT Server 4.0 Service Pack 6a, on Microsoft Windows NT Server 4.0 Terminal Service Edition Service Pack 6, on Microsoft Windows 98, on Microsoft Windows 98 SE, or on Microsoft Windows Me;Internet Explorer 6 for Windows XP Service Pack 1 (64-Bit Edition);Internet Explorer 6 for Windows Server 2003;Internet Explorer 6 for Windows Server 2003 64-Bit Edition and Windows XP 64-Bit Edition Version 2003;Internet Explorer 6 for Windows XP Service Pack 2;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This is a remote code execution vulnerability that exists in the Internet Explorer. It allows remote code execution on an affected system. An attacker could exploit this vulnerability by constructing a malicious Web Page. The said routine could allow remote code execution if a user visited a malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, significant user interaction is required to exploit this vulnerability."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2004011"/>
<P Name="VulnerabilityName" Value="MS04-011"/>
<P Name="CVEID" Value="CAN-2003-0533;CAN-2003-0663;CAN-2003-0719;CAN-2003-0806;CAN-2003-0906;CAN-2003-0907;CAN-2003-0908;CAN-2003-0909;CAN-2003-0910;CAN-2004-0117;CAN-2004-0118;CAN-2004-0119;CAN-2004-0120;CAN-2004-0123"/>
<P Name="MalwareName" Value="WORM_AGOBOT.IM;WORM_AGOBOT.JF;WORM_AGOBOT.RZ;WORM_AGOBOT.TG;WORM_AGOBOT.WW;WORM_AGOBOT.YG;WORM_BOBAX.A;WORM_BOBAX.B;WORM_BOBAX.C;WORM_BOBAX.D;WORM_CYCLE.A;WORM_KIBUV.A;WORM_KIBUV.B;WORM_KORGO.A;WORM_KORGO.B;WORM_KORGO.C;WORM_KORGO.D;WORM_KORGO.E;WORM_KORGO.F;WORM_KORGO.GEN;WORM_KORGO.H;WORM_KORGO.I;WORM_PLEXUS.B;WORM_RBOT.AE;WORM_RBOT.AF;WORM_RBOT.BZ;WORM_RBOT.CC;WORM_RBOT.EM;WORM_SASSER-1;WORM_SASSER.A;WORM_SASSER.B;WORM_SASSER.C;WORM_SASSER.D;WORM_SASSER.E;WORM_SASSER.F;WORM_SASSER.GEN;WORM_SDBOT.KW;WORM_SDBOT.WY;WORM_SPYBOT.CG"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;High;Medium;High;Low;Low;Low;Low;Low;Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Security Update for Microsoft Windows (835732)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT® Workstation 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server;Microsoft Windows 2000 Service Pack 2;Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP;Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft NetMeeting;Microsoft Windows 98;Microsoft Windows 98 Second Edition (SE);Microsoft Windows Millennium Edition (ME)"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="The LSASS buffer overrun vulnerability allows remote code execution.;The LDAP vulnerability is a denial of service vulnerability that causes the service in a Windows 2000 domain controller in an Active Directory domain to stop responding.;The PCT vulnerability is a buffer overrun vulnerability in the Private Communications Transport  protocol, that allows remote code execution.;The Winlogon vulnerability is a buffer overrun vulnerability in the Windows logon process that allows remote code execution.;The Metafile vulnerability is a buffer overrun vulnerability that exists in the rendering of Windows Metafile (WMF) and Enhanced Metafile (EMF) image formats.;The Help and Support Center vulnerability allows remote code execution due to the way Help and Support Center handles HCP URL validation.;The Utility Manager vulnerability is a privilege elevation vulnerability that exists due to the way that Utility Manager launches applications.;The Windows Management vulnerability is a privilege elevation vulnerability that could allow a local attacker to take complete control of a system by executing commands with system privilege level.;The Local Descriptor Table vulnerability could allow a local attacker to take complete control of a system by executing commands with system privileges.;This H.323 buffer overrun vulnerability could allow attackers to gain full control of a system by arbitrarily executing commands with system privileges.;Virtual DOS Machine vulnerability could allow a local attacker to gain full control of a system by executing certain commands;This Negotiate SSP buffer overrun vulnerability that exists in Microsoft's Negotiate Security Service Provider interface could allow remote code execution.;This SSL vulnerability exists due to the way SSL packets are handled and can cause the affected systems to stop responding to SSL connection requests.;The ASN.1 Double-Free vulnerability exists in Microsoft's Abstract Syntax Notation One Library and allows remote code execution with system privilege level."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050027"/>
<P Name="VulnerabilityName" Value="MS05-027"/>
<P Name="CVEID" Value="CAN-2005-1206"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Server Message Block Could Allow Remote Code Execution (896422)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3 ;Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1 ;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium) ;Microsoft Windows XP Professional x64 Edition ;Microsoft Windows XP Service Pack 1 ;Microsoft Windows XP Service Pack 2 "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A remote code execution vulnerability exists in the Microsoft’s implementation of the Server Message Block (SMB) protocol, which could allow an attacker to execute arbitrary codes to take complete control over a target system.   This vulnerability could be exploited over the Internet. An attacker would have to transmit a specially crafted SMB packet to a target system to exploit it. However, failure to successfully exploit the vulnerability could only lead to a denial of service. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050035"/>
<P Name="VulnerabilityName" Value="MS05-035"/>
<P Name="CVEID" Value="CAN-2005-0564"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Word Could Allow Remote Code Execution (903672)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office XP Software Service Pack 3;Microsoft Word 2002;Microsoft Works Suite 2001;Microsoft Works Suite 2002;Microsoft Works Suite 2003;Microsoft Works Suite 2004"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability exists in the application Microsoft Word. It allows a remote malicious user to execute commands locally on the affected system. This vulnerability can be exploited when an affected user opens a Microsoft Word file. "/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050034"/>
<P Name="VulnerabilityName" Value="MS05-034"/>
<P Name="CVEID" Value="CAN-2005-1215;CAN-2005-1216"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for ISA Server 2000 (899753)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Security and Acceleration (ISA) Server 2000 Service Pack 2;Microsoft Small Business Server 2000;Microsoft Small Business Server 2003"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="This security bulletin resolves the following vulnerabilities affecting Microsoft Internet Security and Acceleration (ISA) Server 2000, Microsoft Small Business Server 2000, and Microsoft Small Business Server 2003.;  The HTTP Content Header vulnerability could potentially allow an attacker to poison the cache of the affected ISA server because of the way that it handles malformed HTTP requests.;  The NetBIOS Predefined Filter vulnerability could allow an attacker who successfully exploits this vulnerability to create a NetBIOS connection with an ISA Server by utilizing the NetBIOS (all) predefined packet filter."/>
<P Name="UpdateType" Value="Trend SA"/>
<P Name="URL" Value="http://www.trendmicro.com/vinfo/default.asp?sect=SA"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050030"/>
<P Name="VulnerabilityName" Value="MS05-030"/>
<P Name="CVEID" Value="CAN-2005-1213"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update in Outlook Express (897715)"/>
<P Name="AffectedSoftware" Value="Microsoft Outlook Express 5.5 Service Pack 2 (Microsoft Windows 2000 Service Pack 3) ;Microsoft Outlook Express 5.5 Service Pack 2 (Microsoft Windows 2000 Service Pack 4) ;Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 for Itanium-based Systems) ;Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003) ;Microsoft Outlook Express 6.0 (Microsoft Windows XP 64-Bit Edition Service Pack 1 -- Itanium) ;Microsoft Outlook Express 6.0 Service Pack 1 (Microsoft Windows 2000 Service Pack 3) ;Microsoft Outlook Express 6.0 Service Pack 1 (Microsoft Windows 2000 Service Pack 4) ;Microsoft Outlook Express 6.0 Service Pack 1 (Microsoft Windows XP 64-Bit Edition Service Pack 1 -- Itanium) ;Microsoft Outlook Express 6.0 Service Pack 1 (Microsoft Windows XP Service Pack 1) ;Microsoft Windows 2000 Service Pack 3 ;Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows 98 ;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition ;Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP 64-Bit Edition Service Pack 1 ;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium) "/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="A remote code execution vulnerability exists in Outlook Express when it is used as a newsgroup reader. An attacker could exploit this vulnerability by constructing a malicious newsgroup server that could that potentially allow remote code execution if a user queried the server for news."/>
<P Name="UpdateType" Value="Trend SA"/>
<P Name="URL" Value="http://www.trendmicro.com/vinfo/default.asp?sect=SA"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050029"/>
<P Name="VulnerabilityName" Value="MS05-029"/>
<P Name="CVEID" Value="CAN-2005-0563"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179)"/>
<P Name="AffectedSoftware" Value="Microsoft Exchange Server 5.5 Service Pack 4"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="Microsoft Outlook Web Access (OWA) is an optional component of Exchange Server that enables users to view their mailboxes via a Web interface.   A cross-site scripting vulnerability exists in OWA version 5.5, which could allow attackers to inject arbitrary script codes into a user’s OWA session. An exploit for this vulnerability could be leveraged to steal login credentials, which may lead into compromising the affected user's mailbox."/>
<P Name="UpdateType" Value="Trend SA"/>
<P Name="URL" Value="http://www.trendmicro.com/vinfo/default.asp?sect=SA"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050037"/>
<P Name="VulnerabilityName" Value="MS05-037"/>
<P Name="CVEID" Value="CAN-2005-2087 "/>
<P Name="MalwareName" Value="JS_EXPLOIT.F"/>
<P Name="MalwareRiskRating" Value="Low"/>
<P Name="VulnerabilityTitle" Value="Vulnerability in JView Profiler Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 3);Microsoft Internet Explorer 5.5 Service Pack 2;Microsoft Internet Explorer 6 for Microsoft Windows XP Service Pack 2;Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 98 SE);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 98);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows Millennium Edition);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 for Itanium-based Systems);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 x64 Edition);Microsoft Internet Explorer 6.0 (Microsoft Windows XP Professional x64 Edition);Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A COM object, the JView Profiler (Javaprxy.dll), contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system by hosting a malicious Web site. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050028"/>
<P Name="VulnerabilityName" Value="MS05-028"/>
<P Name="CVEID" Value="CAN-2005-1207"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Web Client Service Could Allow Remote Code Execution (896426)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium) ;Microsoft Windows XP Service Pack 1 ;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium) "/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="A vulnerability exists in the way that Windows processes Web Client requests, which could allow a remote attacker to execute arbitrary code and take complete control over the affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050032"/>
<P Name="VulnerabilityName" Value="MS05-032"/>
<P Name="CVEID" Value="CAN-2005-1214"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Agent Could Allow Spoofing (890046)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows 98 ;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 for Itanium-based Systems ;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium);Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2 ;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems ;Microsoft Windows Server 2003 x64 Edition"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="This vulnerability could enable an attacker to spoof trusted Internet content because security prompts can be disguised by a Microsoft Agent character."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050033"/>
<P Name="VulnerabilityName" Value="MS05-033"/>
<P Name="CVEID" Value="CAN-2005-1205"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Telnet Client Could Allow Information Disclosure (896428)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 for Itanium-based Systems ;Microsoft Windows Server 2003 Service Pack 1 ;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition ;Microsoft Windows Services for UNIX 2.2 on Windows 2000;Microsoft Windows Services for UNIX 3.0 on Windows 2000 ;Microsoft Windows Services for UNIX 3.5 on Windows 2000 ;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium) ;Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium) ;Microsoft Windows XP Professional x64 Edition ;Microsoft Windows XP Service Pack 1 ;Microsoft Windows XP Service Pack 2 "/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="This vulnerability in the Microsoft Telnet client could allow an attacker to gain sensitive information about the affected system and read the session variables of users who have open connections to a malicious Telnet server."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050025"/>
<P Name="VulnerabilityName" Value="MS05-025"/>
<P Name="CVEID" Value="CAN-2005-1211;CAN-2002-0648"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (883939)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 3 (Microsoft Windows 2000 Service Pack 3) ;Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 3) ;Microsoft Internet Explorer 5.5 Service Pack 2 (Microsoft Windows Millennium Edition);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 -- Itanium);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003) ;Microsoft Internet Explorer 6 (Microsoft Windows XP 64-Bit Edition Version 2003 -- Itanium);Microsoft Internet Explorer 6 for Microsoft Windows XP Service Pack 2;Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 3) ;Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 98 SE);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 98);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows Millennium Edition);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows XP 64-Bit Edition Service Pack 1 -- Itanium) ;Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows XP Service Pack 1);Microsoft Windows 2000 Service Pack 3 ;Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98 ;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium);Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security bulletin resolves the following vulnerabilities affecting Internet Explorer.;  The PNG Image Rendering Memory Corruption vulnerability could allow an attacker to execute arbitrary code on the system because of a vulnerability in the way Internet Explorer handles PNG images.;  The XML Redirect Information Disclosure vulnerability could allow an attacker to read XML data from another Internet Explorer domain because of a vulnerability in the way Internet Explorer handles certain requests to display XML content."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050036"/>
<P Name="VulnerabilityName" Value="MS05-036"/>
<P Name="CVEID" Value="CAN-2005-1219"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability could allow a remote attacker to execute arbitrary codes on the affected system via a malicious image file in a Web site or email message. This vulnerability exists because of the way Microsoft Color Management Module handles ICC profile format tag validation."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050026"/>
<P Name="VulnerabilityName" Value="MS05-026"/>
<P Name="CVEID" Value="CAN-2005-1208 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in HTML Help Could Allow Remote Code Execution (896358)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium);Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="HTML Help is the standard help system for the Windows platform. Authors can use it to create online Help files for a software application or content for a multimedia title or a Web site.  This vulnerability in HTML Help could allow attackers to execute arbitrary code on the affected system via a specially crafted Compiled Windows Help (CHM) file, because it does not completely validate input data."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2003026"/>
<P Name="VulnerabilityName" Value="MS03-026"/>
<P Name="CVEID" Value="CAN-2003-0352"/>
<P Name="MalwareName" Value="AGOBOT FAMILY;BKDR_CIREBOT.A;BKDR_DONK.O;BKDR_RBOT.B;BKDR_RPCBOT.D;BKDR_SDBOT.CC;BKDR_SDBOT.GV;HKTL_DCOM.AI;HKTL_DCOM.L;HKTL_DCOM.U;HKTL_DCOM.V;HKTL_DCOM.X;HKTL_DCOM.Y;HKTL_DCOMDOS.A;HKTL_RPCDCOM.A;TROJ_EXPLTDCOM.A;WORM_BOBAX.C;WORM_BOLGI.A;WORM_DINKDINK.B;WORM_DONK.B;WORM_DONK.C;WORM_DONK.L;WORM_DONK.M;WORM_FRANCETTE.C;WORM_FRANCETTE.D;WORM_FRANCETTE.F;WORM_FRANCETTE.G;WORM_FRANCETTE.H;WORM_GAOBOT.AC;WORM_KIBUV.B;WORM_MSBLAST.A;WORM_MSBLAST.B;WORM_MSBLAST.C;WORM_MSBLAST.D;WORM_MSBLAST.E;WORM_MSBLAST.F;WORM_MSBLAST.G;WORM_MSBLAST.H;WORM_MSBLAST.I;WORM_MUMU.C;WORM_NACHI.A;WORM_NACHI.B;WORM_NACHI.C;WORM_NACHI.D;WORM_NACHI.F;WORM_NACHI.G;WORM_NACHI.I;WORM_NACHI.K;WORM_PLEXUS.B;WORM_RALEKA.A;WORM_RALEKA.B;WORM_RALEKA.C;WORM_RBOT.AA;WORM_RBOT.AB;WORM_RBOT.AE;WORM_RBOT.AF;WORM_RBOT.AJ;WORM_RBOT.BZ;WORM_RBOT.CC;WORM_RBOT.EM;WORM_RBOT.R;WORM_RBOT.TW;WORM_RBOT.W;WORM_RBOT.WU;WORM_RBOT.ZA;WORM_RPCDCOM.B;WORM_RPCSDBOT.A;WORM_RPCSDBOT.B;WORM_SDBOT.BV;WORM_SDBOT.CC;WORM_SDBOT.DZ;WORM_SDBOT.FB;WORM_SDBOT.FC;WORM_SDBOT.FD;WORM_SDBOT.FE;WORM_SDBOT.FQ;WORM_SDBOT.G;WORM_SDBOT.GO;WORM_SDBOT.IG;WORM_SDBOT.IY;WORM_SDBOT.JG;WORM_SDBOT.JS;WORM_SDBOT.JT;WORM_SDBOT.JY;WORM_SDBOT.K;WORM_SDBOT.KY;WORM_SDBOT.L;WORM_SDBOT.M;WORM_SDBOT.MD;WORM_SDBOT.MG;WORM_SDBOT.MH;WORM_SDBOT.PF;WORM_SDBOT.WY;WORM_SDBOT.ZY;WORM_SPYBOT.AP;WORM_SPYBOT.CG;WORM_SPYBOT.S;WORM_SPYBOTER.CY;WORM_SPYBOTER.CZ"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Very Low;Low;Low;Low;Low;Low;Low;Very Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;High;Low;Low;Low;Low;Low;Low;Low;Low;Low;Medium;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Very Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Buffer Overrun In RPC Interface Could Allow Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT 4.0;Microsoft Windows NT 4.0 Terminal Services Edition;Microsoft Windows 2000;Microsoft Windows XP;Microsoft Windows Server 2003"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to execute arbitrary code through a malformed message. This is caused by a buffer overflow in certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2003041"/>
<P Name="VulnerabilityName" Value="MS03-041"/>
<P Name="CVEID" Value="CAN-2003-0660"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Workstation 4.0, Service Pack 6a;Microsoft Windows NT Server 4.0, Service Pack 6a;Microsoft Windows NT Server 4.0, Terminal Server Edition, Service Pack 6;Microsoft Windows 2000, Service Pack 2;Microsoft Windows 2000, Service Pack 3, Service Pack 4;Microsoft Windows XP Gold, Service Pack 1;Microsoft Windows XP 64-bit Edition;Microsoft Windows XP 64-bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-bit Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows a remote attacker to execute arbitrary code without user approval. This is caused by the authenticode capability in Microsoft Windows NT through Server 2003 not prompting the user to download and install ActiveX controls when system is low on memory."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2004016"/>
<P Name="VulnerabilityName" Value="MS04-016"/>
<P Name="CVEID" Value="CAN-2004-0202"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in DirectPlay Could Allow Denial of Service (839643)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows 98;Microsoft Windows 98 Second Edition (SE);Microsoft Windows Millennium Edition (Me);Microsoft DirectX 7.0a, 7.1, 8.1, 8.1a, 8.1b, 8.2, 9.0, 9.0a, 9.0b on Windows 98, Windows 98 Second Edition, Windows Millennium Edition;Microsoft DirectX 8.0, 8.0a, when installed on Windows 2000;Microsoft DirectX 8.1, 8.1a, 8.1b when installed on Windows 2000;Microsoft DirectX 8.2 when installed on Windows 2000, or Windows XP;Microsoft DirectX 9.0, 9.0a, 9.0b when installed on Windows 2000, Windows XP, or Windows Server 2003;Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP and Microsoft Windows XP Service Pack 1"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="This is a denial of service (DoS) vulnerability. It affects applications that implement the IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay. Applications that use this API are typically network-based multiplayer games.;An attacker who successfully exploits this vulnerability could cause the DirectX application to fail while a user is playing a game. The affected user would then have to restart the application."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2004018"/>
<P Name="VulnerabilityName" Value="MS04-018"/>
<P Name="CVEID" Value="CAN-2004-0215"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Outlook Express (823353)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Workstation 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP and Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows Millennium Edition (Me);Microsoft Outlook Express 5.5 Service Pack 2;Microsoft Outlook Express 6;Microsoft Outlook Express 6 Service Pack 1;Microsoft Outlook Express 6 Service Pack 1 (64 bit Edition);Microsoft Outlook Express 6 on Windows Server 2003;Microsoft Outlook Express 6 on Windows Server 2003 (64 bit edition);Microsoft Windows 98;Microsoft Windows 98 Second Edition (SE)"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="A denial of service (DoS) vulnerability exists in Outlook Express that could cause the said program to fail. The malformed email should be removed before restarting Outlook Express in order to regain its normal operation."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050024"/>
<P Name="VulnerabilityName" Value="MS05-024"/>
<P Name="CVEID" Value="CAN-2005-1191"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Web View Could Allow Remote Code Execution (894320)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 SE;Microsoft Windows Millennium Edition"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security advisory explains a discovered vulnerability in Web View. Web View is the Windows Explorer preview pane, which is responsible for displaying information on some files once they are selected. Web View uses a .DLL file, WEBVW.DLL, which is a shell Web View content and control library. It can display information such as file name, file type, file size, last modification date, file attributes, file author, etc. Web View can be exploited due to the way it handles certain HTML characters. If a user previews a malicious file, the malicious code can be executed on the system. However, a certain malware cannot propagate on its own merely by exploiting this vulnerability, it still needs a user to click on the affected file in order to activate the code. Once exploited, this remote code execution vulnerability could allow a malicious user or a malware to take complete control of the affected system if the user is currently logged on with administrative privileges. The malicious user or malware can execute code on the system giving them the ability to install or run programs and view or edit data with full privileges. Thus, this vulnerability can also be used by the malware for replication purposes."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050023"/>
<P Name="VulnerabilityName" Value="MS05-023"/>
<P Name="CVEID" Value="CAN-2004-0963;CAN-2005-0558"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169)"/>
<P Name="AffectedSoftware" Value="Microsoft Office Word 2003;Microsoft Word 2000;Microsoft Word 2002;Microsoft Works Suite 2001;Microsoft Works Suite 2002;Microsoft Works Suite 2003;Microsoft Works Suite 2004"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves two newly-discovered vulnerabilities in Microsoft Word that could allow an attacker to run arbitrary code on a users system. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050022"/>
<P Name="VulnerabilityName" Value="MS05-022"/>
<P Name="CVEID" Value="CAN-2005-0562"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597)"/>
<P Name="AffectedSoftware" Value="MSN Messnger 6.2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A remote code execution vulnerability exists in MSN Messenger that could allow an attacker who successfully exploited this vulnerable to take complete control of the affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050021"/>
<P Name="VulnerabilityName" Value="MS05-021"/>
<P Name="CVEID" Value="CAN-2005-0560"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Exchange Server Could Allow Remote Code Execution (894549)"/>
<P Name="AffectedSoftware" Value="Microsoft Exchange 2000 Server Service Pack 3;Microsoft Exchange Server 2003;Microsoft Exchange Server 2003 Service Pack 1"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A remote code execution vulnerability exists in Microsoft Exchange Server that that could allow an attacker to connect to the SMTP port on an Exchange server and issue a specially-crafted command that could result in a denial of service or allow an attacker to run malicious programs of their choice in the security context of the SMTP service."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050020"/>
<P Name="VulnerabilityName" Value="MS05-020"/>
<P Name="CVEID" Value="CAN-2005-0553;CAN-2005-0554;CAN-2005-0555"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (890923)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 3;Microsoft Internet Explorer 5.01 Service Pack 4;Microsoft Internet Explorer 5.5 Service Pack 2;Microsoft Internet Explorer 6.0;Microsoft Internet Explorer 6.0 Service Pack 1;Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium);Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security bulletin resolves three newly-discovered, privately-reported vulnerabilities affecting Internet Explorer. If a user is logged on with administrative user rights, an attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050015"/>
<P Name="VulnerabilityName" Value="MS05-015"/>
<P Name="CVEID" Value="CAN-2005-0057"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium);Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A remote code execution vulnerability exists in the Hyperlink Object Library. This problem exists because of an unchecked buffer while handling hyperlinks. An attacker could exploit the vulnerability by constructing a malicious hyperlink which could potentially lead to remote code execution if a user clicks a malicious link within a Web site or e-mail message."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050014"/>
<P Name="VulnerabilityName" Value="MS05-014"/>
<P Name="CVEID" Value="CAN-2005-0053;CAN-2005-0054;CAN-2005-0055;CAN-2005-0056"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (867282)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 3;Microsoft Internet Explorer 5.01 Service Pack 4;Microsoft Internet Explorer 5.5 Service Pack 2;Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 64-Bit Edition);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003);Microsoft Internet Explorer 6.0 (Microsoft Windows XP 64-Bit Edition Service Pack 1);Microsoft Internet Explorer 6.0 (Microsoft Windows XP 64-Bit Edition Version 2003);Microsoft Internet Explorer 6.0 Service Pack 1;Microsoft Windows 2000 Server Service Pack 3;Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium);Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves known vulnerabilities affecting Internet Explorer. An attacker who successfully exploits these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050013"/>
<P Name="VulnerabilityName" Value="MS05-013"/>
<P Name="CVEID" Value="CAN-2004-1319"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (891781)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 3;Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium);Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability exists in the DHTML Editing Component ActiveX Control. This vulnerability could allow information disclosure or remote code execution on an affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050012"/>
<P Name="VulnerabilityName" Value="MS05-012"/>
<P Name="CVEID" Value="CAN-2005-0047;CAN-2005-0044"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)"/>
<P Name="AffectedSoftware" Value="Microsoft Exchange 2000 Server Service Pack 3;Microsoft Exchange Server 2003;Microsoft Exchange Server 2003 Service Pack 1;Microsoft Exchange Server 5.0 Service Pack 2;Microsoft Exchange Server 5.5 Service Pack 4;Microsoft Office 2003;Microsoft Office 2003 Service Pack 1;Microsoft Office XP;Microsoft Office XP Service Pack 2;Microsoft Office XP Service Pack 3;Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium);Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This privilege elevation vulnerability exists in the way that the affected operating systems and programs access memory when they process COM structured storage files. This vulnerability could grant a currently logged-on user to take complete control of the system.;This remote code execution vulnerability exists in OLE because of the way that it handles input validation. An attacker could exploit the vulnerability by constructing a malicious document that could potentially allow remote code execution."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050011"/>
<P Name="VulnerabilityName" Value="MS05-011"/>
<P Name="CVEID" Value="CAN-2005-0045"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium);Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This remote code execution vulnerability exists in Server Message Block (SMB). It allows an attacker who successfully exploits this vulnerability to take complete control of the affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050010"/>
<P Name="VulnerabilityName" Value="MS05-010"/>
<P Name="CVEID" Value="CAN-2005-0050"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in the License Logging Service Could Allow Code Execution (885834)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 3;Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This remote code execution vulnerability exists in License Logging service. An attacker who successfully exploits this vulnerability could take complete control of the affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050009"/>
<P Name="VulnerabilityName" Value="MS05-009"/>
<P Name="CVEID" Value="CAN-2004-1244;CAN-2004-0597"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)"/>
<P Name="AffectedSoftware" Value="Microsoft MSN Messenger 6.0;Microsoft MSN Messenger 6.1;Microsoft Windows 95;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Media Player 9 Series;Microsoft Windows Messenger version 5.0;Microsoft Windows Millennium Edition;Microsoft Windows Messenger version 4.7.0.2009;Microsoft Windows Messenger version 4.7.0.3000"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This remote code execution vulnerability exists in the processing of PNG image formats. An attacker who successfully exploits this vulnerability could take complete control of an affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050008"/>
<P Name="VulnerabilityName" Value="MS05-008"/>
<P Name="CVEID" Value="CAN-2005-0053"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium);Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This remote code execution vulnerability exists in the way Windows handles drag-and-drop events. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow an attacker to save a file on the user’s system if a user visited a malicious Web site or viewed a malicious e-mail message."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050007"/>
<P Name="VulnerabilityName" Value="MS05-007"/>
<P Name="CVEID" Value="CAN-2005-0051"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Could Allow Information Disclosure (888302)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This is an information disclosure vulnerability. An attacker who successfully exploits this vulnerability could remotely read the user names for users who have an open connection to an available shared resource."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050006"/>
<P Name="VulnerabilityName" Value="MS05-006"/>
<P Name="CVEID" Value="CAN-2005-0049"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks (887981)"/>
<P Name="AffectedSoftware" Value="Windows SharePoint Services for Windows Server 2003;SharePoint Team Services from Microsoft"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="A vulnerability exists in the affected software that could allow an attacker to entice a user to run a malicious script. When successfully exploited, the attacker is able to modify Web browser caches and intermediate proxy server caches, as well as spoof content into the said caches. An attacker may also be able to exploit the vulnerability to perform cross-site scripting attacks."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050005"/>
<P Name="VulnerabilityName" Value="MS05-005"/>
<P Name="CVEID" Value="CAN-2004-0848"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Office XP could allow Remote Code Execution (873352)"/>
<P Name="AffectedSoftware" Value="Microsoft Office XP Software Service Pack 2;Microsoft Office XP Software Service Pack 3;Microsoft Project 2002;Microsoft Visio 2002;Microsoft Word 2002;Microsoft Works Suite 2002;Microsoft Works Suite 2003;Microsoft Works Suite 2004"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This remote code execution vulnerability exists in Microsoft Office XP software. An attacker could exploit the vulnerability by enticing users to open a malicious file hosted in Internet Explorer. An attacker could also construct an email message that contains a link to the said file.;An attacker who successfully exploits this vulnerability could take complete control of an affected system."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050004"/>
<P Name="VulnerabilityName" Value="MS05-004"/>
<P Name="CVEID" Value="CAN-2004-0847"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="ASP.NET Path Validation Vulnerability (887219)"/>
<P Name="AffectedSoftware" Value="Microsoft .NET Framework 1.0;Microsoft .NET Framework 1.1"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="A vulnerability in ASP.NET allows an attacker to bypass the security of an ASP.NET Web site, and access a machine. The attacker gains unauthorized access to some areas of the said Web site, and is able to control it accordingly. The actions that the attacker could take would depend on the specific content being protected."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050003"/>
<P Name="VulnerabilityName" Value="MS05-003"/>
<P Name="CVEID" Value="CVE-2004-0897"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in the Indexing Service Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves a newly-discovered, privately reported vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full privileges. While remote code execution is possible, an attack would most likely result in a denial of service condition."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050002"/>
<P Name="VulnerabilityName" Value="MS05-002"/>
<P Name="CVEID" Value="CVE-2004-1305"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows 98;Microsoft Windows 98 Second Edition (SE);Microsoft Windows Millennium Edition (ME)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves several newly-discovered, privately reported and public vulnerabilities. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, install programs, view, change, or delete data, or create new accounts that have full privileges."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050001"/>
<P Name="VulnerabilityName" Value="MS05-001"/>
<P Name="CVEID" Value="CVE-2004-1043"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in HTML Help Could Allow Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves a newly-discovered, publicly reported vulnerability. A vulnerability exists in the HTML Help ActiveX control in Windows that could allow information disclosure or remote code execution on an affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040045"/>
<P Name="VulnerabilityName" Value="MS04-045"/>
<P Name="CVEID" Value="CAN-2004-0567;CAN-2004-1080"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in WINS Could Allow Remote Code Execution (870736)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Server Service Pack 3 and Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security advisory explains two discovered vulnerabilities in the Windows Internet Naming Service (WINS) component of the affected platforms. An attacker who successfully exploits any of the two vulnerabilities may take complete control of the affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040044"/>
<P Name="VulnerabilityName" Value="MS04-044"/>
<P Name="CVEID" Value="CAN-2004-0893;CAN-2004-0894"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security update addresses and resolves two windows vulnerabilites, both of which may enable the current user to take control of the affected system. Both of these vulnerabilites require that the curernt user be able to log on locally and execute programs. They cannot be exploited remotely, or by anonymous users. A privilege elevation vulnerability exists in the way that the Windows Kernel launches applications. This vulnerability could allow the current user to take complete control of the system. A privilege elevation vulnerability exists in the way that the LSASS validates identity tokens. This vulnerability could allow the current user to take complete control of the affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040043"/>
<P Name="VulnerabilityName" Value="MS04-043"/>
<P Name="CVEID" Value="CAN-2004-0568"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in HyperTerminal Could Allow Code Execution (873339)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A remote code execution vulnerability exists in HyperTerminal because of a buffer overrun. If a user is logged on with administrator privileges, an attacker could exploit the vulnerability by constructing a malicious HyperTerminal session file that could potentially allow remote code execution and then persuade a user to open this file. This malicious file may enable the attacker to gain complete control of the affected system. This vulnerability could also be exploited through a malicious Telnet URL if HyperTerminal had been set as the default Telnet client."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040042"/>
<P Name="VulnerabilityName" Value="MS04-042"/>
<P Name="CVEID" Value="CAN-2004-0900;CAN-2004-0899"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in DHCP Could Allow Remote Code Execution and Denial Of Service (885249)"/>
<P Name="AffectedSoftware" Value="Windows NT 4.0 Server Service Pack 6a;Windows NT 4.0 Server Terminal Server Edition SP6a"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security advisory presents the discovered vulnerabilities in the DHCP Server service component of affected platforms. An attacker who successfully exploits the most severe of these vulnerabilities could take complete control of the affected system. However, the most likely attack will be a denial of service (Dos) attack."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040041"/>
<P Name="VulnerabilityName" Value="MS04-041"/>
<P Name="CVEID" Value="CAN-2004-0571;CAN-2004-0901"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in WordPad Could Allow Code Execution (885836)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003 Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security advisory explains the two discovered vulnerabilities in Microsoft Word for Windows 6.0 Converter, which is used by WordPad in converting Word 6.0 to WordPad file format. Once exploited, this remote code execution vulnerability could allow a malicious user or a malware to take complete control of the affected system if the affected user is currently logged on with administrative privileges."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040040"/>
<P Name="VulnerabilityName" Value="MS04-040"/>
<P Name="CVEID" Value=""/>
<P Name="MalwareName" Value="JS_SHEXPLOIT.A;WORM_BOFRA.A;WORM_BOFRA.B;WORM_BOFRA.C;WORM_BOFRA.E"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (889293)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows 98;Microsoft Windows 98 Second Edition (SE);Microsoft Windows Millennium Edition (Me)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update addresses and resolves a vulnerability in Internet Explorer that could allow remote code execution. A Web page can be crafted to exploit this vulnerability such that an arbitrary application can be executed on visiting systems with the same priviledge as the currently logged on user."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040039"/>
<P Name="VulnerabilityName" Value="MS04-039"/>
<P Name="CVEID" Value="CAN-2004-0892"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (888258)"/>
<P Name="AffectedSoftware" Value="Microsoft Proxy Server 2.0;Microsoft Internet Security and Acceleration (ISA) Server 2000 Service Pack 1 and Microsoft ISA Server 2000 Service Pack 2;Microsoft Small Business Server 2000 (which includes Microsoft ISA Server 2000);Microsoft Small Business Server 2003 (which includes Microsoft ISA Server 2000)"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability lies in the way Internet Security and Acceleration (ISA) Server 2000 and Proxy Server 2.0 do a reverse Domain Name System (DNS) lookups. When exploited, this vulnerability allows an attacker to spoof trusted Web sites, which can trick users into believing that they are visiting trusted Web sites when in reality they are viewing malicious ones."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040037"/>
<P Name="VulnerabilityName" Value="MS04-037"/>
<P Name="CVEID" Value="CAN-2004-0214;CAN-2004-0572"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP and Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security bulletin focuses on the following vulnerabilities: Shell Vulnerability (CAN-2004-0214), and Program Group Converter Vulnerability (CAN-2004-0572). Shell vulnerability exists on the way Windows Shell launches applications that could enable remote malicious user or malware to execute arbitrary code. Windows Shell function does not properly check the length of the message before copying to the allocated buffer. Program Group Converter is an application used to convert Program Manager Group files that were produced in Windows 3.1, Windows 3.11, Windows for Workgroups 3.1, and Windows for Workgroups 3.11 so that they can still be used by later operating systems. The vulnerability lies in an unchecked buffer within the Group Converter Utility."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040036"/>
<P Name="VulnerabilityName" Value="MS04-036"/>
<P Name="CVEID" Value="CAN-2004-0574"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in NNTP Could Allow Remote Code Execution (883935)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows 2000 Server Service Pack 3 and Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Exchange 2000 Server Service Pack 3 (Uses the Windows 2000 NNTP component);Microsoft Exchange Server 2003 and Microsoft Exchange Server 2003 Service Pack 1 (Uses the Windows 2000 or Windows Server 2003 NNTP component);Microsoft Windows NT Server 4.0 Service Pack 6a NNTP component;icrosoft Windows 2000 Server Service Pack 3 NNTP component and Microsoft Windows 2000 Server Service Pack 4 NNTP component;Microsoft Windows Server 2003 NNTP Component;Microsoft Windows Server 2003 64-Bit Edition NNTP Component"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This code execution vulnerability exists within the Network News Transfer Protocol (NNTP) component of the affected operating systems. This vulnerability allows an attacker to take complete control of an affected system. An attacker who successfully exploits this vulnerability can install programs; view, change, or delete data; or create new accounts with full privileges."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040035"/>
<P Name="VulnerabilityName" Value="MS04-035"/>
<P Name="CVEID" Value="CAN-2004-0840"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in SMTP Could Allow Remote Code Execution (885881)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Exchange Server 2003 and Microsoft Exchange Server 2003 Service Pack 1 when installed on Microsoft Windows Server 2003 (uses the Windows 2003 SMTP component);Microsoft Exchange Server 2003 when installed on Microsoft Windows 2000 Service Pack 3 or Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP 64-Bit Edition Version 2003 SMTP component;Microsoft Windows Server 2003 SMTP component;Microsoft Windows Server 2003 64-Bit Edition SMTP component;Microsoft Exchange Server 2003 Routing Engine component"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This remote code execution vulnerability exists in the Simple Mail Transfer Protocol (SMTP) component provided as part of affected software. It allows an attacker to take complete control of an affected system. An attacker who successfully exploits this vulnerability can install programs; view, change, or delete data; or create new accounts with full privileges."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040034"/>
<P Name="VulnerabilityName" Value="MS04-034"/>
<P Name="CVEID" Value="CAN-2004-0575"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP and Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This is another privately reported vulnerability about Windows Compressed Folders. There is vulnerability on the way that Windows processes Compressed (Zipped) Folders that could lead to remote code execution. Windows can not properly handle the extraction of the ZIP folder with a very long file name. Opening a specially crafted compressed file, a stack-based overflow occurs, enabling the remote user to execute arbitrary code."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040033"/>
<P Name="VulnerabilityName" Value="MS04-033"/>
<P Name="CVEID" Value="CAN-2004-0846"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Excel Could Allow Remote Code Execution (886836)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Software Service Pack 3;Microsoft Office 2000 Service Pack 3 Software: Excel 2000;Microsoft Office XP Software Service Pack 2;Microsoft Office XP Software: Excel 2002;Microsoft Office 2001 for Mac;Microsoft Office 2001 for Mac: Excel 2001 for Mac;Microsoft Office v. X for Mac;Microsoft Office v. X for Mac: Excel v. X for Mac"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This remote code execution vulnerability exists in Microsoft Excel. It allows an attacker to take complete control of an affected system if a user us logged on with administrative privileges. An attacker who successfully exploits this vulnerability can install programs; view, change, or delete data; or create new accounts with full privileges."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040032"/>
<P Name="VulnerabilityName" Value="MS04-032"/>
<P Name="CVEID" Value="CAN-2004-0207;CAN-2004-0208;CAN-2004-0209;CAN-2004-0211"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Security Update for Microsoft Windows (840987)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP and Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This cumulative release from Microsoft covers four newly discovered vulnerabilities: Windows Management Vulnerability, Virtual DOS Machine Vulnerability, Graphics Rendering Engine Vulnerability, and Windows Kernel Vulnerability."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040028"/>
<P Name="VulnerabilityName" Value="MS04-028"/>
<P Name="CVEID" Value="CAN-2004-0200"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP and Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Project 2002 (All Versions);Microsoft Project 2003 (All Versions);Microsoft Visio 2002 (All Versions);Microsoft Visio 2003 (All Versions);Microsoft Office XP Service Pack 3;Microsoft Office System 2003;Visual Basic .NET Standard 2002;Visual C# .NET Standard 2002;Visual C++ .NET Standard 2002;Visual Basic .NET Standard 2003;Visual C# .NET Standard 2003;Visual C++ .NET Standard 2003;Visual J# .NET Standard 2003;Visual Studio .NET 2002;Visual Studio .NET 2003;Microsoft .NET Framework, Version 1.0 SDK;Microsoft Picture It! 2002 (All Versions);Microsoft Greetings 2002;Microsoft Picture It! version 7.0 (All Versions);Microsoft Digital Image Pro version 7.0;Microsoft Picture It! version 9 (All Versions, including Picture It! Library);Digital Image Pro version 9;Digital Image Suite version 9;Microsoft Producer for Microsoft Office PowerPoint (All Versions);Platform SDK Redistributable: GDI+"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability lies in the way the affected components process JPEG image files. An unchecked buffer within this process is the cause of the vulnerability.;This remote code execution vulnerability could allow a malicious user or a malware to take complete control of the affected system if the affected user is currently logged on with administrative privileges. The malicious user or malware can execute arbitrary code on the system giving them the ability to install or run programs and view or edit data with full privileges. Thus, this vulnerability can conceivably be used by a malware for replication purposes."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040031"/>
<P Name="VulnerabilityName" Value="MS04-031"/>
<P Name="CVEID" Value="CAN-2004-0206"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in NetDDE Could Allow Remote Code Execution (841533)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP and Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="An unchecked buffer exists in the NetDDE services that could allow remote code execution. An attacker who is able to successfully exploit this vulnerability is capable of gaining complete control over an affected system. However, the NetDDe services are not automatically executed, and so would then have to be manually started for an attacker to exploit this vulnerability. This vulnerability also allows attackers to perform a local elevation of privilege, or a remote denial of service (DoS) attack."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040030"/>
<P Name="VulnerabilityName" Value="MS04-030"/>
<P Name="CVEID" Value="CAN-2003-0718"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP and Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Internet Information Services 5.0;Internet Information Services 5.1;Internet Information Services 6.0"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability could cause WebDAV to use all available memory on an affected server and increase CPU processing time which could lead to a denial of service and would require the IIS service to be restarted in order to restore functionality."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040029"/>
<P Name="VulnerabilityName" Value="MS04-029"/>
<P Name="CVEID" Value="CAN-2004-0569"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability can cause the affected system to stop responding or possibly read the recent active portions of the memory."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20040027"/>
<P Name="VulnerabilityName" Value="MS04-027"/>
<P Name="CVEID" Value="CAN-2004-0573"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in WordPerfect Converter Could Allow Code Execution (884933)"/>
<P Name="AffectedSoftware" Value="Microsoft FrontPage 2000;Microsoft FrontPage 2002;Microsoft FrontPage 2003;Microsoft Office 2000;Microsoft Office 2003;Microsoft Office XP;Microsoft Publisher 2000;Microsoft Publisher 2002;Microsoft Publisher 2003;Microsoft Word 2000;Microsoft Word 2002;Microsoft Word 2003;Microsoft Works Suite 2001;Microsoft Works Suite 2002;Microsoft Works Suite 2003;Microsoft Works Suite 2004"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This remote code execution vulnerability could allow a malicious user or a malware to take complete control of the affected system if the affected user is currently logged on with administrative privileges. The malicious user or malware can execute code on the system giving them the ability to install or run programs and view or edit data with full privileges. Thus, this vulnerability can conceivably be used by a malware for replication purposes.;The vulnerability is caused by an unchecked buffer in the Microsoft Office WordPerfect Converter."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2004025"/>
<P Name="VulnerabilityName" Value="MS04-025"/>
<P Name="CVEID" Value="CAN-2004-0549;CAN-2004-0566;CAN-2003-1048"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (867801)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Workstation 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP and Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows 98;Microsoft Windows 98 Second Edition (SE);Microsoft Windows Millennium Edition (Me);Internet Explorer 5.01 Service Pack 2;Internet Explorer 5.01 Service Pack 3;Internet Explorer 5.01 Service Pack 4;Internet Explorer 5.5 Service Pack 2;Internet Explorer 6;Internet Explorer 6 Service Pack 1;Internet Explorer 6 Service Pack 1 (64-Bit Edition);Internet Explorer 6 for Windows Server 2003;Internet Explorer 6 for Windows Server 2003 (64-Bit Edition)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="The Navigation Method Cross-Domain Vulnerability is a remote execution vulnerability that exists in Internet Explorer because of the way that it handles navigation methods. An attacker could exploit this vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visits a malicious Web site.;The Malformed BMP File Buffer Overrun Vulnerability exists in the processing of BMP image file formats that could allow remote code execution on an affected system.;The Malformed GIF File Double Free Vulnerability is a buffer overrun vulnerability that exists in the processing of GIF image file formats that could allow remote code execution on an affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2004023"/>
<P Name="VulnerabilityName" Value="MS04-023"/>
<P Name="CVEID" Value="CAN-2003-1041;CAN-2004-0201"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in HTML Help Could Allow Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Workstation 4.0;Service Pack 6a;Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 2;Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP and Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows 98;Microsoft Windows 98 Second Edition (SE);Microsoft Windows Millennium Edition (ME)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="An attacker who successfully exploits this vulnerability could gain the same privileges as that of the currently logged on user. If the user is logged in with administrative privileges, the attacker could take complete control of the system. User accounts with fewer privileges are at less risk than users with administrative privileges."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2004022"/>
<P Name="VulnerabilityName" Value="MS04-022"/>
<P Name="CVEID" Value="CAN-2004-0212"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Task Scheduler Could Allow Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 2;Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP;Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Internet Explorer 6 when installed on Windows NT 4.0 SP6a"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability lies in an unchecked buffer within the Task Scheduler component. When exploited, it allows the attacker to execute arbitrary code on the affected machine with the same privileges as the currently logged on user."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2004015"/>
<P Name="VulnerabilityName" Value="MS04-015"/>
<P Name="CVEID" Value="CAN-2004-0199"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Help and Support Center Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP;Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability exists in the Help and Support Center (HCP) and is due to the way it handles HCP URL validation. This vulnerability could allow an attacker to remotely execute arbitrary code with Local System privileges."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2004013"/>
<P Name="VulnerabilityName" Value="MS04-013"/>
<P Name="CVEID" Value="CAN-2004-0380"/>
<P Name="MalwareName" Value="BKDR_ZGOO.A;HTML_JACKLER.A;HTML_MHTREDIR.B;HTML_MHTREDIR.C;HTML_MHTREDIR.D;HTML_REDIR.AC;HTML_REDIR.B;VBS_PSYME.E;WORM_WALLON.A"/>
<P Name="MalwareRiskRating" Value="Low;Very Low;Very Low;Low;Very Low;Very Low;Very Low;Very Low;Medium"/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Outlook Express (837009)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT® Workstation 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 2;Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP;Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows 98;Microsoft Windows 98 Second Edition (SE);Microsoft Windows Millennium Edition (ME);Microsoft Outlook Express 5.5 SP2;Microsoft Outlook Express 6;Microsoft Outlook Express 6 SP1;Microsoft Outlook Express 6 SP1 (64 bit Edition);Microsoft Outlook Express 6 on Windows Server 2003;Microsoft Outlook Express 6 on Windows Server 2003 (64 bit edition)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="The MHTML URL Processing Vulnerability allows remote attackers to bypass domain restrictions and execute arbitrary code via script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers.This could allow an attacker to take complete control of an affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2004012"/>
<P Name="VulnerabilityName" Value="MS04-012"/>
<P Name="CVEID" Value="CAN-2003-0813;CAN-2004-0116;CAN-2003-0807;CAN-2004-0124"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Update for Microsoft RPC/DCOM (828741)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT® Workstation 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 2;Microsoft Windows 2000 Service Pack 3;Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP and Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows 98;Microsoft Windows 98 Second Edition (SE);Microsoft Windows Millennium Edition (ME)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="The RPC Runtime Library vulnerability is a remote code execution vulnerability that results from a race condition when the RPC Runtime Library processes specially crafted messages. An attacker who successfully exploits this vulnerability could take complete control of an affected system.;The RPCSS Service denial of service (DoS) vulnerability allows a malicious user or malware to send specially-crafted messages to a vulnerable system, which causes the RPCSS Service to stop responding.;The RPC Over HTTP vulnerability may be used to launch a denial of service (DoS) attack against a system with CIS or RPC over HTTP Proxy enabled.;When successfully exploited, the Object Identity vulnerability allows an attacker to force currently running applications to open network communication ports, thereby opening a system to remote attacks."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2004004"/>
<P Name="VulnerabilityName" Value="MS04-004"/>
<P Name="CVEID" Value="CAN-2003-1025;CAN-2003-1026;CAN-2003-1027"/>
<P Name="MalwareName" Value="HTML_BAYFRAUD.B;HTML_GOLDFRAUD.A;HTML_PACHFRAUD.A;HTML_PAYPFRAUD.A;HTML_PAYPFRAUD.B;HTML_SWENFRAUD.A;HTML_VISAFRAUD.A;TROJ_STRTPAGE.FI"/>
<P Name="MalwareRiskRating" Value="Low;Low;Very Low;Low;Low;Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (832894)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Workstation 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition, Service Pack 6;Microsoft Windows 2000 Service Pack 2, Service Pack 3, Service Pack 4;Microsoft Windows XP, Microsoft Windows XP Service Pack 1;Microsoft Windows XP 64-Bit Edition, Microsoft Windows XP 64-Bit Edition Service Pack 1;Microsoft Windows XP 64-Bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003, 64-Bit Edition;Internet Explorer 6 Service Pack 1;Internet Explorer 6 Service Pack 1 (64-Bit Edition);Internet Explorer 6 for Windows Server 2003;Internet Explorer 6 for Windows Server 2003 (64-Bit Edition);Internet Explorer 6;Internet Explorer 5.5 Service Pack 2;Internet Explorer 5.01 Service Pack 4;Internet Explorer 5.01 Service Pack 3;Internet Explorer 5.01 Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability could allow an attacker to access information from other Web sites, access files on a user's system, and run arbitrary code on a user's system, wherein this is executed under the security context of the currently logged on user.;This vulnerability could allow an attacker to save a file on the user’s system. This is due to dynamic HTML events related to the drag-and-drop of Internet Explorer.;This vulnerability, which is due to the incorrect parsing of URLs which contain special characters, could allow an attacker to trick a user by presenting one URL in the address bar, wherein it actually contains the content of another web site of the attacker’s choice."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20030045"/>
<P Name="VulnerabilityName" Value="MS03-045"/>
<P Name="CVEID" Value="CAN-2003-0659"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Workstation 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Service Pack 6a;Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6;Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Gold, Service Pack 1;Microsoft Windows XP 64 bit Edition;Microsoft Windows XP 64 bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64 bit Edition"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability is due to a buffer overrun in the ListBox and ComboBox controls found in User32.dll. Any program that implements the ListBox control or the ComboBox control could allow arbitrary code to be executed at the same privilege level. This vulnerability cannot be exploited remotely."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20030043"/>
<P Name="VulnerabilityName" Value="MS03-043"/>
<P Name="CVEID" Value="CAN-2003-0717"/>
<P Name="MalwareName" Value="WORM_KIBUV.B"/>
<P Name="MalwareRiskRating" Value="Low"/>
<P Name="VulnerabilityTitle" Value="Buffer Overrun in Messenger Service Could Allow Code Execution (828035)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Workstation 4.0, Service Pack 6a;Microsoft Windows NT Server 4.0, Service Pack 6a;Microsoft Windows NT Server 4.0, Terminal Server Edition, Service Pack 6;Microsoft Windows 2000, Service Pack 2, Service Pack 3, Service Pack 4;Microsoft Windows XP Gold, Service Pack 1;Microsoft Windows XP 64-bit Edition;Microsoft Windows XP 64-bit Edition Version 2003;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-bit Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows a remote attacker to execute arbitrary code on the affected system. This is caused of a buffer overflow in the Messenger Service for Windows NT through Server 2003."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2003040"/>
<P Name="VulnerabilityName" Value="MS03-040"/>
<P Name="CVEID" Value="CAN-2003-0838;CAN-2003-0809"/>
<P Name="MalwareName" Value="BKDR_LIDUAN.A;HTML_ALPHX.A;HTML_ALPHX.C;HTML_ALPHX.E;HTML_BAGLE.Q-1;HTML_DELPLAYER.A;HTML_IWILL.D;HTML_LEGENDMIR.I;HTML_MINIT.A;HTML_OBJECTTAG.A;HTML_SNAPPER.A;PE_BAGLE.Q;PE_BAGLE.R;PE_BAGLE.S;PE_BAGLE.T;TROJ_MINIT.A;TROJ_QHOSTS.A;VBS_DELUD.A;VBS_SHOWPOP.A;WORM_ALPHX.A;WORM_NETSKY.V;WORM_SNAPPER.A"/>
<P Name="MalwareRiskRating" Value="Low;Very Low;Very Low;Very Low;Low;Low;Very Low;Low;Very Low;Very Low;Low;Medium;Low;Low;Low;Low;Low;Very Low;Very Low;Very Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Cumulative Patch for Internet Explorer (828750)"/>
<P Name="AffectedSoftware" Value="Internet Explorer 5.01;Internet Explorer 5.5;Internet Explorer 6.0;Internet Explorer 6.0 for Windows Server 2003"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="These vulnerabilities, which are due to Internet Explorer not properly determining an object type returned from a Web server in a popup window or during XML data binding, respectively, could allow an attacker to run arbitrary code on a user's system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2003039"/>
<P Name="VulnerabilityName" Value="MS03-039"/>
<P Name="CVEID" Value="CAN-2003-0715;CAN-2003-0528;CAN-2003-0605;CAN-2003-0813;CAN-2003-0995"/>
<P Name="MalwareName" Value="WORM_AGOBOT.AA;WORM_NEXIV.A"/>
<P Name="MalwareRiskRating" Value="Low;Low"/>
<P Name="VulnerabilityTitle" Value="Buffer Overrun In RPCSS Service Could Allow Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT Workstation 4.0;Microsoft Windows NT Server 4.0;Microsoft Windows NT Server 4.0, Terminal Server Edition;Microsoft Windows 2000;Microsoft Windows XP;Microsoft Windows Server 2003"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability could allow a remote attacker to execute arbitrary code via a malformed RPC request with a long filename parameter. This is caused by a heap-based buffer overflow found in the Distributed Component Object Model (DCOM) interface in the RPCSS Service.;This vulnerability could allow a remote attacker to cause a denial of service attack, which could allow local attackers to gain privileges via certain messages sent to the __RemoteGetClassObject interface.;This vulnerability could allow a remote attacker to execute arbitrary code via a malformed activation request packet with modified length fields. This is caused by a heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service.;This vulnerability could allow a remote attacker to cause a denial of service attack. This is caused by two threads processing the same RPC request, which will lead to its using memory after it has been freed.;This vulnerability could allow a remote attacker to cause a denial of service attack via a queue registration request. This is caused by a buffer overflow in the Microsoft Message Queue Manager."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2003030"/>
<P Name="VulnerabilityName" Value="MS03-030"/>
<P Name="CVEID" Value="CAN-2003-0346"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Unchecked Buffer in DirectX Could Enable System Compromise"/>
<P Name="AffectedSoftware" Value="Microsoft DirectX 5.2 on Windows 98;Microsoft DirectX 6.1 on Windows 98 SE;Microsoft DirectX 7.1 on Windows Millennium Edition;Microsoft DirectX 7.0 on Windows 2000;Microsoft DirectX 8.0, 8.0a, 8.1, 8.1a, and 8.1b when installed on Windows 98, Windows 98 SE, Windows Millennium Edition or Windows 2000;Microsoft DirectX 8.1 on Windows XP or Windows Server 2003;Microsoft DirectX 9.0a when installed on Windows 98, Windows 98 SE, Windows Millennium Edition (Windows Me), Windows 2000, Windows XP, or Windows Server 2003;Microsoft Windows NT 4.0 with either Windows Media Player 6.4 or Internet Explorer 6 Service Pack 1 installed;Microsoft Windows NT 4.0, Terminal Server Edition with either Windows Media Player 6.4 or Internet Explorer 6 Service Pack 1 installed"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to execute arbitrary code through a specially crafted MIDI file. This is caused by multiple buffer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL)."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2003023"/>
<P Name="VulnerabilityName" Value="MS03-023"/>
<P Name="CVEID" Value="CAN-2003-0469"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Buffer Overrun In HTML Converter Could Allow Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Me;Microsoft Windows NT 4.0 Server;Microsoft Windows NT 4.0 Terminal Server Edition;Microsoft Windows 2000;Microsoft Windows XP;Microsoft Windows Server 2003"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to cause a denial of service and execute arbitrary code through a specially formed web page or HTML e-mail. This is caused by a flaw in the way the HTML converter for Microsoft Windows handles a conversion request during a cut-and-paste operation."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2003018"/>
<P Name="VulnerabilityName" Value="MS03-018"/>
<P Name="CVEID" Value="CAN-2003-0223;CAN-2003-0224;CAN-2003-0225;CAN-2003-0226"/>
<P Name="MalwareName" Value="TROJ_PRINTOVER.A"/>
<P Name="MalwareRiskRating" Value="Very Low"/>
<P Name="VulnerabilityTitle" Value="Cumulative Patch for Internet Information Service (811114)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Information Server 4.0;Microsoft Internet Information Services 5.0;Microsoft Internet Information Services 5.1"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to embed a URL containing script in a redirection message.;This vulnerability enables an attacker to execute arbitrary code with system level privileges. This is caused by a buffer overflow in IIS 5.0.;This vulnerability enables a remote attacker to cause a denial of service attack to vulnerable IIS server(s) through an ASP page that will cause the server to use up large amount of memory.;This vulnerability enables a remote attacker to cause a denial of service attack when an overly long WebDAV request is sent to vulnerable IIS server."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2003014"/>
<P Name="VulnerabilityName" Value="MS03-014"/>
<P Name="CVEID" Value="CAN-2002-0980"/>
<P Name="MalwareName" Value="BKDR_LORRAC.A;JS_CBASE.EXP1;JS_SEFEX.A;WORM_BUGBEAR.C;WORM_CASPID.A;WORM_CASPID.B;WORM_DARBY.C;WORM_DARBY.D;WORM_LORAC.A;WORM_MIMAIL.A;WORM_MIMAIL.D"/>
<P Name="MalwareRiskRating" Value="Low;Very Low;Very Low;Low;Low;Low;Low;Low;Low;Medium;Low"/>
<P Name="VulnerabilityTitle" Value="Cumulative Patch for Outlook Express (330994)"/>
<P Name="AffectedSoftware" Value="Microsoft Outlook Express 5.5;Microsoft Outlook Express 6.0"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to execute any file that can be rendered as text, and be opened as part of a page in Internet Explorer."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2003001"/>
<P Name="VulnerabilityName" Value="MS03-001"/>
<P Name="CVEID" Value="CAN-2003-00"/>
<P Name="MalwareName" Value="AGOBOT FAMILY;WORM_GAOBOT.AC;WORM_MUMU.C;WORM_NACHI.B;WORM_NACHI.C;WORM_NACHI.D;WORM_NACHI.F;WORM_NACHI.G;WORM_NACHI.I;WORM_NACHI.K;WORM_RBOT.AA;WORM_RBOT.AB;WORM_RBOT.AF;WORM_RBOT.BZ;WORM_RBOT.R;WORM_RBOT.TW;WORM_RBOT.W;WORM_RBOT.WU;WORM_SDBOT.BV;WORM_SDBOT.DZ;WORM_SDBOT.FB;WORM_SDBOT.FC;WORM_SDBOT.FD;WORM_SDBOT.FE;WORM_SDBOT.FQ;WORM_SDBOT.G;WORM_SDBOT.GO;WORM_SDBOT.IG;WORM_SDBOT.IY;WORM_SDBOT.JG;WORM_SDBOT.JS;WORM_SDBOT.JY;WORM_SDBOT.K;WORM_SDBOT.KY;WORM_SDBOT.M;WORM_SDBOT.ZY;WORM_SPYBOT.AP;WORM_SPYBOTER.CY;WORM_SPYBOTER.CZ"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Unchecked Buffer in Locator Service Could Lead to Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT 4.0;Microsoft Windows NT 4.0, Terminal Server Edition;Microsoft Windows 2000;Microsoft Windows XP"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="This vulnerability enables local users to execute arbitrary code through an RPC call. This is caused by a buffer overflow in the RPC Locator service for Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2002072"/>
<P Name="VulnerabilityName" Value="MS02-072"/>
<P Name="CVEID" Value="CAN-2002-1327"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Unchecked Buffer in Windows Shell Could Enable System Compromise"/>
<P Name="AffectedSoftware" Value="Windows XP Home Edition;Windows XP Professional;Windows XP Tablet PC Edition;Windows XP Media Center Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to execute arbitrary code by creating an .MP3 or .WMA file that contains a corrupt custom attribute. This is caused by a buffer overflow in the Windows Shell function in Microsoft Windows XP."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2002065"/>
<P Name="VulnerabilityName" Value="MS02-065"/>
<P Name="CVEID" Value="CAN-2002-1142"/>
<P Name="MalwareName" Value="BKDR_WHISPER.A"/>
<P Name="MalwareRiskRating" Value="Low"/>
<P Name="VulnerabilityTitle" Value="Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Data Access Components (MDAC) 2.1;Microsoft Data Access Components (MDAC) 2.5;Microsoft Data Access Components (MDAC) 2.6;Microsoft Internet Explorer 5.01;Microsoft Internet Explorer 5.5;Microsoft Internet Explorer 6.0"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to execute code via a malformed HTTP request to the Data Stub when the heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0 is triggered."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2002045"/>
<P Name="VulnerabilityName" Value="MS02-045"/>
<P Name="CVEID" Value="CAN-2002-0724"/>
<P Name="MalwareName" Value="TROJ_SMBNUKE.A"/>
<P Name="MalwareRiskRating" Value="Very Low"/>
<P Name="VulnerabilityTitle" Value="Unchecked Buffer in Network Share Provider Can Lead to Denial of Service"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT 4.0 Workstation;Microsoft Windows NT 4.0 Server;Microsoft Windows NT 4.0 Server, Terminal Server Edition;Microsoft Windows 2000 Professional;Microsoft Windows 2000 Server;Microsoft Windows 2000 Advanced Server;Windows XP Professional"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows an attacker to cause a denial of service attack to a target server machine. This is caused by a buffer overflow in SMB protocol in Microsoft Windows NT, Windows 2000, and Windows XP."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2002039"/>
<P Name="VulnerabilityName" Value="MS02-039"/>
<P Name="CVEID" Value="CVE-2002-0650;CAN-2002-0649"/>
<P Name="MalwareName" Value="WORM_SQLP1434.A"/>
<P Name="MalwareRiskRating" Value="Medium"/>
<P Name="VulnerabilityTitle" Value="Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft SQL Server 2000;Microsoft Desktop Engine (MSDE) 2000"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="This vulnerability allows a remote attacker to cause a denial of service by sending a keep-alive packet to the UDP port 1434 (Resolution Service). This is caused by the keep-alive mechanism of Microsoft SQL Server 2000, wherein two systems could enter an infinite exchange of keep-alive packets, which will lead to slow down of these systems.;This vulnerability allows a remote attacker to execute code in the security context of the SQL Server service. This is caused by multiple buffer overflows in SQL Server 2000 Resolution Service."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2002024"/>
<P Name="VulnerabilityName" Value="MS02-024"/>
<P Name="CVEID" Value="CVE-2002-0367"/>
<P Name="MalwareName" Value="TROJ_DEPLOIT.A"/>
<P Name="MalwareRiskRating" Value="Low"/>
<P Name="VulnerabilityTitle" Value="Authentication Flaw in Windows Debugger can Lead to Elevated Privileges"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT 4.0;Microsoft Windows NT 4.0 Server, Terminal Server Edition;Microsoft Windows 2000"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows local users to gain system privileges by duplicating a handle to a privileged process. This is due to Windows NT and Windows 2000's debugging subsystem, which does not properly authenticate programs that connect to other programs."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2002020"/>
<P Name="VulnerabilityName" Value="MS02-020"/>
<P Name="CVEID" Value="CAN-2002-0154"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="SQL Extended Procedure Functions Contain Unchecked Buffers"/>
<P Name="AffectedSoftware" Value="Microsoft SQL Server 7.0;Microsoft SQL Server 2000"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to cause a denial of service or execute arbitrary code by sending a database query that contains certain long arguments. This is caused by a buffer overflow in the extended stored procedures for Microsoft SQL Server 7.0 and 2000."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2002018"/>
<P Name="VulnerabilityName" Value="MS02-018"/>
<P Name="CVEID" Value="CVE-2002-0079;CVE-2002-0147;CVE-2002-0150;CVE-2002-0149;CVE-2002-0071;CVE-2002-0072; CVE-2002-0073;CVE-2002-0074;CVE-2002-0148;CVE-2002-0075"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Patch for Internet Information Services (Q319733)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Information Server 4.0;Microsoft Internet Information Services 5.0;Microsoft Internet Information Services 5.1"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows an attacker to cause a denial of service or execute an arbitrary code when the buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages is triggered.;A remote attacker could cause a denial of service or execute code when the buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 is triggered.;A remote attacker could spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values when the buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 is triggered.;A remote attacker could cause a denial of service and possibly execute arbitrary code via long file names, when the buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 is triggered.;An attacker could cause a denial of service or execute arbitrary code via HTR requests with long variable names, when the buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 is triggered.;A remote attacker could cause a denial of service when the URL parser accesses a null pointer due to w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 not properly handling the error condition when a long URL is provided.;The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows the usage of specially crafted status request containing glob characters, which allows an attacker who have established an FTP session to perform a denial of service attack.;A vulnerability called cross-site scripting in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 could allow a remote attacker to embed scripts into another user's session.;"/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2002015"/>
<P Name="VulnerabilityName" Value="MS02-015"/>
<P Name="CVEID" Value="CVE-2002-0078;CAN-2002-0077"/>
<P Name="MalwareName" Value="BKDR_LORRAC.A;JS_CBASE.EXP1;JS_SEFEX.A;VBS_DAOL.A;WORM_CASPID.B;WORM_DARBY.C;WORM_DARBY.D;WORM_MIMAIL.A;WORM_MIMAIL.D"/>
<P Name="MalwareRiskRating" Value="Low;Very Low;Very Low;Low;Low;Low;Low;Medium;Low"/>
<P Name="VulnerabilityTitle" Value="28 March 2002 Cumulative Patch for Internet Explorer"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01;Microsoft Internet Explorer 5.5;Microsoft Internet Explorer 6.0"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to run scripts in the Local Computer zone. This is done via a script that is embedded in a cookie that would be saved to the user’s system.;This vulnerability enables a remote attacker to invoke an executable on the user’s system via an HTML web page that includes an object tag."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2002005"/>
<P Name="VulnerabilityName" Value="MS02-005"/>
<P Name="CVEID" Value="CVE-2002-0022;CVE-2002-0023;CVE-2002-0024;CVE-2002-0025;CVE-2002-0026;CVE-2002-0027; CVE-2002-0057"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="11 February 2002 Cumulative Patch for Internet Explorer"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01;Microsoft Internet Explorer 5.5;Microsoft Internet Explorer 6.0"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows a remote attacker to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated when buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 is triggered.;A remote attacker could read arbitrary files via malformed requests to the GetObject function because Internet Explorer 5.01, 5.5 and 6.0 bypass some of GetObject's security checks.;File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows the modification of the displayed name of the file through Content-Disposition and Content-Type HTML header fields, which could allow an attacker to trick a user into believing that a file is safe to download.;Because Internet Explorer 5.01, 5.5 and 6.0 does not properly handle the Content-Type HTML header field, a remote attacker is allowed to modify which application is used to process a document.;Internet Explorer 5.5 and 6.0 bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made, which could allow a remote attacker to compromise user system through the said vulnerability.;Internet Explorer 5.5 and 6.0 allows the reading of certain files and spoofing of the URL in the address bar through the Document.open function, which could allow a remote attacker to compromise user system through the said vulnerability.;This vulnerability allows a remote attacker to read arbitrary files by specifying a local file as an XML Data Source. This is caused by the XMLHTTP control found in Microsoft XML Core Services 2.6 and later not properly handling Internet Explorer Security Zone settings."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2001059"/>
<P Name="VulnerabilityName" Value="MS01-059"/>
<P Name="CVEID" Value="CVE-2001-0876;CVE-2001-0877"/>
<P Name="MalwareName" Value="WORM_AGOBOT.GH;WORM_AGOBOT.WR;WORM_KIBUV.B;WORM_SPYBOT.CG"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Unchecked Buffer in Universal Plug and Play can Lead to System Compromise"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 98;Microsoft Windows 98SE;Microsoft Windows ME;Microsoft Windows XP"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows a remote attacker to execute arbitrary code via a NOTIFY directive with a long Location URL when the buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP is triggered.;The Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP could allow a remote attacker to cause a denial of service via a spoofed SSDP advertisement or a spoofed SSDP announcement to broadcast or multicast addresses. The former could cause the client to connect to a service on another machine that generates a large amount of traffic, while the latter could cause all UPnP clients to send traffic to a single target system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2001058"/>
<P Name="VulnerabilityName" Value="MS01-058"/>
<P Name="CVEID" Value="CVE-2001-0727;CVE-2001-0874;CVE-2001-0875"/>
<P Name="MalwareName" Value="PHP_BOOSTAP.A"/>
<P Name="MalwareRiskRating" Value="Low"/>
<P Name="VulnerabilityTitle" Value="13 December 2001 Cumulative Patch for IE"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.5;Microsoft Internet Explorer 6.0"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to execute arbitrary codes on the user’s system. It is caused by Internet Explorer 6.0 believing that the file to be opened is safe to open without user confirmation, due to some changes made in the HTML header.;This vulnerability enables a remote attacker to read any file contained in the user’s system that could be opened through Internet Explorer 5.5 or 6.0.;This vulnerability enables a remote attacker to represent the file name in the File Download dialogue box of Internet Explorer 5.5 or 6.0 with a different name that could fool users into thinking that the said file is safe to download."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2001056"/>
<P Name="VulnerabilityName" Value="MS01-056"/>
<P Name="CVEID" Value="CVE-2001-0719"/>
<P Name="MalwareName" Value="ASF_MANYMIZE.A;WORM_MANYMIZE.A"/>
<P Name="MalwareRiskRating" Value="Low;Low"/>
<P Name="VulnerabilityTitle" Value="Windows Media Player .ASF Processor Contains Unchecked Buffer"/>
<P Name="AffectedSoftware" Value="Windows Media Player 6.4;Windows Media Player 7;Windows Media Player 7.1;Windows Media Player for Windows XP"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to execute arbitrary code through the use of a malformed Advanced Streaming Format (ASF) file. It is caused by a buffer overflow in Microsoft Windows Media Player 6.4."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2001044"/>
<P Name="VulnerabilityName" Value="MS01-044"/>
<P Name="CVEID" Value="CVE-2001-0545;CVE-2001-0508;CVE-2001-0544;CVE-2001-0506;CVE-2001-0507"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="15 August 2001 Cumulative Patch for IIS"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Information Server 4.0;Microsoft Internet Information Server 5.0"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to cause a denial of service through a malformed request that specifies a length that is different from the actual length.;This vulnerability enables a remote attacker to cause a denial of service through a very long, invalid WebDAV request.;This vulnerability enables local users to cause a denial of service via a request that contains an invalid MIME header.;This vulnerability enables an attacker to run a malicious code in Local System context due to a content placed onto a server that includes a malformed SSI directive. This is caused by a buffer overflow in SSINC.DLL in IIS 5.0 and IIS 4.0.;This vulnerability enables local users to gain privileges through a malicious file due to IIS 5.0 using relative paths to find system files that should always run in-process."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2001033"/>
<P Name="VulnerabilityName" Value="MS01-033"/>
<P Name="CVEID" Value="CVE-2001-0500"/>
<P Name="MalwareName" Value="BKDR_IISCRASH.B;CODERED.A;CODERED.B;CODERED.C;CODERED.D;CODERED.E;CODERED.F;HKTL_SNAKE.A"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low;Low;Medium;High;Low;Very Low"/>
<P Name="VulnerabilityTitle" Value="Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise"/>
<P Name="AffectedSoftware" Value="Microsoft Index Server 2.0;Indexing Service in Windows 2000"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to execute arbitrary commands on the vulnerable web server. This is caused by a buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier versions."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2001028"/>
<P Name="VulnerabilityName" Value="MS01-028"/>
<P Name="CVEID" Value="CVE-2001-0240"/>
<P Name="MalwareName" Value="W97M_GOGA.A"/>
<P Name="MalwareRiskRating" Value="Low"/>
<P Name="VulnerabilityTitle" Value="RTF Document Linked to Template Can Run Macros Without Warning"/>
<P Name="AffectedSoftware" Value="Microsoft Word 97;Microsoft Word 2000;Microsoft Word 98 (J);Microsoft Word 98 for the Mac;Microsoft Word 2001 for the Mac"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows attackers to execute macros without user warning. It is done by linking a Rich Text Format document to a template that contains an embedded macro."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2001023"/>
<P Name="VulnerabilityName" Value="MS01-023"/>
<P Name="CVEID" Value="CVE-2001-0241"/>
<P Name="MalwareName" Value="ELF_REMPRINT.A;PERL_PBOEXPLO.A;TROJ_IISHACK.C"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Unchecked Buffer in ISAPI Extension Could Enable Compromise of IIS 5.0 Server"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Professional;Microsoft Windows 2000 Server;Microsoft Windows 2000 Advanced Server;Microsoft Windows 2000 Datacenter Server"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows a remote attacker to gain root privileges via a long print request sent through IIS 5.0. It is caused by a buffer overflow in Internet Printing ISAPI extension in Windows 2000."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2001020"/>
<P Name="VulnerabilityName" Value="MS01-020"/>
<P Name="CVEID" Value="CVE-2001-0154"/>
<P Name="MalwareName" Value="HKTL_TWOMAIL.A;HTML_HOLAR.A;HTML_NETSKY.P;JS_FORTNIGHT.B;PE_BOOSTAP.A;PE_BUGBEAR.B;PE_CHIR.B;PE_CHITON.F;PE_GANDA.A;PE_NIMDA.A;PE_NIMDA.B;PE_NIMDA.C;PE_NIMDA.D;PE_NIMDA.E;PE_NIMDA.F;PE_NIMDA.G;PE_PURON.A;PE_TOAL.A;TROJ_OUTGLUCK.A;TROJ_SPLOITER.10;TROJ_UPLOADER.D;WORM_ALIZ.A;WORM_ARRET.A;WORM_BADTRANS.B;WORM_BOOSTAP.A;;WORM_BRAID.A;WORM_BRAID.B;WORM_BUGBEAR.A;WORM_CHIR.A;WORM_CONE.B;WORM_FEVER.B;WORM_FRETHEM.E;WORM_FRETHEM.H;WORM_FRETHEM.I;WORM_FRETHEM.J;WORM_FRETHEM.K;WORM_FRETHEM.L;WORM_FRETHEM.M;WORM_FRETHEM.N;WORM_FRETHEM.O;WORM_GOP.A;WORM_GOP.B;WORM_GOP.E;WORM_GUNSAN.A;WORM_IXAS.A;WORM_JERMY.A;WORM_JERMY.B;WORM_JERMY.C;WORM_KLEZ.A;WORM_KLEZ.C;WORM_KLEZ.D;WORM_KLEZ.E;WORM_KLEZ.F;WORM_KLEZ.G;WORM_KLEZ.H;WORM_KLEZ.I;WORM_LIAMED.A;WORM_LIRVA.A;WORM_LIRVA.B;WORM_LIRVA.C;WORM_LOHACK.B;WORM_LOHACK.C;WORM_LOHACK.E;WORM_MANYMIZE.A;WORM_NETSKY.P;WORM_NETSKY.Q;WORM_NETSKY.R;WORM_SHOHO.A;WORM_SHOHO.B;WORM_SHOHO.C;WORM_SHOHO.D;WORM_SWEN.A;WORM_WINEVAR.A;WORM_YAHA.G;WORM_YAHA.X;WORM_ZOHER.A"/>
<P Name="MalwareRiskRating" Value="Low;Low;Very Low;Very Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Medium;Low;Low;Low;Low;Low;Low;Very Low;Low;Low;Low;Low;Low;Low;Medium;Low;Low;Low;Low;Low;Low;Low;Low;Very Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Medium;Low;Low;Medium;Low;Medium;Low;Low;Low;Low;Medium;Medium;Low;Low;Low;Low;Low;Low;Low;Medium;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Incorrect MIME Header Can Cause IE to Execute E-mail Attachment"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01;Microsoft Internet Explorer 5.5"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="This vulnerability enables attackers to launch an attachment automatically by making use of an unusual MIME type that IE handles incorrectly."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2000078"/>
<P Name="VulnerabilityName" Value="MS00-078"/>
<P Name="CVEID" Value="CVE-2000-0884"/>
<P Name="MalwareName" Value="BKDR_KTBOT.A;ELF_SADMIND.A;JAVA_STORM.A;PE_NIMDA.A;PE_NIMDA.B;PE_NIMDA.C;PE_NIMDA.D;PE_NIMDA.E;PE_NIMDA.F;PE_NIMDA.G;PERL_SADMIND.A;VBS_BLUECODE.A;WORM_BLUECODE.A"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low;Low;Low;Low;Low;Medium;Low;Low;Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Web Server Folder Traversal"/>
<P Name="AffectedSoftware" Value="Microsoft IIS 4.0;Microsoft IIS 5.0"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to read documents contained outdside the web root and execute arbitrary commands through malformed URLs that contain UNICODE encoded characters."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2000075"/>
<P Name="VulnerabilityName" Value="MS00-075"/>
<P Name="CVEID" Value="CVE-2000-1061"/>
<P Name="MalwareName" Value="BKDR_ZOBORON.A;BKDR_ZOBORON.DAM;HTML_GODWILL.A;HTML_ZOBORON.A;JAVA_GODWILL.A;JS_APPACTXCOMP.A;JS_EXCEPTION.GEN;JS_EXCEPTION.T;JS_EXPLOIT.C;JS_IESTART.B;JS_ILLWILL.A;JS_MYCSS.A;JS_NETDEX.A;JS_OFFNSV.B;JS_SEEKER.AA;VBS_CHALLENGE.B;VBS_NEMITE.A;VBS_REDLOF.A;VBS_REDLOF.C;WORM_WINEVAR.A"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low;Low;Low;Low;Low;Very Low;Low;Low;Low;Very Low;Low;Low;Low;Low;Medium;Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Microsoft VM ActiveX Component Vulnerability"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 4.x;Microsoft Internet Explorer 5.x"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to execute arbitrary commands via a malicious web page or e-mail. This is caused by the Microsoft Virtual Machine allowing the security settings of Internet Explorer to be bypassed."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2000072"/>
<P Name="VulnerabilityName" Value="MS00-072"/>
<P Name="CVEID" Value="CVE-2000-0979"/>
<P Name="MalwareName" Value="WORM_OPASERV.A;WORM_OPASERV.AI;WORM_OPASERV.B;WORM_OPASERV.C;WORM_OPASERV.D;WORM_OPASERV.E;WORM_OPASERV.F;WORM_OPASERV.G;WORM_OPASERV.H;WORM_OPASERV.I;WORM_OPASERV.J;WORM_OPASERV.K;WORM_OPASERV.L;WORM_OPASERV.M;WORM_OPASERV.N;WORM_OPASERV.O;WORM_OPASERV.P;WORM_OPASERV.Q;;WORM_OPASERV.R;WORM_OPASERV.S;WORM_OPASERV.T;WORM_OPASERV.Y;WORM_OPASERV.Z"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low;Very Low;Low;Low;Low;Low;Low;Low;Very Low;Low;Low;Low;Low;Low;Very Low;Low;Low;Low;Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Share Level Password Vulnerability"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 95;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Me"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="This vulnerability enables a remote attacker to access a Windows 9x/ME shared file without having to know the entire password assigned to that share, since just by sending a 1-byte password that matches the first character of the real password could allow access to that share."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2000052"/>
<P Name="VulnerabilityName" Value="MS00-052"/>
<P Name="CVEID" Value="CVE-2000-0663"/>
<P Name="MalwareName" Value="CODERED.C;CODERED.D;CODERED.F;TROJ_CODERED.C"/>
<P Name="MalwareRiskRating" Value="Low;Medium;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Relative Shell Path Vulnerability"/>
<P Name="AffectedSoftware" Value="Microsoft Windows NT 4.0 Workstation;Microsoft Windows NT 4.0 Server;Microsoft Windows NT 4.0 Server, Enterprise Edition;Microsoft Windows NT 4.0 Server, Terminal Server Edition;Microsoft Windows 2000 Professional;Microsoft Windows 2000 Server;Microsoft Windows 2000 Advanced Server"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="This vulnerability allows a Trojan dropped as Explorer.exe to execute first than the legitimate file of the same name in the Windows folder."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2000034"/>
<P Name="VulnerabilityName" Value="MS00-034"/>
<P Name="CVEID" Value="CVE-2000-0419"/>
<P Name="MalwareName" Value="VBS_DAVINIA.A"/>
<P Name="MalwareRiskRating" Value="Low"/>
<P Name="VulnerabilityTitle" Value="Office 2000 UA Control Vulnerability"/>
<P Name="AffectedSoftware" Value="Word 2000;Excel 2000;Powerpoint 2000;Access 2000;Photodraw 2000;FrontPage 2000;Project 2000;Publisher 2000;Outlook 2000;Works 2000 Suite"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows a remote attacker to conduct unauthorized activities via the Show Me function in Office Help, since Office 2000 UA ActiveX Control is marked as safe for scripting."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="2000017"/>
<P Name="VulnerabilityName" Value="MS00-017"/>
<P Name="CVEID" Value="CVE-2000-0168"/>
<P Name="MalwareName" Value="VBS_BUGREGCON.A"/>
<P Name="MalwareRiskRating" Value="Low"/>
<P Name="VulnerabilityTitle" Value="DOS Device in Path Name Vulnerability"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 95;Microsoft Windows 98;Microsoft Windows 98 Second Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability could allow an attacker to cause a denial of service via a pathname that includes file device names."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="1999034"/>
<P Name="VulnerabilityName" Value="MS99-034"/>
<P Name="CVEID" Value="CVE-1999-0918"/>
<P Name="MalwareName" Value="DDOS_INFERNO.A;DDOS_SCRAWAKED.A;TROJ_IGMP20.A"/>
<P Name="MalwareRiskRating" Value="Low;Low;Very Low"/>
<P Name="VulnerabilityTitle" Value="Fragmented IGMP Packet Vulnerability"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 95;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows NT Workstation 4.0;Microsoft Windows NT Server 4.0;Microsoft Windows NT Server 4.0, Enterprise Edition;Microsoft Windows NT Server 4.0, Terminal Server Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows an attacker to cause a denial of service attack by sending malformed, fragmented IGMP packets."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="1999032"/>
<P Name="VulnerabilityName" Value="MS99-032"/>
<P Name="CVEID" Value="CVE-1999-0668;CAN-1999-0669;CAN-1999-0670"/>
<P Name="MalwareName" Value="JS_GODFATHER.A;JS_KAKWORM.A;JS_RUNSCRIPT.I;JS_WIPE.A;VBS_CUERPO.A"/>
<P Name="MalwareRiskRating" Value="Low;Very Low;Low;Very Low;Low"/>
<P Name="VulnerabilityTitle" Value="scriptlet.typelib/Eyedog Vulnerability"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 4.0;Microsoft Internet Explorer 5.0"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="There are three vulnerabilities associated with this, wherein all three could allow a remote attacker to execute arbitrary commands. Two of these flaws are due to certain ActiveX controls (scriptlet.typelib and Eyedog) marked for “safe for scripting” for Internet Explorer, while the third one is due to a buffer overflow in the Eyedog ActiveX control."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
<MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050050"/>
<P Name="VulnerabilityName" Value="MS05-050"/>
<P Name="CVEID" Value="CAN-2005-2128 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in DirectShow Could Allow Remote Code Execution "/>
<P Name="AffectedSoftware" Value="Microsoft DirectX 7.0 (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 8.0 (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 8.0a (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 8.1 (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 8.1 (Microsoft Windows Server 2003 for Itanium-based Systems) ;Microsoft DirectX 8.1 (Microsoft Windows Server 2003 Service Pack 1);Microsoft DirectX 8.1 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft DirectX 8.1 (Microsoft Windows Server 2003 x64 Edition);Microsoft DirectX 8.1 (Microsoft Windows Server 2003);Microsoft DirectX 8.1 (Microsoft Windows XP Professional x64 Edition);Microsoft DirectX 8.1 (Microsoft Windows XP Service Pack 1);Microsoft DirectX 8.1 (Microsoft Windows XP Service Pack 2);Microsoft DirectX 8.1a (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 8.1b (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 8.2 (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 9.0 (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 9.0 (Microsoft Windows Server 2003);Microsoft DirectX 9.0 (Microsoft Windows XP Service Pack 1);Microsoft DirectX 9.0a (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 9.0a (Microsoft Windows Server 2003);Microsoft DirectX 9.0a (Microsoft Windows XP Service Pack 1);Microsoft DirectX 9.0b (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 9.0b (Microsoft Windows Server 2003);Microsoft DirectX 9.0b (Microsoft Windows XP Service Pack 1);Microsoft DirectX 9.0c (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 9.0c (Microsoft Windows Server 2003);Microsoft DirectX 9.0c (Microsoft Windows XP Service Pack 1);Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This remote code execution vulnerability exists in DirectShow. It could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. If a user is logged on with administrative user rights, an attacker who successfully exploits this vulnerability could take complete control of an affected system. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050051"/>
<P Name="VulnerabilityName" Value="MS05-051"/>
<P Name="CVEID" Value="CAN-2005-1978;CAN-2005-1979;CAN-2005-1980;CAN-2005-2119"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This cumulative release covers four vulnerabilities: MSDTC vulnerability, COM+ vulnerability, TIP vulnerability, and Distributed TIP vulnerability. An attacker who successfully exploits the most severe of these vulnerabilities could take complete control of an affected system. The said attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050052"/>
<P Name="VulnerabilityName" Value="MS05-052"/>
<P Name="CVEID" Value="CAN-2005-2127"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 5.5 Service Pack 2 (Microsoft Windows Millennium Edition);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003);Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows XP Service Pack 2);Microsoft Internet Explorer 6 (Windows Server 2003 for Itanium-based Systems);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 98 Second Edition);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 98);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows Millennium Edition);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows XP Service Pack 1)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability exists in Microsoft DDS Library Shape Control (MSDDS.DLL) and other COM objects, which, when instantiated in Internet Explorer, could allow an attacker to take complete control of an affected system. If a user is logged on with administrative user rights, an attacker who successfully exploits this vulnerability could take complete control of an affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050053"/>
<P Name="VulnerabilityName" Value="MS05-053"/>
<P Name="CVEID" Value="CAN-2005-2123;CAN-2005-2124;CAN-2005-0803"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This advisory covers the Graphics Rendering Engine vulnerability and Windows Metafile vulnerability, both of which could allow remote code execution. It also covers the Enhanced Metafile vulnerability, which allows any program that renders EMF images to be vulnerable to denial of service attacks."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
	<MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050054"/>
<P Name="VulnerabilityName" Value="MS05-054"/>
<P Name="CVEID" Value="CAN-2005-2829;CAN-2005-2830;CAN-2005-2831;CAN-2005-1790"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (905915)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1 ;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems ;Microsoft Windows Server 2003 with Service Pack 1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition family;Microsoft Windows 98;Microsoft Windows 98 Second Edition (SE);Microsoft Windows Millennium Edition (ME)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves four vulnerabilites: File Download Dialog Box vulnerability, HTTPS Proxy vulnerability, COM Object Instantiation Memory Corruption vulnerability, and Mismatched Document Object Model Objects Memory Corruption vulnerability. It replaces the MS05-052 security update. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050055"/>
<P Name="VulnerabilityName" Value="MS05-055"/>
<P Name="CVEID" Value="CAN-2005-2827"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security advisory resolves a vulnerability in the Windows kernel that enables attackers to have full control on the affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050049"/>
<P Name="VulnerabilityName" Value="MS05-049"/>
<P Name="CVEID" Value="CAN-2005-2122;CAN-2005-2118;CAN-2005-2117"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Windows Shell Could Allow Remote Code Execution "/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003 x64 Edition ;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 Service Pack 1"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This release covers the Shell vulnerability and the Web View Script Injection vulnerability. If a user logs on with administrative rights, an attacker could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. ."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050046"/>
<P Name="VulnerabilityName" Value="MS05-046"/>
<P Name="CVEID" Value="CAN-2005-1985"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability exists in the Client Service for NetWare (CSNW). When successfully exploited, this vulnerability allows an attacker to take full control of an affected system, enabling the said attacker to install programs, change data, or create new accounts with full user rights on the affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050047"/>
<P Name="VulnerabilityName" Value="MS05-047"/>
<P Name="CVEID" Value="CAN-2005-2120"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability, which exists in Plug and Play (PnP), could allow an authenticated attacker to take complete control of the affected system. An attacker could then install programs: view, change, or delete data; or create new accounts with full user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050048"/>
<P Name="VulnerabilityName" Value="MS05-048"/>
<P Name="CVEID" Value="CAN-2005-1987"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution "/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems ;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems ;Microsoft Windows Server 2003 x64 Edition ;Microsoft Exchange 2000 Server Service Pack 3 with the Exchange 2000 Post-Service Pack 3 Update Rollup of August 2004"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="Attackers, who successfully exploited this vulnerability, takes complete control of an affected system. They could install programs; view, change, or delete data; or create new accounts with full user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050044"/>
<P Name="VulnerabilityName" Value="MS05-044"/>
<P Name="CVEID" Value="CAN-2005-2126"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering "/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP Service Pack 1;Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 for Itanium-based Systems ;Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4) "/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="This tampering vulnerability exists because the Windows FTP client does not properly validate file names that are received from FTP servers. This vulnerability may be exploited when an attacker hosts a file using a specially crafted file name on an FTP server. This file bypasses the file name validation of the Windows FTP client. It allows an attacker to modify the intended destination location for a file transfer when a client has manually chosen to transfer a file using FTP."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20050045"/>
<P Name="VulnerabilityName" Value="MS05-045"/>
<P Name="CVEID" Value="CAN-2005-2307"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Network Connection Manager Could Allow Denial of Service"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="An unchecked buffer in the Network Connection Manager could cause the component responsible for managing network and remote access connections to stop responding. If the affected component is stopped due to an attack, it will automatically restart when new requests are received."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060001"/>
<P Name="VulnerabilityName" Value="MS06-001"/>
<P Name="CVEID" Value="CAN-2005-4560"/>
<P Name="MalwareName" Value="EXPL_WMF.GEN;TROJ_NASCENE.A;TROJ_NASCENE.B;TROJ_NASCENE.BQ;TROJ_NASCENE.C;TROJ_NASCENE.D;TROJ_NASCENE.E;TROJ_NASCENE.F;TROJ_NASCENE.G;TROJ_NASCENE.GEN;TROJ_NASCENE.H;TROJ_NASCENE.I;TROJ_NASCENE.J;TROJ_NASCENE.K;TROJ_NASCENE.L;TROJ_NASCENE.M;TROJ_NASCENE.O;TROJ_NASCENE.Q;TROJ_NASCENE.R;TROJ_NASCENE.S;TROJ_NASCENE.T;TROJ_NASCENE.V;TROJ_NASCENE.W;TROJ_NASCENE.X;TROJ_WMFCRASH.A"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows 98;Microsoft Windows 98 Second Edition (SE);Microsoft Windows Millennium Edition (ME)"/>
<P Name="RiskRating" Value="Highly Critical"/>
<P Name="Description" Value="This security advisory resolves a newly discovered vulnerability because the modifications that are required to address the said issues are located in related files: 1) The Graphics Rendering Engine has a vulnerability that could allow remote code execution because of the way it handles Windows Metafile (WMF) images; 2) The Windows Metafile Vulnerability allows an attacker could cause malicious code to run in the security context of the locally logged on user through a specially crafted metafile image. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060002"/>
<P Name="VulnerabilityName" Value="MS06-002"/>
<P Name="CVEID" Value="CVE-2006-0010"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (908519)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves a privately reported vulnerability in embedded web fonts.  The Embedded Web Font vulnerability exists in Windows because of the way it handles malformed embedded Web fonts. Font embedding is a technology built into Microsoft Internet Explorer versions 4 and higher. This allows the fonts used in a specific document to travel with that document ensuring that what the users see is the exact format the designer intended for them to see. The vulnerability allows remote execution of arbitrary codes. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060003"/>
<P Name="VulnerabilityName" Value="MS06-003"/>
<P Name="CVEID" Value="CVE-2006-0002"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution (902412)"/>
<P Name="AffectedSoftware" Value="Microsoft Exchange 2000 Server Service Pack 3;Microsoft Exchange Server 5.0 Service Pack 2;Microsoft Exchange Server 5.5 Service Pack 4;Microsoft Office 2000;Microsoft Office 2000 Service Pack 3;Microsoft Office 2003;Microsoft Office 2003 Service Pack 1;Microsoft Office XP;Microsoft Office XP Service Pack 3;Microsoft Outlook 2000;Microsoft Outlook 2002"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves a newly-discovered, privately-reported vulnerability that can allow a remote malicious user to run arbitrary codes on an affected system.  A vulnerability that exists in Microsoft Outlook and Microsoft Exchange Server allows remote code execution because of the way they decode the Transport Neutral Encapsulation Format (TNEF) in the MIME attachment. "/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060004"/>
<P Name="VulnerabilityName" Value="MS06-004"/>
<P Name="CVEID" Value="CVE-2006-0020"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (910620)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 
;Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4) "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="The vulnerability exists because a system memory may be corrupted when a Web page being displayed by Internet Explorer contains a specially-crafted Windows Metafile (WMF) image, thus allowing an attacker to execute arbitrary code. Exploitation is also possible upon opening the image file as an email attachment."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060005"/>
<P Name="VulnerabilityName" Value="MS06-005"/>
<P Name="CVEID" Value="CVE-2006-0006"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 98;Microsoft Windows 98 Second Edition ;Microsoft Windows Media Player 10 (Windows XP Service Pack 1) ;Microsoft Windows Media Player 10 (Windows XP Service Pack 2) 
;Microsoft Windows Media Player 7.1 (Windows 2000 Service Pack 4) ;Microsoft Windows Media Player 9 (Windows 2000 Service Pack 4);Microsoft Windows Media Player 9 (Windows XP Service Pack 1);Microsoft Windows Millennium Edition ;Windows Media Player 9 (Microsoft Windows Server 2003) ;Windows Media Player 9 (Microsoft Windows XP Service Pack 2) 
;Windows Media Player for XP (Microsoft Windows XP Service Pack 1) "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="The Windows Media Player vulnerability exists because of the way it processes .BMP files. An attacker or a malware program could exploit this vulnerability by executing arbitrary codes based on the privilege of the currently logged on user. Once exploited, the attacker may take full control of the affected computer."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060006"/>
<P Name="VulnerabilityName" Value="MS06-006"/>
<P Name="CVEID" Value="CVE-2006-0005 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition ;Microsoft Windows XP Service Pack 1 ;Microsoft Windows XP Service Pack 2 "/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="The Windows Media Player plug-in allows users to stream media through a non-Microsoft Internet browser. A remote code execution vulnerability exists in the said plug-in because of the way it handles a malformed EMBED element. The vulnerability may be exploited when an attacker creates a malicious EMBED element that may potentially allow remote code execution once a user visits a malicious Web site."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060007"/>
<P Name="VulnerabilityName" Value="MS06-007"/>
<P Name="CVEID" Value="CVE-2006-0021"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in TCP/IP Could Allow Denial of Service (913446)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 
;Microsoft Windows Server 2003 for Itanium-based Systems ;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1 ;Microsoft Windows XP Service Pack 2 "/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="The vulnerability exists because the affected messages are not being ignored in certain cases that allow an attacker to send a malformed packet that may cause the affected system to stop responding. An attacker could exploit this vulnerability by sending a specially-crafted IGMP packet to an affected system, causing a target system to stop responding. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060008"/>
<P Name="VulnerabilityName" Value="MS06-008"/>
<P Name="CVEID" Value="CVE-2006-0013 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Web Client Service Could Allow Remote Code Execution (911927)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 for Itanium-based Systems ;Microsoft Windows Server 2003 Service Pack 1 ;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems ;Microsoft Windows Server 2003 x64 Edition ;Microsoft Windows XP Professional x64 Edition ;Microsoft Windows XP Service Pack 1 
;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="The Web Client service allows applications to access documents on the Internet. It is vulnerable due to the way it validates the length of a message before it passes the message to the allocated buffer. To exploit the said vulnerability, an attacker must have valid logon credentials since the vulnerability could not be exploited by anonymous users. Even though the Web Client service is used to support the WebDAV protocol over the Internet, an authenticated attacker must perform the steps that are required to attempt to exploit this issue. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060009"/>
<P Name="VulnerabilityName" Value="MS06-009"/>
<P Name="CVEID" Value="CVE-2006-0008 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2003 Multilingual User Interface Packs ;Microsoft Office 2003 Proofing Tools 
;Microsoft Office 2003 Service Pack 1;Microsoft Office 2003 Service Pack 2;Microsoft Office OneNote 2003;Microsoft Office Project 2003;Microsoft Office Project 2003 Multilingual User Interface Packs;Microsoft Office Visio 2003 ;Microsoft Office Visio 2003 Multilingual User Interface Packs;Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1 ;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Service Pack 1 ;Microsoft Windows XP Service Pack 2 "/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="An IME is a program that allows computer users to enter complex characters and symbols, such as Korean characters, using a standard keyboard. A vulnerability exists because the IME for Korean language inappropriately exposes functionality that runs in the LocalSystem context. "/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060010"/>
<P Name="VulnerabilityName" Value="MS06-010"/>
<P Name="CVEID" Value="CVE-2006-0004 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in PowerPoint 2000 Could Allow Information Disclosure (889167)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3 ;Microsoft Powerpoint 2000 "/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability exists in Microsoft PowerPoint and Internet Explorer because of the way PowerPoint renders HTML data. Once exploited, this vulnerability allows remote user to gain access to data stored in the Temporary Internet Files folder. The said action allows the attacker to obtain useful information to further compromise the vulnerable system. "/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060011"/>
<P Name="VulnerabilityName" Value="MS06-011"/>
<P Name="CVEID" Value="CVE-2006-0023"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP Service Pack 1"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="A malicious user who successfully takes advantage of this vulnerability could take complete control of the vulnerable system. Once in control, the malicious user can install programs; view, change, or delete data; or create new accounts with full user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060012"/>
<P Name="VulnerabilityName" Value="MS06-012"/>
<P Name="CVEID" Value="CVE-2005-4131;CVE-2006-0028;CVE-2006-0029;CVE-2006-0030;CVE-2006-0031;CVE-2006-0009"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (905413)"/>
<P Name="AffectedSoftware" Value="Microsoft Excel 2000 ;Microsoft Excel 2002;Microsoft Excel 2003;Microsoft Excel 2003 Viewer;Microsoft Excel 2004 for Mac;Microsoft Excel X for Mac;Microsoft Office 2000 Multilingual User Interface Packs;Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 1;Microsoft Office 2003 Service Pack 2;Microsoft Office 2004 for Mac;Microsoft Office X for Mac;Microsoft Office XP Multilingual User Interface Packs;Microsoft Office XP Service Pack 3;Microsoft Outlook 2000;Microsoft Outlook 2002;Microsoft Word 2000;Microsoft Word 2002;Microsoft Works Suite 2000;Microsoft Works Suite 2001;Microsoft Works Suite 2002;Microsoft Works Suite 2003;Microsoft Works Suite 2004;Microsoft Works Suite 2005;Microsoft Works Suite 2006;Microsoft PowerPoint 2000;Microsoft PowerPoint 2002"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="If a user is logged on with administrative user rights on vulnerable versions of Microsoft Office, a malicious user who successfully exploits this vulnerability may take complete control of the client workstation. The malicious user may then install programs; view, change, or delete data; or create new accounts with full user rights. Users with fewer user rights on the system based on their accounts could be less impacted than users with administrative user rights."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060013"/>
<P Name="VulnerabilityName" Value="MS06-013"/>
<P Name="CVEID" Value="CVE-2006-1359; CVE-2006-1245; CVE-2006-1388; CVE-2006-1185; CVE-2006-1186; CVE-2006-1188; CVE-2006-1189; CVE-2006-1190; CVE-2006-1192"/>
<P Name="MalwareName" Value="EXPL_TXTRANGE.A;JS_DLOADER.BXR"/>
<P Name="MalwareRiskRating" Value="Low;Low"/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (912812)"/>
<P Name="AffectedSoftware" Value="Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003);Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows XP Service Pack 2);Microsoft Internet Explorer 6 (Windows Server 2003 for Itanium-based Systems);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 98 Second Edition);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 98);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows Millennium Edition);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 for Itanium-based Systems);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 x64 Edition);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003);Microsoft Windows 2000 Advanced Server SP4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves ten vulnerabilities. Microsoft released a single update to support these vulnerabilities because the modifications that are required to address these issues are located in related files."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060014"/>
<P Name="VulnerabilityName" Value="MS06-014"/>
<P Name="CVEID" Value="CVE-2006-0003"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="Microsoft Data Access Components (MDAC) is a collection of Dynamic Link Libraries (DLLs) and associated component resources that support a number of different APIs including Open Database Connectivity (ODBC), OLE DB, Microsoft® ActiveX® Data Objects (ADO), and Microsoft Remote Data Service (RDS). It provides applications a means to access data from various data storage sources, with a focus on access to the Microsoft SQL Server. A large number of applications depend on MDAC-contained components for proper operation.   One of MDAC's supported API, RDS, is actually a feature of ADO. It moves data from a server to a client application or to a Web page. It also helps manipulate the data on the client and returns updates to the server in a single round trip.  A remote code execution vulnerability exists in RDS wherein Dataspace ActiveX control is provided as part of ADO and is distributed in MDAC. A remote user who successfully exploits this vulnerability can take complete control of an affected system. If a user is logged on with administrative user rights, the said remote user can then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system can be less affected.   Furthermore, this vulnerability can conceivably be used by malware for replication purposes.  In a Web-based scenario, a remote user or malware tries different social engineering techniques, like displaying banner advertisement,c to get an affected user to visit a malicious Web site that contains the specially-crafted file that jumpstarts the successful exploitation of this vulnerability.   In an email-based scenario, the remote user or malware sends out an email message to a user of a server that is running an affected software application that contains a link. Clicking this link, in turn, takes the user to a malicious Web site designed to exploit this vulnerability. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060015"/>
<P Name="VulnerabilityName" Value="MS06-015"/>
<P Name="CVEID" Value="CVE-2006-0012"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="Windows Explorer, which provides a Graphical User Interface (GUI) for accessing the file systems, is the default shell used by modern Microsoft Windows.   A remote code execution vulnerability exists in Windows Explorer because of the way it handles COM objects. It can be exploited through a Web-based scenario by a remote malicious user or a malware. The mentioned agents try to get an affected user to click on a link that leads to a malicious Web site. Upon reaching this specially-crafted Web site, the user is prompted to perform several actions needed so as to connect to a certain file server. This file server, in turn, can cause Windows Explorer to fail in a way that can allow code execution. Thus, a remote user or malware, who successfully exploits this vulnerability, can take complete control of an affected system.   It should be noted that this vulnerability can not be exploited automatically via e-mail. For an attack to be successful, the affected user must open an attachment or click on a link within an e-mail message."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060016"/>
<P Name="VulnerabilityName" Value="MS06-016"/>
<P Name="CVEID" Value="CVE-2006-0014"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Outlook Express (911567)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="Windows provides an address book for storing contact information. The Windows Address Book (WAB) is an application and service that enables users to keep track of people. The WAB has a local database and user interface for finding and editing information about people and it can query network directory servers using Lightweight Directory Access Protocol (LDAP).   An unchecked buffer in WAB functioning within Outlook Express can cause remote code execution. A malicious user or malware creates a specially crafted .WAB file and persuades a user to open it causing an error in Outlook Express that allows execution of remote code. If an affected user is logged on with administrative user rights, a remote user who successfully exploits this vulnerability can take complete control of an affected system. The said remote user can then install programs; view, change, or delete data; or create new accounts with full user rights.   In a Web-based scenario, a remote user or malware tries different social engineering techniques to get an affected user to visit a malicious Web site that contains the specially-crafted .WAB file that jumpstarts the successful exploitation of this vulnerability.   In an email-based scenario, the remote user or malware sends out the created .WAB file to the affected user as an attachment. The email message's details try to get the user to open the attached file."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060017"/>
<P Name="VulnerabilityName" Value="MS06-017"/>
<P Name="CVEID" Value="CVE-2006-0015"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (917627)"/>
<P Name="AffectedSoftware" Value="Microsoft FrontPage Server Extensions 2002;Microsoft FrontPage Server Extensions 2002 (x64 Edition);Microsoft FrontPage Server Extensions 2002 (x86 Edition);Microsoft SharePoint Team Services 2002 (Microsoft Office XP)"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="FrontPage Server Extensions (FPSE) affect authoring, administering, and browse-time functionality. FPSE is exploited because of the way it handles HTML validation. The said exploit causes a cross-site scripting (XSS) vulnerability, which could enable an attacker to inject code into a user's session with a Web site.   The attack involves Web servers that dynamically generate HTML pages. If the said servers embed browser input in the dynamic Web pages that they send back to the browser, these servers can be manipulated to include potentially malicious executable script content in the dynamic pages.   Web browsers may perpetuate this problem through their basic assumptions of trusted sites and their use of cookies to maintain persistent state with the Web sites that they frequent. This attack does not modify Web site content. Instead, it inserts new, potentially malicious script that can execute at the browser level in the information context that is associated with a trusted server.  The cross-site scripting vulnerability could also allow an attacker to run client-side script on behalf of the user, who has administrative user rights on the Front Page Server Extensions 2002 or SharePoint Team Services 2002 server. The script could spoof content, disclose information, or take any action that the user could take on the affected Web site. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.   This vulnerability can also be exploited by a remote malicious attacker or a malware application."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060018"/>
<P Name="VulnerabilityName" Value="MS06-018"/>
<P Name="CVEID" Value="CVE-2006-0034;CVE-2006-1184"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="An unchecked buffer in the Microsoft Distributed Transaction Coordinator (MSDTC) service could allow a malicious user to utilize a specially crafted network message, which it brings to an affected system. If the said routine is successful, the message can cause the affected system to stop responding."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060019"/>
<P Name="VulnerabilityName" Value="MS06-019"/>
<P Name="CVEID" Value="CVE-2006-0027"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Exchange Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Exchange Server 2000;Microsoft Exchange Server 2003 Service Pack 1;Microsoft Exchange Server 2003 Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability in the Microsoft Exchange Calendar could allow a remote malicious attacker or a malware to take complete control of an affected system if the affected user is currently logged on with administrative user rights. This vulnerability exists because Collaboration Data Objects for Exchange (CDOEX) and Exchange Collaboration Data Objects (EXCDO) functionalities provided with Exchange Server do not properly process certain iCAL and vCAL properties that are provided in email messages."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060021"/>
<P Name="VulnerabilityName" Value="MS06-021"/>
<P Name="CVEID" Value="CVE-2006-2218;CVE-2006-2382;CVE-2006-2383;CVE-2006-1303;CVE-2005-4089;CVE-2006-2384;CVE-2006-2385;CVE-2006-1626"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (916281)"/>
<P Name="AffectedSoftware" Value="Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4);Internet Explorer 6.0 SP1;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003);Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 6 for Microsoft Windows XP Service Pack 2;Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 98 Second Edition);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 98);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows Millennium Edition);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows XP Service Pack 1);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 for Itanium-based Systems);Microsoft Windows 2000 Server SP4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves several vulnerabilities in Internet Explorer (IE).;The Exception Handling Memory Corruption Vulnerability could allow a malicious user or a malware to execute arbitrary code on the system because IE allows objects to register exception handlers that may not properly handle certain conditions.;The HTML Decoding Memory Corruption Vulnerability could allow a malicious user or a malware to execute arbitrary code on the system because of the way IE parses the code for decoding UTF-8 characters.;The ActiveX Control Memory Corruption Vulnerability could allow a malicious user or a malware to execute arbitrary code on the system because IE does not perform parameter validation on the data that is passed to the DXImageTransform.Microsoft.Light ActiveX control.;The COM Object Instantiation Memory Corruption Vulnerability could allow a malicious user or a malware to execute arbitrary code on the system because when IE attempts to instantiate certain COM objects as ActiveX Controls, the COM objects may corrupt the system state in such a way that an attacker could execute arbitrary code.;The COM CSS Cross-Domain Information Disclosure Vulnerability could allow a malicious user to read data from another security zone or domain in IE because IE incorrectly interprets a specially crafted document as a Cascading Style Sheet (CSS).;The Address Bar Spoofing Vulnerabilities could allow an attacker to to create a Web page that displays a spoofed URL in the address bar, while pointing to a different Web site. A user could then expose information into the possibly malicious Web site when in fact the data is sent to the attacker’s site.;The MHT Memory Corruption Vulnerability could allow an attacker to gain the same user rights as the affected user because a specially crafted Web page can, when saved as a multipart HTML file cause memory corruption."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060022"/>
<P Name="VulnerabilityName" Value="MS06-022"/>
<P Name="CVEID" Value="CVE-2006-2378"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability could allow a malicious user or malware to execute arbitrary codes via a specially-crafted ART image file because the JG ART DLL does not validate the length of the message before passing it to the allocated buffer."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060023"/>
<P Name="VulnerabilityName" Value="MS06-023"/>
<P Name="CVEID" Value="CVE-2006-1313"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft JScript Could Allow Remote Code Execution (917344)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows 98;Microsoft Windows 98 Second Edition;Microsoft Windows Millennium Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability could allow a malicious user or malware to execute arbitrary codes via a specially-crafted Jscript file because Jscript may release objects early, potentially causing memory corruption."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060025"/>
<P Name="VulnerabilityName" Value="MS06-025"/>
<P Name="CVEID" Value="CVE-2006-2370;CVE-2006-2371"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Routing and Remote Access Could Allow Remote Execution (911280)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 64-Bit Edition;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows XP Professional SP1;Microsoft Windows XP Professional SP2;Microsoft Windows XP Professional x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="An unchecked buffer in the Routing and Remote Access service could allow a malicious user or a malware to execute arbitrary code with the privileges of the currently logged-on user."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060027"/>
<P Name="VulnerabilityName" Value="MS06-027"/>
<P Name="CVEID" Value="CVE-2006-2492"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Word Could Allow Remote Code Execution (917336)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 1;Microsoft Office 2003 Service Pack 2;Microsoft Office XP Service Pack 3;Microsoft Word 2000;Microsoft Word 2002;Microsoft Word 2003;Microsoft Word Viewer 2003;Microsoft Works Suite 2000;Microsoft Works Suite 2001;Microsoft Works Suite 2002;Microsoft Works Suite 2003;Microsoft Works Suite 2004;Microsoft Works Suite 2005;Microsoft Works Suite 2006"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability could allow remote attackers to execute arbitrary code via a specially-crafted document. This vulnerability exists in an object pointer, located in one of the data structures, being read while parsing the document. When a certain error occurs, this pointer can be manipulated to execute arbitrary codes."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060028"/>
<P Name="VulnerabilityName" Value="MS06-028"/>
<P Name="CVEID" Value="CVE-2006-0022"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution (916768)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 1;Microsoft Office 2003 Service Pack 2;Microsoft Office 2004 for Mac;Microsoft Office X for Mac;Microsoft Office XP Service Pack 3;Microsoft PowerPoint 2000;Microsoft PowerPoint 2002;Microsoft PowerPoint 2003;Microsoft PowerPoint 2004;Microsoft Powerpoint X for Mac"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows remote code execution using a malformed record vulnerability. An attacker exploits this vulnerability by creating a PowerPoint file that does not crash PowerPoint program itself when opened by a user. If a user with administrative user rights opens the said file, an attacker who successfully exploits this vulnerability may take complete control of the system. "/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060029"/>
<P Name="VulnerabilityName" Value="MS06-029"/>
<P Name="CVEID" Value="CVE-2006-1193"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection (912442)"/>
<P Name="AffectedSoftware" Value="Microsoft Exchange 2000 Server Pack 3 with the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup;Microsoft Exchange Server 2003 Service Pack 1;Microsoft Exchange Server 2003 Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability could allow attackers to execute arbitrary code via a specially-crafted HTML email. This vulnerability exists due to the improper conversion of null bytes contained in email messages into a greater than symbol ('>'). This is an error innate in the said exchange server."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060030"/>
<P Name="VulnerabilityName" Value="MS06-030"/>
<P Name="CVEID" Value="CVE-2006-2373;CVE-2006-2374"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP 64-Bit Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security vulnerability resolves the newly discovered vulnerabilities in Server Message Block (SMB), which could allow an attacker to escalate privileges and take control over an affected system.;The SMB Driver Elevation of Privilege Vulnerability is an elevation of privilege vulnerability in SMB that could allow an attacker to take complete control over an affected system. This vulnerability exists due to the utilization of unbuffered I/O between user and kernel mode for its IOCTLs by the SMB driver MRXSMB.SYS. An IOCTL is a mechanism that is commonly used to communicate between the userspace and the kernelspace.;The SMB Invalid Handle Vulnerability is a denial of service vulnerability in SMB that could allow an attacker to cause an affected system to stop responding. In this case, the SMB driver MRXSMB.SYS contains a function which takes a handle as a parameter that is subsequently closed. A user-mode process can pass in the handle for the driver which causes a kernel-mode deadlock on this thread. The said process will be unable to terminate and the system may not be able to properly shut down. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060031"/>
<P Name="VulnerabilityName" Value="MS06-031"/>
<P Name="CVEID" Value="CVE-2006-2380"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in RPC Mutual Authentication Could Allow Spoofing (917736)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="A spoofing vulnerability exists in the RPC service that could enable an attacker to spoof trusted network resource due to the way it handles mutual authentication. The affected product does not correctly validate the identity of RPC services while utilizing mutual authentication over Secure Socket Layer (SSL). This vulnerability could allow an attacker to persuade a user to connect to a malicious RPC resource which appears to be valid."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060032"/>
<P Name="VulnerabilityName" Value="MS06-032"/>
<P Name="CVEID" Value="CVE-2006-2379"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in TCP/IP Could Allow Remote Code Execution (917953)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability in the TCP/IP protocol driver could allow remote code execution using a created strict or loose route ICMP packet."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060033"/>
<P Name="VulnerabilityName" Value="MS06-033"/>
<P Name="CVEID" Value="CVE-2006-1300"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in ASP.NET Could Allow Information Disclosure"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Media Center Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Tablet PC Edition"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability could allow remote attackers to bypass ASP.NET security and gain unauthorized access to objects in the APPLICATION folder explicitly by name, resulting in information disclosure, because ASP.NET does not properly validate the URL paths that are passed to it."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/> 
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060035"/>
<P Name="VulnerabilityName" Value="MS06-035"/>
<P Name="CVEID" Value="CVE-2006-1314;CVE-2006-1315"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Server Service Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves two vulnerabilities affecting Microsoft Windows.;The MailSlot Heap Overflow Vulnerability could allow remote attackers to take complete control of an affected system, due to an unchecked buffer in the Server service.;The SMB Information Disclosure Vulnerability could allow attackers to remotely read information stored in buffers for SMB."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>   
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060036"/>
<P Name="VulnerabilityName" Value="MS06-036"/>
<P Name="CVEID" Value="CVE-2006-2372"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in DHCP Client Service Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability could allow attackers to remotely execute abitrary code via a malformed DHCP communication sent to an affected client on the same network segment. This vulnerability is caused by an unchecked buffer in the DHCP Client Service."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>   
</MSG>
	<MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060037"/>
<P Name="VulnerabilityName" Value="MS06-037"/>
<P Name="CVEID" Value="CVE-2006-1301;CVE-2006-1302;CVE-2006-1304;CVE-2006-1306;CVE-2006-1308;CVE-2006-1309;CVE-2006-2388;CVE-2006-3059"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Excel 2000;Microsoft Excel 2002;Microsoft Excel 2003;Microsoft Excel 2003 Viewer;Microsoft Excel 2004 for Mac;Microsoft Excel X for Mac;Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 1;Microsoft Office 2003 Service Pack 2;Microsoft Office 2004 for Mac;Microsoft Office v. X for Mac;Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves several vulnerabilities in Microsoft Excel, which, when exploited, could allow attackers to take complete control over an affected system."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>   
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060039"/>
<P Name="VulnerabilityName" Value="MS06-039"/>
<P Name="CVEID" Value="CVE-2006-0033;CVE-2006-0007"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 1;Microsoft Office 2003 Service Pack 2;Microsoft Office OneNote 2003;Microsoft Office XP Service Pack 3;Microsoft Project 2000;Microsoft Project 2002;Microsoft Project 2003;Microsoft Works Suite 2004;Microsoft Works Suite 2005;Microsoft Works Suite 2006"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A vulnerability in the way Microsoft Office parses a PNG or GIF file before it passes to the allocated buffer could allow remote attackers to remotely execute arbitrary code on an affected system via a specially-crafted PNG or GIF file."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
	<MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060040"/>
<P Name="VulnerabilityName" Value="MS06-040"/>
<P Name="CVEID" Value="CVE-2006-3439 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Server Service Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables remote code execution in Server Service that could allow an attacker who successfully exploits this vulnerability to take complete control of the affected system. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060041"/>
<P Name="VulnerabilityName" Value="MS06-041"/>
<P Name="CVEID" Value="CVE-2006-3441;CVE-2006-3440 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves several newly discovered, privately reported, vulnerabilities. For details, refer to the descriptions of CVEIDs enumerated. An attacker who successfully exploits the most severe of hese vulnerabilities could take complete control of an affected system.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060042"/>
<P Name="VulnerabilityName" Value="MS06-042"/>
<P Name="CVEID" Value="CVE-2006-3280;CVE-2006-3450;CVE-2006-3451;CVE-2006-3637;CVE-2006-3638;CVE-2006-3639;CVE-2006-3640;CVE-2004-1166   "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (918899)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4
;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition
"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves several newly discovered, publicly and privately reported vulnerabilities. Each vulnerability is documented in its own. For details, refer to the description of the CVEIDs enumerated.   "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060043"/>
<P Name="VulnerabilityName" Value="MS06-043"/>
<P Name="CVEID" Value="CVE-2006-2766"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Windows Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP Service Pack 2
;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems 
;Microsoft Windows Server 2003 x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables remote code execution in Windows that results from incorrect parsing of the MHTML protocol."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060044"/>
<P Name="VulnerabilityName" Value="MS06-044"/>
<P Name="CVEID" Value="CVE-2006-3643"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Management Console Could Allow Remote Code Execution (917008)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition
;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables remote code execution in Windows Management Console that could allow a remote malicious user who successfully exploits this vulnerability to take complete control of the affected system.   "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060045"/>
<P Name="VulnerabilityName" Value="MS06-045"/>
<P Name="CVEID" Value="CVE-2006-3281"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Explorer Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability enables remote code execution in Windows Explorer because of the way that Windows Explorer handles Drag and Drop events. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060046"/>
<P Name="VulnerabilityName" Value="MS06-046"/>
<P Name="CVEID" Value="CVE-2006-3357"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in HTML Help Could Allow Remote Code Execution (922616)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability exists in the HTML Help ActiveX control that could allow remote code execution on an affected system. A remote malicious user could exploit this vulnerability by constructing a malicious Web page that could potentially allow remote code execution if an affected user visited that page. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060047"/>
<P Name="VulnerabilityName" Value="MS06-047"/>
<P Name="CVEID" Value="CVE-2006-3649"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Project 2000 Service Release 1;Microsoft Access 2000 Runtime Service Pack 3;Microsoft Office XP Service Pack 3;Microsoft Project 2002 Service Pack 1;Microsoft Visio 2002 Service Pack 2;Microsoft Works Suite 2004;Microsoft Works Suite 2005;Microsoft Works Suite 2006;Microsoft Visual Basic for Applications SDK 6.0;Microsoft Visual Basic for Applications SDK 6.2;Microsoft Visual Basic for Applications SDK 6.3;Microsoft Visual Basic for Applications SDK 6.4;Microsoft Works Suites"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability enables remote code execution in the way that Visual Basic for Applications (VBA) checks the document properties that a host application passes to it when opening a document."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060048"/>
<P Name="VulnerabilityName" Value="MS06-048"/>
<P Name="CVEID" Value="CVE-2006-3590;CVE-2006-3449"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Office Could Allow Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office XP Service Pack 3;Microsoft Office 2003 Service Pack 1 or Service Pack 2;Microsoft Office 2004 for Mac;Microsoft Office v. X for Mac;Microsoft PowerPoint 2000;Microsoft PowerPoint 2002;Microsoft Office PowerPoint 2003;PowerPoint 2004 for Mac;PowerPoint 2004 v. X for Mac"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves two newly discovered, privately reported and public vulnerabilities. Each vulnerability is documented. For details, refer to the description of the CVEIDs enumerated. "/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060049"/>
<P Name="VulnerabilityName" Value="MS06-049"/>
<P Name="CVEID" Value="CVE-2006-3444"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="There exists a vulnerability in Windows 2000 caused by improper validation of system inputs. This vulnerability could allow a logged on user to take complete control of the system.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060050"/>
<P Name="VulnerabilityName" Value="MS06-050"/>
<P Name="CVEID" Value="CVE-2006-3086;CVE-2006-3438 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves two newly discovered vulnerabilities. Each vulnerability is documented in its own. For details, refer to the description of the CVEIDs enumerated.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060051"/>
<P Name="VulnerabilityName" Value="MS06-051"/>
<P Name="CVEID" Value="CVE-2006-3443;CVE-2006-3648"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Kernel Could Result in Remote Code Execution"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves newly discovered, privately reported vulnerabilities and additional issues discovered through internal investigations. A remote user who successfully exploits the most severe of these vulnerabilities could take complete control of an affected system. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060052"/>
<P Name="VulnerabilityName" Value="MS06-052"/>
<P Name="CVEID" Value="CVE-2006-3442"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Pragmatic General Multicast (PGM) Could Allow Remote Code Execution (919007)"/>
<P Name="AffectedSoftware" Value="Windows XP Service Pack 1 with the MSMQ service installed;Windows XP Service Pack 2 with the MSMQ service installed"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="Pragmatic General Multicast (PGM) is a reliable and scalable multicast protocol that enables receivers to detect loss, request retransmission of lost data, or notify an application of unrecoverable loss. This vulnerability could allow an attacker execute an arbitrary code on an affected system by sending a specially crafted multicast message using the Microsoft Message Queuing (MSMQ) Services. Note that the MSMQ Services, which is the Windows service needed to allow PGM communications, is not installed by default. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060053"/>
<P Name="VulnerabilityName" Value="MS06-053"/>
<P Name="CVEID" Value="CVE-2006-0032"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Indexing Service Could Allow Cross-Site Scripting (920685)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="This vulnerability could allow remote malicious users to gain unauthorized access to sensitive user information via a client-side script. The said script could disclose information, spoof content, or take any other action that the users may take on the affected Web site. The said vulnerability exists because of the way Indexing Service handles query validation."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060054"/>
<P Name="VulnerabilityName" Value="MS06-054"/>
<P Name="CVEID" Value="CVE-2006-0001"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (910729)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 1;Microsoft Office 2003 Service Pack 2;Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability could allow remote attackers to execute arbitrary code on an affected system via a specially crafted Publisher file. This vulnerability exists because Publisher does not perform sufficient data validation when processing the contents of a .PUB file. When Publisher opens a specially crafted Publisher file and parses a malformed string, it may corrupt system memory, which is actually a stack-based buffer overflow, in such a way that the remote malicious user can gain control of execution and run codes on the affected system."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060055"/>
<P Name="VulnerabilityName" Value="MS06-055"/>
<P Name="CVEID" Value="CVE-2006-4868"/>
<P Name="MalwareName" Value="EXPL_EXECOD.A;HTML_VIMALOV.B;HTML_VMLFILL.B;HTML_VMLFILL.C"/>
<P Name="MalwareRiskRating" Value="Low;Low;Low;Low"/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition ;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This overrun vulnerability allows remote code execution. Once successfully exploited, an attacker takes complete control of an affected system. It does this by creating a specially crafted Web page or email (in HTML format) that allows remote code execution when a user visits a Web site or views an email message. An exploited system may allow an attacker to perform malicious activities, such as data manipulation and creating user-account creation. It is important to note that users who were granted with fewer rights can less be affected than those with administrative rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060056"/>
<P Name="VulnerabilityName" Value="MS06-056"/>
<P Name="CVEID" Value="CVE-2006-3436"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in ASP.NET 2.0 Could Allow Information Disclosure (922770)"/>
<P Name="AffectedSoftware" Value="Microsoft .NET Framework 2.0;Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 for Itanium-based Systems ;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Media Center Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Tablet PC Edition
"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="A cross site scripting (XSS) vulnerability exists in a Microsoft .NET Framework 2.0 server that could inject a malicious script in an affected user's browser. The said vulnerability is caused by an incorrect validation of an HTTP request by the .NET Framework 2.0. However, to successfully exploit this vulnerability, user interaction is needed.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060057"/>
<P Name="VulnerabilityName" Value="MS06-057"/>
<P Name="CVEID" Value=""/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Explorer Could Allow Remote Execution (923191)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 for Itanium-based Systems ;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A vulnerability exists in Windows Shell in the way it validates input parameters when called by the WebViewFolderIcon ActiveX (Web View) control that if successfully exploited, could allow remote code execution. A remote malicious user may design a specially-crafted Web site or a specially-crafted email message that contains a code that exploits this vulnerability. Once exploited, the remote malicious user may gain the same user rights as the logged on user. Thus, users whose accounts are configured with fewer rights could be less affected than users with administrative rights.     "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060058"/>
<P Name="VulnerabilityName" Value="MS06-058"/>
<P Name="CVEID" Value="CVE-2006-3435;CVE-2006-3876;CVE-2006-3877;CVE-2006-4694"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (924163)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 1;Microsoft Office 2003 Service Pack 2;Microsoft Office 2004 for Mac;Microsoft Office v. X for Mac;Microsoft Office XP Service Pack 3;Microsoft Powerpoint 2000;Microsoft PowerPoint 2002;Microsoft PowerPoint 2003;Microsoft PowerPoint 2004;Microsoft PowerPoint v. X for Mac"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update addresses several vulnerabilities, which when successfully exploited, could allow remote code execution, in several versions of Microsoft PowerPoint. To exploit the said vulnerabilities, a remote user may design a Web site that hosts a PowerPoint (.PPT) file used to exploit this vulnerability. The said vulnerabilities may also be exploited via email, where a remote user sends an email message with a malicious .PPT file attached. Once exploited, the remote malicious user gains control of the system. Users who have fewer rights are less affected than users with administrative rights. "/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
	<MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060059"/>
<P Name="VulnerabilityName" Value="MS06-059"/>
<P Name="CVEID" Value="CVE-2006-2387;CVE-2006-3431;CVE-2006-3867;CVE-2006-3875 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)"/>
<P Name="AffectedSoftware" Value="Microsoft Excel 2002;Microsoft Excel v. X for Mac;Microsoft Office 2000 Service Pack 3 ;Microsoft Office 2003 Service Pack 1;Microsoft Office 2003 Service Pack 2;Microsoft Office v. X for Mac;Microsoft Office XP Service Pack 3;Microsoft Works Suite 2004;Microsoft Works Suite 2005;Microsoft Works Suite 2006;Microsoft Excel 2003 Viewer;Microsoft Office 2004 for Mac;Microsoft Excel 2004 for Mac"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update addresses several vulnerabilities, which when successfully exploited, could allow remote code execution, in several versions of Microsoft Excel. To exploit the said vulnerabilities, a remote user may design a Web site that hosts an Excel (.XLS) file used to exploit this vulnerability. The said vulnerabilities may also be exploited via email, where a remote user sends an email message with a malicious .XLS file attached. Once exploited, the remote malicious user gains control of the system. Users who have fewer rights are less affected than users with administrative rights. "/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060060"/>
<P Name="VulnerabilityName" Value="MS06-060"/>
<P Name="CVEID" Value="CVE-2006-3647;CVE-2006-3651;CVE-2006-4534;CVE-2006-4693"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (924554)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Word 2000;Microsoft Office XP Service Pack 2;Microsoft Office XP Service Pack 3;Microsoft Works Suite 2004;Microsoft Works Suite 2005;Microsoft Works Suite 2006;Microsoft Office v. X for Mac;Microsoft Word 2003;Microsoft Word 2003 Viewer;Microsoft Office 2004 for Mac;Microsoft Office XP Service Pack 1"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A vulnerability exists in the way Word parses a file containing a malformed string; opens a specially-crafted mail merge file, opens a specially-crafted file with a malformed stack, and when Word for Mac opens a specially-crafted file that contains a malformed string."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060061"/>
<P Name="VulnerabilityName" Value="MS06-061"/>
<P Name="CVEID" Value="CVE-2006-4685;CVE-2006-4686"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191)"/>
<P Name="AffectedSoftware" Value="Microsoft XML Parser 2.6 (all versions) and Microsoft XML Core Services 3.0 (all versions) on Windows 2000 Service Pack 4;Microsoft XML Parser 2.6 (all versions) and Microsoft XML Core Services 3.0 (all versions) on Microsoft Windows XP Service Pack 1;Microsoft XML Parser 2.6 (all versions) and Microsoft XML Core Services 3.0 (all versions) on Microsoft Windows XP Service Pack 2;Microsoft XML Parser 2.6 (all versions) and Microsoft XML Core Services 3.0 (all versions) on Microsoft Windows XP Professional x64 Edition;Microsoft XML Parser 2.6 (all versions) and Microsoft XML Core Services 3.0 (all versions) on Microsoft Windows Server 2003;Microsoft XML Parser 2.6 (all versions) and Microsoft XML Core Services 3.0 (all versions) on Microsoft Windows Server 2003 Service Pack 1;Microsoft XML Parser 2.6 (all versions) and Microsoft XML Core Services 3.0 (all versions) on Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft XML Parser 2.6 (all versions) and Microsoft XML Core Services 3.0 (all versions) on Microsoft Windows Server 2003 x64 Edition;Microsoft Office 2003 Service Pack 1 or Service Pack 2 with Microsoft XML Core Services 5.0 Service Pack 1;Microsoft XML Core Services 4.0 when installed on Windows 2000 Service Pack 4;Microsoft XML Core Services 4.0 when installed on Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2;Microsoft XML Core Services 4.0 when installed on Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1;Microsoft XML Core Services 6.0 when installed on Windows 2000 Service Pack 4;Microsoft XML Core Services 6.0 when installed on Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2;Microsoft XML Core Services 6.0 when installed on Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A vulnerability exists in the way XML Core Services interprets an HTTP server-side redirect. The XMLHTTP ActiveX control's flawed interpretation of an HTTP server-side redirect may lead to information disclosure. A remote malicious user may also be able to read information from another security zone or domain in Internet Explorer. A vulnerability in the Extensible Stylesheet Language Transformations (XSLT) control processing could lead to remote code execution."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060062"/>
<P Name="VulnerabilityName" Value="MS06-062"/>
<P Name="CVEID" Value="CVE-2006-3434;CVE-2006-3650;CVE-2006-3864;CVE-2006-3868"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)"/>
<P Name="AffectedSoftware" Value="Microsoft Access 2000;Microsoft Office 2003 Service Pack 2;Microsoft Office 2000 Service Pack 3;Microsoft Access 2002;Microsoft Access 2003;Microsoft Excel 2000;Microsoft Excel 2002;Microsoft Excel 2003;Microsoft Excel 2003 Viewer;Microsoft FrontPage 2000;Microsoft FrontPage 2002;Microsoft FrontPage 2003;Microsoft Office 2004 for Mac;Microsoft Office v. X for Mac;Microsoft Office XP Service Pack 3;Microsoft Outlook 2000;Microsoft Outlook 2002;Microsoft Powerpoint 2000;Microsoft Outlook 2003;Microsoft PowerPoint 2002;Microsoft PowerPoint 2003;Microsoft Project 2000 Service Release 1;Microsoft Project 2002 Service Pack 1;Microsoft Project 2003;Microsoft Publisher 2000;Microsoft Publisher 2002;Microsoft Publisher 2003;Microsoft Visio 2002;Microsoft Visio 2002 Service Pack 2;Microsoft Visio 2003;Microsoft Word 2000;Microsoft Word 2002;Microsoft Word 2003;Microsoft Word 2003 Viewer;Microsoft Office 2003 Service Pack 1"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A vulnerability exists in the way Office parses a file containing a malformed string. When it processes a specially-crafted file with a malformed string, it may cause system memory corruption. A vulnerability exists in the way Office parses a file with a malformed chart record. Office may not sufficiently validate contents of a file when parsing, in the way Office parses a file containing a malformed record. When it processes a specially-crafted file with a malformed record, it may cause system memory corruption, and in the way Office parses a file that contains a malformed Smart Tag. When it processes a specially-crafted file with a malformed Smart Tag, it may cause system memory corruption."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060063"/>
<P Name="VulnerabilityName" Value="MS06-063"/>
<P Name="CVEID" Value="CVE-2006-3942;CVE-2006-4696 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Server Service Could Allow Denial of Service (923414)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update addresses vulnerabilities in Server Service that could cause denial of service and remote code execution. The first vulnerability exists in the way the Server Service handles an uninitialized buffer in certain network messages. A remote malicious user may send a specially-crafted network message to exploit this vulnerability, eventually causing the vulnerable system to stop responding. The second vulnerability exists in the way the Server Service handles certain network messages. It is caused by the service's attempt to remove reference to an invalid pointer. A remote malicious user may send a specially-crafted network message to exploit this vulnerability, eventually allowing the remote malicious user to gain control of the vulnerable system. However, to be able to exploit the said vulnerability, the remote malicious user must have valid logon credentials and is able to logon to the network where the target system is located. Moreover, anonymous users may not be able to exploit this vulnerability.  This update resolves the said vulnerabilities by fixing the uninitialized buffer and modifying the way Server Service removes reference to an invalid pointer. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060064"/>
<P Name="VulnerabilityName" Value="MS06-064"/>
<P Name="CVEID" Value="CVE-2004-0790;CVE-2004-0230;CVE-2005-0688 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service (922819)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition"/>
<P Name="RiskRating" Value="Low"/>
<P Name="Description" Value="This update addresses several vulnerabilities in several versions of TCP/IP networking protocols, allowing a denial of service when exploited successfully. One vulnerability exists in the IPv6 implementation of the Internet Control Message Protocol (ICMP). Specially-crafted ICMP packets that should be dropped instead of being parsed may cause reset of an existing connection. Another vulnerability exists in the IPv6 implementation of Transmission Control Protocol (TCP). Specially-crafted TCP packets that should be dropped instead of being parsed may cause reset of an existing connection. Furthermore, a vulnerability exits in the IPv6 implementation of TCP/IP. This vulnerability occurs when a TCP packet with a spoofed source Internet Protocol (IP) address and port number similar to the destination IP address and port is received. To successfully exploit the said vulnerabilities, a remote malicious user would have to belong to the same IPv6 network, causing the vulnerable system to drop existing TCP connections and to stop responding. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060065"/>
<P Name="VulnerabilityName" Value="MS06-065"/>
<P Name="CVEID" Value="CVE-2006-4692"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Object Packager Could Allow Remote Code Execution (924496)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP Service Pack 1;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="A vulnerability in the Windows Object Packager exists due to the way it handles file extensions. Object Packager is a tool that creates a package that may be inserted into a file. In a Web-based attack scenario, a remote malicious user may host a Web site that contains an exploit code. Once exploited, the remote malicious user may take complete control of the vulnerable system. However, user interaction is required to successfully exploit this vulnerability. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060066"/>
<P Name="VulnerabilityName" Value="MS06-066"/>
<P Name="CVEID" Value="CVE-2006-4688;CVE-2006-4689"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution (923980)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security advisory addresses several vulnerabilities in Client Service for NetWare.;In NetWare Memory Corruption Vulnerability, exploiting an existing remote code execution vulnerability in the Client Service for NetWare (CSNW) service allows a remote malicious attacker to take complete control over the affectes system.; In NetWare Denial of Service (DoS) Vulnerability, exploiting an existing denial of service vulnerability in the Client Service for NetWare (CSNW) allows a remote malicious attacker to send a specially crafted network messages to a system running the CSNW service. This action causes the said system to cease responding to other network systems."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060067"/>
<P Name="VulnerabilityName" Value="MS06-067"/>
<P Name="CVEID" Value="CVE-2006-4446;CVE-2006-4687;CVE-2006-4777"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (922760)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows XP Service Pack 2);Microsoft Internet Explorer 6 (Windows Server 2003 for Itanium-based Systems);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory addresses several vulnerabilities in Internet Explorer.;In DirectAnimation ActiveX Controls Memory Corruption Vulnerability, unexpected passing of data using ActiveX can exploit the existing remote code execution vulnerability in DirectAnimation ActiveX controls. A remote malicious user exploits the aforementioned vulnerability by creating a specially crafted Web page, capable of allowing remote code execution on a system once this page is visited by an unsuspecting user. Once successfully exploited, a malicious user takes complete control of the affected system.; In HTML Rendering Memory Corruption Vulnerability, a vulnerability exists in how Internet Explorer (IE) interprets certain HTML files. Once successfully exploited, a remote malicious user takes complete control of the affected system. This action is done when an unsuspecting user views a specially crafted Web page that is capable of allowing remote code execution on a system.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060068"/>
<P Name="VulnerabilityName" Value="MS06-068"/>
<P Name="CVEID" Value="CVE-2006-3445"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Agent Could Allow Remote Code Execution (920213)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves the newly-discovered vulnerability in Microsoft Agent.;Once the aforementioned vulnerability is successfully exploited, a remote malicious user takes complete control of the affected system, enabling them to perform malicious actions ranging from, however not limited to, installing programs; viewing, modifying, and deleting files; and creating new accounts with administrator rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060069"/>
<P Name="VulnerabilityName" Value="MS06-069"/>
<P Name="CVEID" Value="CVE-2006-3311; CVE-2006-3014; CVE-2006-3587; CVE-2006-3588; CVE-2006-4640"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update addresses remote code execution vulnerabilities in Adobe's Macromedia Flash Player, version 6.0.84.0 and earlier.;To exploit one or more of the vulnerabilities through Internet Explorer, an attacker could host a Web site containing a specially crafted Macromedia Flash file format (SWF), and then prompt a user to view the Web site. The specially crafted SWF file could also be sent as an email attachment.;The attacker who successfully exploited any of the vulnerabilities could access and manipulate an affected system once the user logged on with administrative user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060070"/>
<P Name="VulnerabilityName" Value="MS06-070"/>
<P Name="CVEID" Value="CVE-2006-4691"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Workstation Service Could Allow Remote Code Execution (924270)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update addresses a remote code execution vulnerability in the Workstation service. An attacker who successfully exploits the said vulnerability could take full control of an affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060071"/>
<P Name="VulnerabilityName" Value="MS06-071"/>
<P Name="CVEID" Value="CVE-2006-5745"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (928088)"/>
<P Name="AffectedSoftware" Value="Microsoft XML Core Services 4.0;Microsoft XML Core Services 6.0"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update addresses a vulnerability in the XMLHTTP ActiveX control within Microsoft XML Core Services.;An attacker could exploit the vulnerability by creating a specially crafted Web page that allows remote code execution once an unsuspecting user with administrative user rights visits the said page or clicks a link in an email message. The attacker who successfully exploits the mentioned vulnerability could access and take full control of an affected system. To sucessfully exploit the vulnerability, however, user intervention is needed."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060072"/>
<P Name="VulnerabilityName" Value="MS06-072"/>
<P Name="CVEID" Value="CVE-2006-5579;CVE-2006-5581;CVE-2006-5578;CVE-2006-5577 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (925454)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 for Itanium-based Systems ;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2;Microsoft Internet Explorer 5.01 Service Pack 4;Microsoft Internet Explorer 6 Service Pack 1;Microsoft Internet Explorer 6"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update covers four vulnerabilities, which include the Script Error Handling Memory Corruption Vulnerability, DHTML Script Function Memory Corruption Vulnerability, and TIF Folder Information Disclosure Vulnerabilities. Several remote code execution vulnerabilities exist in Internet Explorer (IE) due to attempts to access previously freed memory when handling script errors, in a way IE interprets certain DHTML script function calls to incorrectly created elements or that drag and drop operations are handled in certain situations, as well as in certain scenarios where the path to the cached content in the TIF folder could be disclosed. Once exploited, these remote code execution vulnerabilities could allow a malicious user or a malware to take complete control of the affected system.   "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060073"/>
<P Name="VulnerabilityName" Value="MS06-073"/>
<P Name="CVEID" Value="CVE-2006-4704    "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)"/>
<P Name="AffectedSoftware" Value="Microsoft Visual Studio 2005;Visual Studio 2005 Professional Edition;Visual Studio 2005 Standard Edition;Visual Studio 2005 Team Edition for Architects;Visual Studio 2005 Team Edition for Developers;Visual Studio 2005 Team Edition for Testers;Visual Studio 2005 Team Suite"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This remote code execution vulnerability exists in WMI Object Broker control that the WMI Wizard uses in Visual Studio 2005. A remote malicious user exploits the aforementioned vulnerability by creating a specially crafted Web page, allowing remote code execution on a system once this page is visited by an unsuspecting user. The attacker who successfully exploits this vulnerability could access and manipulate an affected system. The attacker can then install programs, create new accounts with full user rights, and view, modify, or even delete information.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060074"/>
<P Name="VulnerabilityName" Value="MS06-074"/>
<P Name="CVEID" Value="CVE-2006-5583 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in SNMP Could Allow Remote Code Execution (926247)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This remote code execution vulnerability exists in the SNMP Service. An attacker who successfully exploits the said vulnerability could take full control of an affected system. The attacker could then install programs, create new accounts with full user rights, and view, modify, or even delete information."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060075"/>
<P Name="VulnerabilityName" Value="MS06-075"/>
<P Name="CVEID" Value="CVE-2006-5585"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Could Allow Elevation of Privilege (926255)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="In general, this vulnerability can allow a currently logged on user to take complete control of the system by elevating the user privileges. To successfully exploit this vulnerability, an attacker must have valid logon credentials and be able to log on locally. After which, the attacker could then run a specially crafted application to exploit this vulnerability. This vulnerability exists when there is improper file processing and management by Client/Server run-time Subsystem (CRSS). CRSS, which is responsible for console windows, creating and/or deleting threads, is an essential subsystem that must be running constantly on the system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060076"/>
<P Name="VulnerabilityName" Value="MS06-076"/>
<P Name="CVEID" Value="CVE-2006-2386"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Outlook Express (923694)"/>
<P Name="AffectedSoftware" Value="Microsoft Outlook Express 5.5 Service Pack 2;Microsoft Outlook Express 6.0;Microsoft Outlook Express 6.0 Service Pack 1;Microsoft Windows 2000 Service Pack 2;Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability exists in a component of Outlook Express. It is often caused by an unchecked buffer in the Windows Address Book (WAB) functions within Outlook Express. Once sucessfully exploited, an attacker, who sent a Windows Address Book file to a system, gains the same user rights as the currently logged on user."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060077"/>
<P Name="VulnerabilityName" Value="MS06-077"/>
<P Name="CVEID" Value="CVE-2006-5584"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Remote Installation Service Could Allow Remote Code Execution (926121)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability is caused by anonymous access to the file structure of a hosted operating system, which is built through an Remote Installation Services (RIS) TFTP service. RIS basically allows Windows setup to initiate over a network. Once successfully exploited, an attacker could remotely take complete control of an affected system. As such, the attacker can overwrite existing operating system files or upload a specially crafted file. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20060078"/>
<P Name="VulnerabilityName" Value="MS06-078"/>
<P Name="CVEID" Value="CVE-2006-4702;CVE-2006-6134 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows Media Format 7.1;Microsoft Windows Media Player 6.4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2 ;Microsoft Windows Media Format 9.5"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability exists in Windows Media Format Runtime due to the way it handles Advanced Systems Format (ASF) files. An attacker can exploit this vulnerability by creating a specially crafted Windows Media Player content that could allow remote code execution. In order to successfully exploit this vulnerability, the attacker lures the user into visiting the attacker's Web site. Once successfully exploited, the attacker could gain the same user rights as the local user."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070001"/>
<P Name="VulnerabilityName" Value="MS07-001"/>
<P Name="CVEID" Value="CVE-2006-5574"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker Could Allow Remote Code Execution (921585)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2003 Service Pack 2;Microsoft Word 2003;Microsoft Excel 2003;Microsoft Outlook 2003;Microsoft Access 2003;Microsoft OneNote 2003;Microsoft PowerPoint 2003;Microsoft Publisher 2003;Microsoft InfoPath 2003;Microsoft FrontPage 2003;Microsoft Visio 2003;Microsoft Visio Enterprise Architects 2003;Microsoft Project Multilingual User Interface 2003 Service Pack 2;Microsoft Visio Multilingual User Interface 2003 Service Pack;Microsoft Office Proofing Tools 2003 Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves a vulnerability in Office 2003 Brazilian Portuguese Grammar Checker that could allow remote code execution. User interaction is required for an attacker to exploit these vulnerabilities. The attacker could exploit this vulnerability when Office opens a file and parses the text. The attacker who successfully exploited this vulnerability could take full control of an affected system, and could then install programs; view, change, or delete data; or create new accounts with full user rights.   "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070002"/>
<P Name="VulnerabilityName" Value="MS07-002"/>
<P Name="CVEID" Value="CVE-2007-0027;CVE-2007-0028;CVE 2007-0029;CVE-2007-0030;CVE-2007-0031"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Excel 2000;Microsoft Office XP Service Pack 3;Microsoft Excel 2002;Microsoft Office 2003 Service Pack 2;Microsoft Excel 2003;Microsoft Office Excel Viewer 2003;Microsoft Works Suite 2004;Microsoft Works Suite 2005;Microsoft Office 2004 for Mac;Microsoft Office v. X for Mac"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves vulnerabilities in Microsoft Excel that could allow remote code execution. An attacker could exploit the said vulnerabilities when Excel parses a file and processes a malformed IMDATA, Column, or Palette record. The vulnerabilities, however, cannot be exploited automatically through email. For an attack to be successful, a user must open an attachment to the email message. The attacker who successfully exploited the vulnerabilities could take full control of an affected system and could gain the same user rights as the local user, like install applications, and view and change data.    "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070003"/>
<P Name="VulnerabilityName" Value="MS07-003"/>
<P Name="CVEID" Value="CVE-2007-0033;CVE-2006-1305;CVE-2007-0034"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (925938)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Outlook 2000;Microsoft Office XP Service Pack 3;Microsoft Outlook 2002 ;Microsoft Office 2003 Service Pack 2;Microsoft Outlook 2003"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves vulnerabilities in Microsoft Outlook that could allow remote code execution when Outlook parses a file and processes a malformed VEVENT record or an Office Saved Searches (.OSS) file. The attacker who successfully exploited the vulnerabilities could take full control of an affected system and could gain the same user rights as the local user, like install applications, and view and change data. One of the vulnerabilities, however, is only a denial of service vulnerability, causing an affected system to stop responding.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070004"/>
<P Name="VulnerabilityName" Value="MS07-004"/>
<P Name="CVEID" Value="CVE-2007-0024"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4;Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4;Internet Explorer 7 on Microsoft Windows XP Service Pack 2;Internet Explorer 7 on Microsoft Windows XP Professional x64 Edition;Internet Explorer 7 on Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1;Internet Explorer 7 on Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Internet Explorer 7 on Microsoft Windows Server 2003 x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves a vulnerability in Vector Markup Language (VML) implementation Microsoft Windows that could allow remote code execution. An attacker could exploit the vulnerability by creating a specially crafted Web page or HTML email that could potentially allow remote code execution if a user visited the said Web page or viewed the message. The attacker who successfully exploited the vulnerability could take full control of an affected system and could gain the same user rights as the local user, like install applications, and view and change data."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070005"/>
<P Name="VulnerabilityName" Value="MS07-005"/>
<P Name="CVEID" Value="CVE-2006-3448"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (923723)"/>
<P Name="AffectedSoftware" Value="Step-by-Step Interactive Training on Microsoft Windows 2000 Service Pack 4;Step-by-Step Interactive Training on Microsoft Windows XP Professional x64 Edition;Step-by-Step Interactive Training on Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves a vulnerability that exists in Step-by-Step Interactive Training, handling bookmark link files. An attacker can successfully exploit this vulnerability by using a specially-crafted message that could potentially allow remote code execution.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070006"/>
<P Name="VulnerabilityName" Value="MS07-006"/>
<P Name="CVEID" Value="CVE-2007-0211"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves a vulnerability in Windows Shell that could allow elevation of privilege.  It addresses a vulnerability that could allow an attacker to access and take full control of an affected system. However, user interaction is required to exploit this vulnerability. The attacker who successfully logged on to the system could view or modify data, install programs, or create new accounts with full user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070007"/>
<P Name="VulnerabilityName" Value="MS07-007"/>
<P Name="CVEID" Value="CVE-2007-0210"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege (927802)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Windows Vista;Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves a vulnerability in the Windows Image Acquisition Service that could allow elevation of privilege.  It addresses a vulnerability that could allow an attacker to access and take full control of an affected system. However, user interaction is required to exploit this vulnerability. The attacker who successfully logged on to the system could view or modify data, install programs, or create new accounts with full user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070008"/>
<P Name="VulnerabilityName" Value="MS07-008"/>
<P Name="CVEID" Value="CVE-2007-0214"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928843)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves a vulnerability in HTML Help that could allow remote code execution.  It addresses a vulnerability that could allow an attacker to access and take full control of an affected system. However, user interaction is required to exploit this vulnerability. The attacker who successfully logged on to the system could view or modify data, install programs, or create new accounts with full user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070009"/>
<P Name="VulnerabilityName" Value="MS07-009"/>
<P Name="CVEID" Value="CVE-2006-5559"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (927779)"/>
<P Name="AffectedSoftware" Value="Microsoft Data Access Components 2.8 Service Pack 2 on Microsoft Windows Server 2003 Service Pack 1;Microsoft Data Access Components 2.8 Service Pack 2 on Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Data Access Components 2.8 Service Pack 2 on Microsoft Windows XP Professional x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves a vulnerability in Microsoft Data Access Components that could allow remote code execution.  It addresses a vulnerability that could allow an attacker to access and take full control of an affected system. However, user interaction is required to exploit this vulnerability. The attacker who successfully logged on to the system could view or modify data, install programs, or create new accounts with full user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070010"/>
<P Name="VulnerabilityName" Value="MS07-010"/>
<P Name="CVEID" Value="CVE-2006-5270"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution (932135)"/>
<P Name="AffectedSoftware" Value="Microsoft Antigen for Exchange 9.x;Microsoft Antigen for SMTP Gateway 9.x;Microsoft Forefront Security for Exchange Server;Microsoft Forefront Security for SharePoint;Microsoft Malware Protection Engine;Microsoft Windows Defender;Microsoft Windows Defender in Windows Vista;Microsoft Windows Defender x64 Edition;Windows Live OneCare"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update is a vulnerability in the Microsoft Malware Protection Engine that could allow remote code execution.  It addresses a vulnerability that could allow an attacker to access and take full control of an affected system. However, user interaction is required to exploit this vulnerability. The attacker who successfully logged on to the system could view or modify data, install programs, or create new accounts with full user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070011"/>
<P Name="VulnerabilityName" Value="MS07-011"/>
<P Name="CVEID" Value="CVE-2007-0026"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (926436)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves a newly discovered, privately reported vulnerability in the OLE Dialog component in Microsoft Windows. When successfully exploited by a remote malicious user, these vulnerabilities allow the said user to gain control of the affected system. Users who are currently logged on with administrative user rights are more vulnerable than users who have fewer user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070012"/>
<P Name="VulnerabilityName" Value="MS07-012"/>
<P Name="CVEID" Value="CVE-2007-0025"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft MFC Could Allows Remote Code Execution (924667)"/>
<P Name="AffectedSoftware" Value="Microsoft Visual Studio .NET 2002;Microsoft Visual Studio .NET 2002 Service Pack 1;Microsoft Visual Studio .NET 2003;Microsoft Visual Studio .NET 2003 Service Pack 1;Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves a newly discovered, privately reported vulnerability in the MFC component in Microsoft Windows and Visual Studio. When successfully exploited by a remote malicious user, these vulnerabilities allow the said user to gain control of the affected system. Users who are currently logged on with administrative user rights are more vulnerable than users who have fewer user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070013"/>
<P Name="VulnerabilityName" Value="MS07-013"/>
<P Name="CVEID" Value="CVE-2006-1311"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution (918118)"/>
<P Name="AffectedSoftware" Value="Microsoft Access 2000;Microsoft Access 2002;Microsoft Access 2003;Microsoft Excel 2000;Microsoft Excel 2002;Microsoft Excel 2003;Microsoft FrontPage 2000;Microsoft FrontPage 2002;Microsoft FrontPage 2003;Microsoft Global Input Method Editor for Office 2000 (Japanese);Microsoft InfoPath 2003;Microsoft Learning Essentials 1.0, 1.1, and 1.5 for Microsoft Office;Microsoft Office 2000 Multilanguage Packs;Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2;Microsoft Office 2004 for Mac;Microsoft Office XP Service Pack 3;Microsoft OneNote 2003;Microsoft Outlook 2000;Microsoft Outlook 2002;Microsoft Outlook 2003;Microsoft Powerpoint 2000;Microsoft PowerPoint 2002;Microsoft PowerPoint 2003;Microsoft Project 2000 Service Release 1;Microsoft Project 2002 Service Pack 1;Microsoft Publisher 2000;Microsoft Publisher 2002;Microsoft Publisher 2003;Microsoft Visio 2002 Service Pack 2;Microsoft Visio 2003;Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2;Microsoft Word 2000;Microsoft Word 2002;Microsoft Word 2003;Microsoft Word 2003 Viewer"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves a newly discovered, privately reported vulnerability in the RichEdit component in Microsoft Windows and Microsoft Office. When successfully exploited by a remote malicious user, these vulnerabilities allow the said user to gain control of the affected system. Users who are currently logged on with administrative user rights are more vulnerable than users who have fewer user rights."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070014"/>
<P Name="VulnerabilityName" Value="MS07-014"/>
<P Name="CVEID" Value="CVE-2006-5994; CVE-2006-6456; CVE-2006-6561; CVE-2007-0208; CVE-2007-0209; CVE-2007-0515"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (929434)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2;Microsoft Office 2004 for Mac;Microsoft Office XP Service Pack 3;Microsoft Word 2000;Microsoft Word 2002;Microsoft Word 2003;Microsoft Word 2003 Viewer;Microsoft Works Suite 2004;Microsoft Works Suite 2005;Microsoft Works Suite 2006"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update addresses several newly discovered, privately and publicly reported vulnerabilities. When successfully exploited by a remote malicious user, these vulnerabilities allow the said user to gain control of the affected system. Users who are currently logged on with administrative user rights are more vulnerable than users who have fewer user rights."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070015"/>
<P Name="VulnerabilityName" Value="MS07-015"/>
<P Name="CVEID" Value="CVE-2006-3877; CVE-2007-0671"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (932554)"/>
<P Name="AffectedSoftware" Value="Microsoft Access 2000;Microsoft Access 2002;Microsoft Access 2003;Microsoft Excel 2000;Microsoft Excel 2002;Microsoft Excel 2003;Microsoft Excel 2003 Viewer;Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2;Microsoft Office 2004 for Mac;Microsoft Office XP Service Pack 3;Microsoft OneNote 2003;Microsoft Outlook 2000;Microsoft Outlook 2002;Microsoft Outlook 2003;Microsoft Powerpoint 2000;Microsoft PowerPoint 2002;Microsoft PowerPoint 2003;Microsoft Project 2000 Service Release 1;Microsoft Project 2002 Service Pack 1;Microsoft Project 2003;Microsoft Publisher 2000;Microsoft Publisher 2002;Microsoft Publisher 2003;Microsoft Visio 2002;Microsoft Visio 2002 Service Pack 2;Microsoft Visio 2003;Microsoft Word 2000;Microsoft Word 2002;Microsoft Word 2003;Microsoft Word 2003 Viewer"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update addresses two newly discovered, privately and publicly reported vulnerabilities. When successfully exploited by a remote malicious user, these vulnerabilities allow the said user to gain control of the affected system. Users who are currently logged on with administrative user rights are more vulnerable than users who have fewer user rights."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070016"/>
<P Name="VulnerabilityName" Value="MS07-016"/>
<P Name="CVEID" Value="CVE-2006-4697; CVE-2007-0219; CVE-2007-0217"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (928090)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4 ;Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 6 for Microsoft Windows XP Service Pack 2 ;Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4) ;Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 for Itanium-based Systems) ;Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 Service Pack 1) ;Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems) ;Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 x64 Edition) ;Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition) ;Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition) ;Microsoft Internet Explorer 7 (Microsoft Windows XP Service Pack 2) ;Microsoft Windows 2000 Server Service Pack 4 ;Microsoft Windows Server 2003 ;Microsoft Windows Server 2003 for Itanium-based Systems ;Microsoft Windows Server 2003 Service Pack 1 ;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems ;Microsoft Windows Server 2003 x64 Edition ;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2 "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update addresses several newly discovered, privately and publicly reported vulnerabilities. When successfully exploited by a remote malicious user, these vulnerabilities allow the said user to gain control of the affected system. Users who are currently logged on with administrative user rights are more vulnerable than users who have fewer user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070017"/>
<P Name="VulnerabilityName" Value="MS07-017"/>
<P Name="CVEID" Value="CVE-2007-0038"/>
<P Name="MalwareName" Value="EXPL_ANICMOO.GEN;TROJ_ANICMOO.AX"/>
<P Name="MalwareRiskRating" Value="Low;Medium"/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in GDI Could Allow Remote Code Execution (925902)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2;Microsoft Windows 2000 Service Pack 2 ;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems ;Microsoft Windows Server 2003 x64 Edition Service Pack 2 ;Microsoft Windows XP Professional x64 Edition Service Pack 2 ;Windows Vista ;Windows Vista x64 Edition "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This release replaces the security updates MS05-002, MS05-053, and MS06-001.;It also addresses the Windows Animated Cursor Remote Code Execution vulnerability (CVE-2007-0038), which is currently being exploited in the wild and discussed in the advisory Microsoft Security Advisory 935423.;The malware EXPL_ANICMOO.GEN  and TROJ_ANICMOO.AX  exploit the Windows Animated Cursor Remote Code Execution vulnerability.    "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070018"/>
<P Name="VulnerabilityName" Value="MS07-018"/>
<P Name="CVEID" Value="CVE-2007-0938;CVE-2007-0939"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939)"/>
<P Name="AffectedSoftware" Value="Microsoft Content Management Server 2001 Service Pack 1;Microsoft Content Management Server 2001 Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security bulletin resolves two newly discovered vulnerabilities affecting Microsoft Content Management Server (CMS).;The CMS Memory Corruption Vulnerability could allow an attacker to take complete control of an affected system because of the way CMS handles a specially crafted HTTP request.;The Cross-site Scripting and Spoofing Vulnerability in CMS Vulnerability could allow an attacker access to data on the affected systems that is accessible to an affected users via a malicious script."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070019"/>
<P Name="VulnerabilityName" Value="MS07-019"/>
<P Name="CVEID" Value="CVE-2007-1204"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A remote code execution vulnerability exists in the Universal Plug and Play (UPnP) service in the way that it handles specially crafted HTTP requests. These HTTP requests could only be sent directly to a target computer by a remote malicious user on the same subnet. When successfully exploited, this vulnerability could allow a remote attacker to run arbitrary code in the context of the Local Service account and could not run code under the Local SYSTEM account."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070020"/>
<P Name="VulnerabilityName" Value="MS07-020"/>
<P Name="CVEID" Value="CVE-2207-1205"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition Service Pack 1;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability could allow a remote attacker to execute arbitrary code on a system via specially crafted URLs. This vulnerability exists because of the way Microsoft Agent handles these specially crafted URLs."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070021"/>
<P Name="VulnerabilityName" Value="MS07-021"/>
<P Name="CVEID" Value="CVE-2006-6696; CVE-2007-1209; CVE-2006-6797"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Windows Vista;Windows Vista x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security bulletin resolves three newly discovered vulnerabilities affecting Windows Client/Server Run-time Subsystem (CSRSS).; The MsgBox (CSRSS) Remote Code Execution Vulnerability could allow a remote attacker to execute arbitrary code on the system via a specially crafted application because of the way CSRSS process handles error messages.;The CSRSS Local Elevation of Privilege Vulnerability could allow a remote attacker to take complete control of an affected system because of the way the CSRSS process handles its connections during the startup and stopping of processes.;The CSRSS DoS Vulnerability could allow an attacker to cause the affected system to stop responding and automatically restart. This vulnerability exists because of the way the CSRSS process handles error messages. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070022"/>
<P Name="VulnerabilityName" Value="MS07-022"/>
<P Name="CVEID" Value="CVE-2007-1206"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security bulletin replaces the security update MS06-049, which affects Microsoft Windows 2000 Service Pack 4; A vulnerability in Windows Kernel may allow a malicious user to take control of an affected system. This vulnerability exists because of incorrect permissions on a mapped memory segment."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070023"/>
<P Name="VulnerabilityName" Value="MS07-023"/>
<P Name="CVEID" Value="CVE-2007-0215; CVE-2007-1203; CVE-2007-1214 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233)"/>
<P Name="AffectedSoftware" Value="2007 Microsoft Office System ;Microsoft Excel 2000 ;Microsoft Excel 2002;Microsoft Excel 2003 ;Microsoft Excel 2003 Viewer ;Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2 ;Microsoft Office 2004 for Mac ;Microsoft Office 2007 ;Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats ;Microsoft Office XP Service Pack 3 "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory addresses several vulnerabilities in Microsoft Excel. These vulnerabilities exist because of the way Microsoft Excel handles specially crafted files that contain malformed records or font values. Once successfully exploited, these vulnerabilities allow an attacker to gain user rights similar to the currently logged on user."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070024"/>
<P Name="VulnerabilityName" Value="MS07-024"/>
<P Name="CVEID" Value="CVE-2007-0035; CVE-2007-0870; CVE-2007-1202 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (934232)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows XP Service Pack 2);Microsoft Internet Explorer 6 (Windows Server 2003 for Itanium-based Systems);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003;Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security bulletin replaces Microsoft Security Bulletin MS07-014 and resolves three vulnerabilities affecting Microsoft Word.; The Word Array Overflow Vulnerability (CVE-2007-0035) could allow a remote malicious user to gain the same user rights as the local user because of the way Microsoft Word handles data within an array.; The Word Document Stream Vulnerability (CVE-2007-0870) could allow a remote malicious user to gain the same user rights as the local user because of the way Microsoft Word handles a specially crafted Word Document stream.; The Word RTF Parsing Vulnerability (CVE-2007-1202) could allow a remote malicious user to gain the same user rights as the local user because of the way Microsoft Word parses certain rich text properties within a file."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070025"/>
<P Name="VulnerabilityName" Value="MS07-025"/>
<P Name="CVEID" Value="CVE-2007-1747 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Office Could Allow Remote Code Execution (934873) "/>
<P Name="AffectedSoftware" Value="2007 Microsoft Office System;Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2;Microsoft Office 2004 for Mac ;Microsoft Office XP Service Pack 3 "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update replaces security update MS07-015. A remote code execution vulnerability exists in the way Microsoft Office handles a specially crafted drawing object, which may be included as an attachment to an email message or hosted on a malicious Web site. A remote malicious user could exploit this vulnerability by constructing a specially crafted Office file containing a malformed drawing object that could allow remote code execution."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070026"/>
<P Name="VulnerabilityName" Value="MS07-026"/>
<P Name="CVEID" Value="CVE-2007-0220; CVE-2007-0039; CVE-2007-0213; CVE-2007-0221 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)"/>
<P Name="AffectedSoftware" Value="Microsoft Exchange 2000 Server Pack 3 with the August 2004 Exchange 2000 Server Post-Service Pack 3 Update Rollup;Microsoft Exchange Server 2003 Service Pack 1;Microsoft Exchange Server 2003 Service Pack 2;Microsoft Exchange Server 2007"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update replaces the following security updates: Vulnerability in Microsoft Exchange Could Allow Remote Code Execution and Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection; The said vulnerabilities exist in the way Microsoft Exchange handles the following: Script-based attachments opened within an authenticated OWA session, Calendar content requests, Specially crafted email messages that need to be decoded, and Invalid IMAP commands.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070027"/>
<P Name="VulnerabilityName" Value="MS07-027"/>
<P Name="CVEID" Value="CVE-2007-0942; CVE-2007-0944; CVE-2007-0945; CVE-2007-0947; CVE-2007-2221 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (931768)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition Service Pack 1 ;Microsoft Windows Server 2003 x64 Edition Service Pack 2 ;Microsoft Windows XP Professional x64 Edition ;Microsoft Windows XP Professional x64 Edition Service Pack 2 ;Microsoft Windows XP Service Pack 2 ;Windows Vista ;Windows Vista x64 Edition "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update replaces the following update which also addresses several vulnerabilities in Internet Explorer: Cumulative Security Update for Internet Explorer (928090); It addresses the following vulnerabilities: COM Object Instantiation Memory Corruption Vulnerability,   Uninitialized Memory Corruption Vulnerability, Property Memory Corruption Vulnerability,   HMTL Objects Memory Corruption Vulnerabilities, and Arbitrary File Rewrite Vulnerability.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070028"/>
<P Name="VulnerabilityName" Value="MS07-028"/>
<P Name="CVEID" Value=""/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in CAPICOM Could Allow Remote Code Execution (931906)"/>
<P Name="AffectedSoftware" Value="BizTalk Server 2004 Service Pack 1 ;BizTalk Server 2004 Service Pack 2 ;CAPICOM ;Platform SDK Redistributable: CAPICOM "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability allows remote execution if a malicious user successfully crafts an input that exploits the way Cryptographic API Component Object Model (CAPICOM) Certificates class handles unexpected data. A remote malicious user can then gain access to the affected system, thereby compromising system security."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070029"/>
<P Name="VulnerabilityName" Value="MS07-029"/>
<P Name="CVEID" Value="CVE-2007-1748 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966) "/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4 ;Microsoft Windows Server 2003 Service Pack 1 ;Microsoft Windows Server 2003 Service Pack 2 ;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems ;Microsoft Windows Server 2003 x64 Edition Service Pack 1 ;Microsoft Windows Server 2003 x64 Edition Service Pack 2 "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves the following newly discovered vulnerability: DNS RPC Management Vulnerability; A remote code execution vulnerability exists in the Domain Name System (DNS) Server Service in all supported server versions of Windows. An anonymous user can exploit the vulnerability by sending a specially crafted RPC packet to an affected system.   "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070030"/>
<P Name="VulnerabilityName" Value="MS07-030"/>
<P Name="CVEID" Value="CVE-2007-0934; CVE-2007-0936  "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (927051)"/>
<P Name="AffectedSoftware" Value="Microsoft Visio 2002 Service Pack 2;Microsoft Visio 2003 Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves (CVE-2007-0934) Version Number Memory Corruption Vulnerability and (CVE-2007-0936) Visio Document Packaging Vulnerability. Both vulnerabilities could allow remote code execution on an affected system when a user opens a specially crafted Visio file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. User interaction is required to exploit these vulnerabilities."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070031"/>
<P Name="VulnerabilityName" Value="MS07-031"/>
<P Name="CVEID" Value="CVE-2007-2218"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2 "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update addresses the vulnerability that exist in the Secure Channel (Schannel) security package of Windows, which is responsible for implementing Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet protocols. Once this vulnerability is exploited, remote code execution is allowed on the compromised system once a user views a specially crafted Web site using an Internet browser that uses SSL or TLS. Exploiting this vulnerability, however, usually exits the browser window. If systems are successfully exploited, restarting them allows these sites to connect to Web sites again or use resources using SSL or TLS."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070032"/>
<P Name="VulnerabilityName" Value="MS07-032"/>
<P Name="CVEID" Value="CVE-2007-2229"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Vista Could Allow Information Disclosure (931213)"/>
<P Name="AffectedSoftware" Value="Windows Vista;Windows Vista x64 Edition"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="This security update resolves a privately reported vulnerability. This vulnerability could allow non-privileged users to access local user information data stores including administrative passwords contained within the registry and local file system. This security update addresses the vulnerability by setting Access Control Lists on user information stores that restrict access to privileged users."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070033"/>
<P Name="VulnerabilityName" Value="MS07-033"/>
<P Name="CVEID" Value="CVE-2007-0218; CVE-2007-1750; CVE-2007-3027; CVE-2007-1751; CVE-2007-1499; CVE-2007-2222"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (933566)"/>
<P Name="AffectedSoftware" Value="Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 Service Pack 2);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition Service Pack 2);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition Service Pack 2);Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows XP Service Pack 2);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 6.0 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 Service Pack 2);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition Service Pack 2);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition);Microsoft Internet Explorer 7 (Microsoft Windows Vista x64 Edition);Microsoft Internet Explorer 7 (Microsoft Windows Vista);Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition Service Pack 2);Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 7 (Microsoft Windows XP Service Pack 2);Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update addresses several vulnerabilities that allow remote code execution on affected systems once a user views a specially-crafted Web page using Internet Explorer (IE) versions 5.01 to 7. Users granted with limited rights on systems are the least likely to be affected by these vulnerabilities."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070034"/>
<P Name="VulnerabilityName" Value="MS07-034"/>
<P Name="CVEID" Value="CVE-2006-2111; CVE-2007-1658; CVE-2007-2225; CVE-2007-2227"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Outlook Express and Windows Mail (929123)"/>
<P Name="AffectedSoftware" Value="Microsoft Outlook Express 6 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems);Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 Service Pack 1);Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 Service Pack 2);Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 x64 Edition Service Pack 2);Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 x64 Edition);Microsoft Outlook Express 6.0 (Microsoft Windows XP Professional x64 Edition Service Pack 2);Microsoft Outlook Express 6.0 (Microsoft Windows XP Professional x64 Edition);Microsoft Outlook Express 6.0 (Microsoft Windows XP Service Pack 2);Windows Mail (Windows Vista x64 Edition);Windows Mail (Windows Vista)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update addresses several vulnerabilities that allow remote code execution on affected systems once a user views a specially-crafted email message using Windows Mail and Microsoft Outlook Express 6.0 on certain operating systems. Users granted with limited rights on systems are the least likely to be affected by these vulnerabilities."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070035"/>
<P Name="VulnerabilityName" Value="MS07-035"/>
<P Name="CVEID" Value="CVE-2007-2219"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Win 32 API Could Allow Remote Code Execution (935839)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;oft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update addresses a vulnerability in a Win32 API that allows remote code execution or elevation of privilege once the API is used locally by a specially-crafted application. This suggests that the API is a vector of this vulnerability. It resolves this vulnerability by changing the way the Win32 API handles parameter validation.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070036"/>
<P Name="VulnerabilityName" Value="MS07-036"/>
<P Name="CVEID" Value="CVE-2007-1756; CVE-2007-3029; CVE-2007-3030"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (936542)"/>
<P Name="AffectedSoftware" Value="Microsoft Excel 2000 Service Pack 3 (Microsoft Office 2000 Service Pack 3);Microsoft Excel 2002 Service Pack 3 (Microsoft Office XP Service Pack 3);Microsoft Excel 2003 Service Pack 2 (Microsoft Office 2003 Service Pack 2);Microsoft Excel 2003 Viewer;Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats;Microsoft Office Excel 2007 (2007 Microsoft Office System)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update solves a vulnerability that exists in the way Microsoft Excel handles malformed Excel files. This vulnerability can be expoited by a remote malicious user by sending a malformed file as an email message attachment or as a file hosted on a malicious Web site. Once successfully exploited, the remote user can gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070037"/>
<P Name="VulnerabilityName" Value="MS07-037"/>
<P Name="CVEID" Value="CVE-2007-1754"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Office Publisher 2007 Could Allow Remote Code Execution (936548)"/>
<P Name="AffectedSoftware" Value="Microsoft Office Publisher 2007 (2007 Microsoft Office System)"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="A vulnerability exists in the way Microsoft Publisher inadequately clears our memory resources when writing application data from memory to disk. A remote malicious user can exploit this vulnerability by creating a specially crafted Publisher page file (*.PUB), which when viewed, allows remote code execution on the affected system. A remote malicious user can also take complete control over the compromised system."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070038"/>
<P Name="VulnerabilityName" Value="MS07-038"/>
<P Name="CVEID" Value="CVE-2007-3038"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Vista Firewall Could Allow Information Disclosure (935807)"/>
<P Name="AffectedSoftware" Value="Windows Vista;Windows Vista x64 Edition"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="An information disclosure vulnerability exists in Windows Vista that could allow a remote malicious user to send inbound traffic to the affected system once exploited. It also allows remote malicious users to gain information from the system over the network. Note, however, that if the network profile of Windows Vista is set to Public, the system is not affected by this vulnerability. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070039"/>
<P Name="VulnerabilityName" Value="MS07-039"/>
<P Name="CVEID" Value="CVE-2007-0040; CVE-2007-3028"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Active Directory Could Allow Remote Code Execution (926122)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves two vulnerabilities in the Windows Active Directory that could allow remote code execution or a denial of service condition. Both vulnerabilities exist in the way the Active Directory validates and LDAP request. An attacker who successfully exploited this vulnerability could take complete control of an affected system, or could cause the server to temporarily stop responding."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070040"/>
<P Name="VulnerabilityName" Value="MS07-040"/>
<P Name="CVEID" Value="CVE-2007-0041; CVE-2007-0042; CVE-2007-0043"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Media Center Edition 2005;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Tablet PC Edition 2005;Windows 2000 Service Pack 4;Windows Vista;Windows Vista x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves three vulnerabilities in the .NET Framework. When successfully exploited, the said vulnerabilities allow a remote malicious user t make changes to the affected system. All three vulnerabilities are fully exploited when the currently logged on user has administrator rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070041"/>
<P Name="VulnerabilityName" Value="MS07-041"/>
<P Name="CVEID" Value="CVE-2005-4360"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution (939373)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows XP Professional SP2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security update addresses a remote code execution vulnerability in Internet Information Services (IIS) 5.1 on Windows XP Professional Service Pack 2. This vulnerability could allow an attacker to take complete control of the affected system. An attacker could exploit the vulnerability by sending specially crafted URL requests to a Web page hosted by Internet Information Services."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070042"/>
<P Name="VulnerabilityName" Value="MS07-042"/>
<P Name="CVEID" Value="CVE-2007-2223"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2003 Service Pack 2;Microsoft Office Groove Server 2007;Microsoft Office SharePoint Server;Windows 2000 Service Pack 4;Windows Server 2003 Service Pack 1;Windows Server 2003 Service Pack 2;Windows Server 2003 with SP1 for Itanium-based Systems;Windows Server 2003 with SP2 for Itanium-based Systems;Windows Server 2003 x64 Edition;Windows Server 2003 x64 Edition Service Pack 2;Windows Vista;Windows Vista x64 Edition;Windows XP Professional x64 Edition;Windows XP Professional x64 Edition Service Pack 2;Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. The vulnerability could be exploited through attacks on Microsoft XML Core Services. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070043"/>
<P Name="VulnerabilityName" Value="MS07-043"/>
<P Name="CVEID" Value="CVE-2007-2224"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in OLE Automation Could Allow Remote Code Execution (921503)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2004 for Mac;Microsoft Visual Basic 6.0 Service Pack 6;Windows 2000 Service Pack 4;Windows Server 2003 Service Pack 1;Windows Server 2003 Service Pack 2;Windows Server 2003 with SP1 for Itanium-based Systems;Windows Server 2003 with SP2 for Itanium-based Systems;Windows Server 2003 x64 Edition;Windows Server 2003 x64 Edition Service Pack 2;Windows XP Professional x64 Edition;Windows XP Professional x64 Edition Service Pack 2;Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page. The vulnerability could be exploited through attacks on Object Linking and Embedding (OLE). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070044"/>
<P Name="VulnerabilityName" Value="MS07-044"/>
<P Name="CVEID" Value="CVE-2007-3890"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3
;Microsoft Office XP Service Pack 3
;Microsoft Office 2003 Service Pack 2
;Microsoft Office 2004 for Mac
"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves a privately reported vulnerability in addition to other security issues identified during the course of the investigation. These vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070045"/>
<P Name="VulnerabilityName" Value="MS07-045"/>
<P Name="CVEID" Value="CVE-2007-0943; CVE-2007-2216; CVE-2007-3041"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (937143)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4 ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 Service Pack 1) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 Service Pack 2) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition Service Pack 2) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition) ;Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition Service Pack 2) ;Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition) ;Microsoft Internet Explorer 6 (Microsoft Windows XP Service Pack 2) ;Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 Service Pack 1) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 Service Pack 2) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition Service Pack 2) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition) ;Microsoft Internet Explorer 7 (Microsoft Windows Vista x64 Edition) ;Microsoft Internet Explorer 7 (Microsoft Windows Vista) ;Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition Service Pack 2) ;Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition) ;Microsoft Internet Explorer 7 (Microsoft Windows XP Service Pack 2) "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This critical security update resolves three privately reported vulnerabilities. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070046"/>
<P Name="VulnerabilityName" Value="MS07-046"/>
<P Name="CVEID" Value="CVE-2007-3034 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in GDI Could Allow Remote Code Execution (938829)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4
;Windows XP Service Pack 2
;Windows XP Professional x64 Edition
;Windows Server 2003 Service Pack 1
;Windows Server 2003 x64 Edition
;Windows Server 2003 with SP1 for Itanium-based Systems
"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This critical security update resolves a privately reported vulnerability. A remote code execution vulnerability exists in the Graphics Rendering Engine in the way that it handles specially crafted images. An attacker could exploit the vulnerability by constructing a specially crafted image that could potentially allow remote code execution if a user opened a specially crafted attachment in e-mail. An attacker who successfully exploited this vulnerability could take complete control of an affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
<MSG Type="VAC_VulnerabilityInfo">
  <P Name="VulnerabilityID" Value="20070047"/> 
  <P Name="VulnerabilityName" Value="MS07-047"/> 
  <P Name="CVEID" Value="CVE-2007-3037; CVE-2007-3035"/> 
  <P Name="MalwareName" Value=""/> 
  <P Name="MalwareRiskRating" Value=""/> 
  <P Name="VulnerabilityTitle" Value="Vulnerabilities in Windows Media Player Could Allow Remote Code Execution (936782)"/> 
  <P Name="AffectedSoftware" Value="Microsoft Windows Media Player 10 (Windows Server 2003 Service Pack 1) ;Microsoft Windows Media Player 10 (Windows Server 2003 x64 Edition) ;Microsoft Windows Media Player 10 (Windows XP Professional x64 Edition) ;Microsoft Windows Media Player 10 (Windows XP Service Pack 1) ;Microsoft Windows Media Player 10 (Windows XP Service Pack 2) ;Microsoft Windows Media Player 7.1 (Windows 2000 Service Pack 4) ;Microsoft Windows Media Player 9 (Windows 2000 Service Pack 4) ;Windows Media Player 11 (Windows Vista x64 Edition) ;Windows Media Player 11 (Windows Vista) ;Windows Media Player 11 (Windows XP Professional X64 Edition Service Pack 20) ;Windows Media Player 11 (Windows XP Professional X64 Edition) ;Windows Media Player 11 (Windows XP Service Pack 2) ;Windows Media Player 9 (Microsoft Windows XP Service Pack 2) ;Windows XP Service Pack 2"/> 
  <P Name="RiskRating" Value="Important"/> 
  <P Name="Description" Value="This important security update resolves two privately reported vulnerabilities. These vulnerabilities could allow code execution if a user viewed a specially crafted file in Windows Media Player. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/> 
  <P Name="UpdateType" Value="Windows Update"/> 
  <P Name="URL" Value="http://www.microsoft.com/technet/security"/> 
  <P Name="Unknown1" Value=""/> 
  <P Name="Unknown2" Value=""/> 
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070050"/>
<P Name="VulnerabilityName" Value="MS07-050"/>
<P Name="CVEID" Value="CVE-2007-1749 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Vector Markup Language Could Allow Remote Code Execution (938127) "/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 Service Pack 1) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 Service Pack 2) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition Service Pack 2) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003) ;Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition Service Pack 2) ;Microsoft Internet Explorer 6 (Microsoft Windows XP Service Pack 2) ;Microsoft Internet Explorer 6.0 Service Pack 1 (Microsoft Windows XP 64-Bit Edition) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 Service Pack 1) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 Service Pack 2) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition Service Pack 2) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition) ;Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition Service Pack 2) ;Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition) ;Microsoft Internet Explorer 7 (Microsoft Windows XP Service Pack 2) ;Windows Vista ;Windows Vista x64 Edition "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves a privately reported vulnerability in the Vector Markup Language (VML) implementation in Windows. The vulnerability could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070051"/> 
<P Name="VulnerabilityName" Value="MS07-051"/> 
<P Name="CVEID" Value="CVE-2007-3040"/> 
<P Name="MalwareName" Value=""/> 
<P Name="MalwareRiskRating" Value=""/> 
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Agent Could Allow Remote Code Execution (938827)"/> 
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4"/> 
<P Name="RiskRating" Value="Critical"/> 
<P Name="Description" Value="This security update resolves a privately reported vulnerability. A remote code execution vulnerability exists in Microsoft Agent in the way that it handles certain specially crafted URLs. The said vulnerability allows an attacker to remotely execute code on the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/> 
<P Name="UpdateType" Value="Windows Update"/> 
<P Name="URL" Value="http://www.microsoft.com/technet/security"/> 
<P Name="Unknown1" Value=""/> 
<P Name="Unknown2" Value=""/> 
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070052"/> 
<P Name="VulnerabilityName" Value="MS07-052"/> 
<P Name="CVEID" Value="CVE-2006-6133"/> 
<P Name="MalwareName" Value=""/> 
<P Name="MalwareRiskRating" Value=""/> 
<P Name="VulnerabilityTitle" Value="Vulnerability in Crystal Reports for Visual Studio Could Allow Remote Code Execution (941522)"/> 
<P Name="AffectedSoftware" Value="Microsoft Visual Studio .NET 2002 Service Pack 1;Microsoft Visual Studio .NET 2003;Microsoft Visual Studio .NET 2003 Service Pack 1;Microsoft Visual Studio 2005;Microsoft Visual Studio 2005 Service Pack 1"/> 
<P Name="RiskRating" Value="Important"/> 
<P Name="Description" Value="This security update resolves a publicly disclosed vulnerability. The said vulnerability allows remote code execution if a user opens a specially crafted .RPT file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This is an important security update for supported editions of Visual Studio that include a custom version of Crystal Reports. Only the specific editions of Visual Studio listed in the Affected Software section are affected because they contain Crystal Reports. This security update addresses the said vulnerability by modifying the way that Crystal Reports for Visual Studio handles .RPT files."/> 
<P Name="UpdateType" Value="Office Update"/> 
<P Name="URL" Value="http://www.microsoft.com/technet/security"/> 
<P Name="Unknown1" Value=""/> 
<P Name="Unknown2" Value=""/> 
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070053"/> 
<P Name="VulnerabilityName" Value="MS07-053"/> 
<P Name="CVEID" Value="CVE-2007-3036"/> 
<P Name="MalwareName" Value=""/> 
<P Name="MalwareRiskRating" Value=""/> 
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Services for UNIX Could Allow Elevation of Privilege (939778)"/> 
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 Service Pack 1 ;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 x64 Edition Service Pack 1;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Windows Vista;Windows Vista x64 Edition"/> 
<P Name="RiskRating" Value="Important"/> 
<P Name="Description" Value="This security update resolves one publicly disclosed vulnerability. A vulnerability exists in Windows Services for UNIX 3.0, Windows Services for UNIX 3.5, and Subsystem for UNIX-based Applications where running certain setuid binary files could allow an attacker to gain elevation of privilege."/> 
<P Name="UpdateType" Value="Windows Update"/> 
<P Name="URL" Value="http://www.microsoft.com/technet/security"/> 
<P Name="Unknown1" Value=""/> 
<P Name="Unknown2" Value=""/> 
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070054"/> 
<P Name="VulnerabilityName" Value="MS07-054"/> 
<P Name="CVEID" Value="CVE-2007-2931"/> 
<P Name="MalwareName" Value=""/> 
<P Name="MalwareRiskRating" Value=""/> 
<P Name="VulnerabilityTitle" Value="Vulnerability in MSN Messenger and Windows Live Messenger Could Allow Remote Code Execution (942099)"/> 
<P Name="AffectedSoftware" Value="MSN Messenger 7.5;MSN Messnger 6.2 ;MSN Messnger 7.0;Windows Live Messenger 8.0"/> 
<P Name="RiskRating" Value="Important"/> 
<P Name="Description" Value="This security update resolves a publicly disclosed vulnerability in MSN Messenger and Windows Live Messenger. The said vulnerability allows remote code execution when a user accepts a webcam or video chat invitation from an attacker. An attacker who successfully exploits this vulnerability could take complete control of the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/> 
<P Name="UpdateType" Value="Office Update"/> 
<P Name="URL" Value="http://www.microsoft.com/technet/security"/> 
<P Name="Unknown1" Value=""/> 
<P Name="Unknown2" Value=""/> 
</MSG>
<MSG Type="VAC_VulnerabilityInfo">
  <P Name="VulnerabilityID" Value="20070055"/> 
  <P Name="VulnerabilityName" Value="MS07-055"/> 
  <P Name="CVEID" Value="CVE-2007-2217"/> 
  <P Name="MalwareName" Value=""/> 
  <P Name="MalwareRiskRating" Value=""/> 
  <P Name="VulnerabilityTitle" Value="Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (923810)"/> 
  <P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows Server 2003 Service Pack 1 ;Microsoft Windows Server 2003 Service Pack 2 ;Microsoft Windows XP Service Pack 2"/> 
  <P Name="RiskRating" Value="Critical"/> 
  <P Name="Description" Value="A remote code execution vulnerability exists in the way that the Kodak Image Viewer in Windows handles specially crafted image files. An attacker could exploit the vulnerability by constructing a specially crafted image that could potentially allow remote code execution if a user visited a Web site, viewed a specially crafted e-mail message, or opened an e-mail attachment. An attacker who successfully exploited this vulnerability could take complete control of an affected system."/> 
  <P Name="UpdateType" Value="Windows Update"/> 
  <P Name="URL" Value="http://www.microsoft.com/technet/security"/> 
  <P Name="Unknown1" Value=""/> 
  <P Name="Unknown2" Value=""/> 
  </MSG>
<MSG Type="VAC_VulnerabilityInfo">
  <P Name="VulnerabilityID" Value="20070056"/> 
  <P Name="VulnerabilityName" Value="MS07-056"/> 
  <P Name="CVEID" Value="CVE-2007-3897"/> 
  <P Name="MalwareName" Value=""/> 
  <P Name="MalwareRiskRating" Value=""/> 
  <P Name="VulnerabilityTitle" Value="Security Update for Outlook Express and Windows Mail (941202)"/> 
  <P Name="AffectedSoftware" Value="Microsoft Outlook Express 5.5 Service Pack 2 (Microsoft Windows 2000 Service Pack 4) ;Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 Service Pack 1) ;Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 Service Pack 2) ;Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems) ;Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 x64 Edition Service Pack 2) ;Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 x64 Edition) ;Microsoft Outlook Express 6.0 (Microsoft Windows XP Professional x64 Edition Service Pack 2) ;Microsoft Outlook Express 6.0 (Microsoft Windows XP Service Pack 2) ;Microsoft Outlook Express 6.0 Service Pack 1 (Microsoft Windows 2000 Service Pack 4) ;Windows Mail (Windows Vista x64 Edition) ;Windows Mail (Windows Vista)"/> 
  <P Name="RiskRating" Value="Critical"/> 
  <P Name="Description" Value="This critical security update resolves one privately reported vulnerability. The vulnerability could allow remote code execution due to an incorrectly handled malformed NNTP response. An attacker could exploit the vulnerability by constructing a specially crafted Web page. If a user viewed the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user."/> 
  <P Name="UpdateType" Value="Windows Update"/> 
  <P Name="URL" Value="http://www.microsoft.com/technet/security"/> 
  <P Name="Unknown1" Value=""/> 
  <P Name="Unknown2" Value=""/> 
  </MSG>
<MSG Type="VAC_VulnerabilityInfo">
  <P Name="VulnerabilityID" Value="20070057"/> 
  <P Name="VulnerabilityName" Value="MS07-057"/> 
  <P Name="CVEID" Value="CVE-2007-3892; CVE-2007-3893; CVE-2007-1091; CVE-2007-3826"/> 
  <P Name="MalwareName" Value=""/> 
  <P Name="MalwareRiskRating" Value=""/> 
  <P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (939653)"/> 
  <P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4 ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition Service Pack 2) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition) ;Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition Service Pack 2) ;Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition) ;Microsoft Internet Explorer 6 for Microsoft Windows XP Service Pack 2 ;Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 Service Pack 1) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 Service Pack 2) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition Service Pack 2) ;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition) ;Microsoft Internet Explorer 7 (Microsoft Windows Vista x64 Edition) ;Microsoft Internet Explorer 7 (Microsoft Windows Vista) ;Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition) ;Microsoft Internet Explorer 7 (Microsoft Windows XP Service Pack 2)"/> 
  <P Name="RiskRating" Value="Critical"/> 
  <P Name="Description" Value="This critical security update resolves three privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerability with the most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/> 
  <P Name="UpdateType" Value="Windows Update"/> 
  <P Name="URL" Value="http://www.microsoft.com/technet/security"/> 
  <P Name="Unknown1" Value=""/> 
  <P Name="Unknown2" Value=""/> 
  </MSG>
<MSG Type="VAC_VulnerabilityInfo">
  <P Name="VulnerabilityID" Value="20070058"/> 
  <P Name="VulnerabilityName" Value="MS07-058"/> 
  <P Name="CVEID" Value="CVE-2007-2228"/> 
  <P Name="MalwareName" Value=""/> 
  <P Name="MalwareRiskRating" Value=""/> 
  <P Name="VulnerabilityTitle" Value="Vulnerability in RPC Could Allow Denial of Service (933729)"/> 
  <P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows Server 2003 Service Pack 1 ;Microsoft Windows Server 2003 Service Pack 2 ;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems ;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems ;Microsoft Windows Server 2003 x64 Edition ;Microsoft Windows Server 2003 x64 Edition Service Pack 2 ;Microsoft Windows XP Professional x64 Edition ;Microsoft Windows XP Service Pack 2 ;Windows Vista ;Windows Vista x64 Edition"/> 
  <P Name="RiskRating" Value="Important"/> 
  <P Name="Description" Value="This update resolves a privately reported vulnerability. A denial of service vulnerability exists in the remote procedure call (RPC) facility due to a failure in communicating with the NTLM security provider when performing authentication of RPC requests."/> 
  <P Name="UpdateType" Value="Windows Update"/> 
  <P Name="URL" Value="http://www.microsoft.com/technet/security"/> 
  <P Name="Unknown1" Value=""/> 
  <P Name="Unknown2" Value=""/> 
  </MSG>
<MSG Type="VAC_VulnerabilityInfo">
  <P Name="VulnerabilityID" Value="20070059"/> 
  <P Name="VulnerabilityName" Value="MS07-059"/> 
  <P Name="CVEID" Value="CVE-2007-2581"/> 
  <P Name="MalwareName" Value=""/> 
  <P Name="MalwareRiskRating" Value=""/> 
  <P Name="VulnerabilityTitle" Value="Vulnerability in Windows SharePoint Services 3.0 and Office SharePoint Server 2007 Could Result in Elevation of Privilege Within the SharePoint Site (942017)"/> 
  <P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 Service Pack 1 ;Microsoft Windows Server 2003 Service Pack 2 ;Microsoft Windows Server 2003 x64 Edition ;Microsoft Windows Server 2003 x64 Edition Service Pack 2 ;Microsoft Windows SharePoint Services for Windows Server 2003"/> 
  <P Name="RiskRating" Value="Important"/> 
  <P Name="Description" Value="This security update resolves a publicly reported vulnerability in Microsoft Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007. The vulnerability could allow an attacker to run arbitrary script that could result in elevation of privilege within the SharePoint site, as opposed to elevation of privilege within the workstation or server environment. The vulnerability could also allow an attacker to run arbitrary script to modify a user’s cache, resulting in information disclosure at the workstation."/> 
  <P Name="UpdateType" Value="Windows Update"/> 
  <P Name="URL" Value="http://www.microsoft.com/technet/security"/> 
  <P Name="Unknown1" Value=""/> 
  <P Name="Unknown2" Value=""/> 
  </MSG>
<MSG Type="VAC_VulnerabilityInfo">
  <P Name="VulnerabilityID" Value="20070060"/> 
  <P Name="VulnerabilityName" Value="MS07-060"/> 
  <P Name="CVEID" Value="CVE-2007-3899"/> 
  <P Name="MalwareName" Value=""/> 
  <P Name="MalwareRiskRating" Value=""/> 
  <P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Word Could Allow Remote Code Execution (942695)"/> 
  <P Name="AffectedSoftware" Value="Microsoft Word 2000 ;Microsoft Word 2002"/> 
  <P Name="RiskRating" Value="Important"/> 
  <P Name="Description" Value="This security update resolves a privately reported vulnerability in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file with a malformed string. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/> 
  <P Name="UpdateType" Value="Windows Update"/> 
  <P Name="URL" Value="http://www.microsoft.com/technet/security"/> 
  <P Name="Unknown1" Value=""/> 
  <P Name="Unknown2" Value=""/> 
  </MSG>   
<MSG Type="VAC_VulnerabilityInfo">
	<P Name="VulnerabilityID" Value="20070061"/>
	<P Name="VulnerabilityName" Value="MS07-061"/>
	<P Name="CVEID" Value="CVE-2007-3896"/>
	<P Name="MalwareName" Value=""/>
	<P Name="MalwareRiskRating" Value=""/>
	<P Name="VulnerabilityTitle" Value="Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460)"/>
	<P Name="AffectedSoftware" Value=""/>
	<P Name="RiskRating" Value="Critical"/>
	<P Name="Description" Value="This vulnerability allows remote code execution through the handling of crafted Uniform Resource Identifiers (URI) that are passed to the Windows shell. The inclusion of a specially crafted URI by an attacker in an application or attachment can exploit this vulnerability and potentially allow remote code execution. This allows a malicious user to have total control of the affected system and execute commands such as: install programs, create new accounts with full user rights, as well as have full control over all data."/>
	<P Name="UpdateType" Value="Windows Update"/>
	<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin"/>
	<P Name="Unknown1" Value=""/>
	<P Name="Unknown2" Value=""/>
</MSG>
<MSG Type="VAC_VulnerabilityInfo">
	<P Name="VulnerabilityID" Value="20070062"/>
	<P Name="VulnerabilityName" Value="MS07-062"/>
	<P Name="CVEID" Value="CVE-2007-3898"/>
	<P Name="MalwareName" Value=""/>
	<P Name="MalwareRiskRating" Value=""/>
	<P Name="VulnerabilityTitle" Value="Vulnerability in DNS Could Allow Spoofing (941672)"/>
	<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2"/>
	<P Name="RiskRating" Value="Important"/>
	<P Name="Description" Value="This vulnerability in Windows DNS servers allows a malicious user to send to responses to DNS requests therefore redirecting the Internet traffic. When exploited, this allows a malicious user to spoof a legitimate Web site."/>
	<P Name="UpdateType" Value="Windows Update"/>
	<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin"/>
	<P Name="Unknown1" Value=""/>
	<P Name="Unknown2" Value=""/>
</MSG>
<MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070063"/>
<P Name="VulnerabilityName" Value="MS07-063"/>
<P Name="CVEID" Value="CVE-2007-5351"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in SMBv2 Could Allow Remote Code Execution (942624)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves a privately reported vulnerability in Server Message Block Version 2 (SMBv2). The vulnerability could allow an attacker to tamper with data transferred via SMBv2, which could allow remote code execution in domain configurations communicating with SMBv2."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/MS07-063.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070064"/>
<P Name="VulnerabilityName" Value="MS07-064"/>
<P Name="CVEID" Value="CVE-2007-3901; CVE-2007-3895"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in DirectX Could Allow Remote Code Execution (941568)"/>
<P Name="AffectedSoftware" Value="Microsoft DirectX 10.0 (Windows Vista x64 Edition);Microsoft DirectX 10.0 (Windows Vista);Microsoft DirectX 7.0 (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 8.1 (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 9.0c (Microsoft Windows 2000 Service Pack 4);Microsoft DirectX 9.0c (Windows Server 2003 Service Pack1 and Windows Server 2003 Service Pack 2);Microsoft DirectX 9.0c (Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems);Microsoft DirectX 9.0c (Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2);Microsoft DirectX 9.0c (Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2);Microsoft DirectX 9.0c (Windows XP Service Pack 2)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This critical security update resolves two privately reported vulnerabilities in Microsoft DirectX. These vulnerabilities could allow code execution if a user opened a specially crafted file used for streaming media in DirectX. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/MS07-064.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070065"/>
<P Name="VulnerabilityName" Value="MS07-065"/>
<P Name="CVEID" Value="CVE-2007-3039"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Message Queuing Could Allow Remote Code Execution (937894)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Professional SP4;Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This important security update resolves a privately reported vulnerability in Message Queuing Service (MSMQ) that could allow remote code execution in implementations on Microsoft Windows 2000 Server, or elevation of privilege in implementations on Microsoft Windows 2000 Professional and Windows XP. An attacker must have valid logon credentials to exploit this vulnerability. An attacker could then install programs; view, change, or delete data; or create new accounts."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/MS07-065.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070066"/>
<P Name="VulnerabilityName" Value="MS07-066"/>
<P Name="CVEID" Value="CVE-2007-5350"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Kernel Could Allow Elevation of Privilege (943078)"/>
<P Name="AffectedSoftware" Value="Windows Vista;Windows Vista x64 Edition"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This important security update resolves a privately reported vulnerability in the Windows kernel. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/MS07-066.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070067"/>
<P Name="VulnerabilityName" Value="MS07-067"/>
<P Name="CVEID" Value="CVE-2007-5587"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves one publicly disclosed vulnerability. A local elevation of privilege vulnerability exists in the way that the Macrovision driver incorrectly handles configuration parameters. An attacker who successfully exploited this vulnerability could take complete control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/MS07-067.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070068"/>
<P Name="VulnerabilityName" Value="MS07-068"/>
<P Name="CVEID" Value="CVE-2007-0064"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275)"/>
<P Name="AffectedSoftware" Value="Windows Media Format Runtime 11 (Windows Vista x64 Edition);Windows Media Format Runtime 11 (Windows Vista);Windows Media Format Runtime 11 (Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2);Windows Media Format Runtime 11 (Windows XP Service Pack 2);Windows Media Format Runtime 7.1 (Microsoft Windows 2000 Service Pack 4);Windows Media Format Runtime 9 (Windows 2000 Service Pack 4);Windows Media Format Runtime 9 (Windows XP Service Pack 2);Windows Media Format Runtime 9.5 (Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2);Windows Media Format Runtime 9.5 (Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2);Windows Media Format Runtime 9.5 (Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2);Windows Media Format Runtime 9.5 (Windows XP Service Pack 2);Windows Media Format Runtime 9.5 x64 Edition (Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2);Windows Media Format Runtime 9.5 x64 Edition (Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2);Windows Media Services 9.1 (Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2);Windows Media Services 9.1 (Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="A remote code execution vulnerability exists in Windows Media Format Runtime due to the way it handles Advanced Systems Format (ASF) files. In client applications, such as Windows Media Player, an attacker could exploit the vulnerability by constructing specially crafted Windows Media Format Runtime content that could potentially allow remote code execution if a user visits a specially crafted Web site or opens an e-mail message with specially crafted content. In server applications, such as Windows Media Services, an attacker could exploit the vulnerability by constructing specially crafted Windows Media Format Runtime content that could potentially allow remote code execution if the server processes the specially crafted content. In client and server applications, an attacker who successfully exploited this vulnerability could take complete control of an affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/MS07-068.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20070069"/>
<P Name="VulnerabilityName" Value="MS07-069"/>
<P Name="CVEID" Value="CVE-2007-3902; CVE-2007-3903; CVE-2007-5344; CVE-2007-5347"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (942615)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 Service Pack 2);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition Service Pack 2);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition Service Pack 2);Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows XP Service Pack 2);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 Service Pack 2);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition Service Pack 2);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition);Microsoft Internet Explorer 7 (Microsoft Windows Vista x64 Edition);Microsoft Internet Explorer 7 (Microsoft Windows Vista);Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition Service Pack 2);Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 7 (Microsoft Windows XP Service Pack 2)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This critical security update resolves four privately reported vulnerabilities, which could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The security update addresses these vulnerabilities by modifying the way that Internet Explorer handles access to freed memory."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/MS07-069.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080001"/>
<P Name="VulnerabilityName" Value="MS08-001"/>
<P Name="CVEID" Value="CVE-2007-0069; CVE-2007-0066 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (941644)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows Server 2003 Service Pack 1 ;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems ;Microsoft Windows Server 2003 x64 Edition ;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Windows Vista;Windows Vista x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This critical security update resolves two privately reported vulnerabilities in Transmission Control Protocol/Internet Protocol (TCP/IP) processing. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080002"/>
<P Name="VulnerabilityName" Value="MS08-002"/>
<P Name="CVEID" Value="CVE-2007-5352"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in LSASS Could Allow Local Elevation of Privilege (943485)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition ;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This important update resolves a privately reported vulnerability in Microsoft Windows Local Security Authority Subsystem Service (LSASS). The vulnerability could allow an attacker to run arbitrary code with elevated privileges. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080003"/>
<P Name="VulnerabilityName" Value="MS08-003"/>
<P Name="CVEID" Value="CVE-2008-0088"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Active Directory Could Allow Denial of Service (946538)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4 ;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition ;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional SP2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This important update resolves a vulnerability in implementations of Active Directory on Microsoft Windows 2000 Server and Windows Server 2003 and Active Directory Application Mode (ADAM), which may allow a denial of service condition."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080004"/>
<P Name="VulnerabilityName" Value="MS08-004"/>
<P Name="CVEID" Value="CVE-2008-0084"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456)"/>
<P Name="AffectedSoftware" Value="Windows Vista ;Windows Vista x64 Edition "/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This important update resolves a vulnerability in the way that the TCP/IP stack handles packets received from DHCP servers, that allows a user to execte Denial-of-Service (DoS) attacks on the affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080005"/>
<P Name="VulnerabilityName" Value="MS08-005"/>
<P Name="CVEID" Value="CVE-2008-0074 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2 ;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows XP Professional SP2 ;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Windows Vista;Windows Vista x64 Edition"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This important update resolves a vulnerability in the Internet Information Services that allows an unauthorized user to execute arbitrary code in the context of an affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080006"/>
<P Name="VulnerabilityName" Value="MS08-006"/>
<P Name="CVEID" Value="CVE-2008-0075"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Internet Information Services Could Allow Remote Code Execution (942830)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional SP2 ;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This important update resolves a vulnerability in the Internet Information Services relating to ASP pages. When exploited, it allows an unauthorized user to perform actions on the IIS server with the same rights as the Worker Process Identity."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080007"/>
<P Name="VulnerabilityName" Value="MS08-007"/>
<P Name="CVEID" Value="CVE-2008-0080"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 Service Pack 1 ;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Windows Vista;Windows Vista x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This critical update resolves a vulnerability that may allow remote code execution through Web Distributed Authoring and Versioning (WebDAV)."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080008"/>
<P Name="VulnerabilityName" Value="MS08-008"/>
<P Name="CVEID" Value="CVE-2007-0065 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in OLE Automation Could Allow Remote Code Execution (947890)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2004 for Mac ;Microsoft Visual Basic 6.0 Service Pack 6 (KB924053);Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition Service Pack 1;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Windows Vista;Windows Vista x64 Edition"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This critical update resolves a vulnerability that may allow remote code execution due to specially crafted script requests that cause memory corruption when using OLE Automation."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080009"/>
<P Name="VulnerabilityName" Value="MS08-009"/>
<P Name="CVEID" Value="CVE-2008-0109 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Word Could Allow Remote Code Execution (947077) "/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3 ;Microsoft Office 2003 Service Pack 2;Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This critical update resolves a remote code execution vulnerability caused by a memory calculation error when parsing a specially crafted Word file."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080010"/>
<P Name="VulnerabilityName" Value="MS08-010"/>
<P Name="CVEID" Value="CVE-2008-0076;CVE-2008-0077;CVE-2008-0078;CVE-2007-4790 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (944533)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 6 (Microsoft Windows XP Service Pack 2);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 6.0 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition Service Pack 2);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 x64 Edition);Microsoft Internet Explorer 7 (Microsoft Windows Vista x64 Edition);Microsoft Internet Explorer 7 (Microsoft Windows Vista);Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition Service Pack 2);Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 7 (Microsoft Windows XP Service Pack 2)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This critical update resolves four memory corruption vulnerabbilities in several versions of Internet Explorer. When successfully exploited, it may allow remote code execution on affected systems."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080011"/>
<P Name="VulnerabilityName" Value="MS08-011"/>
<P Name="CVEID" Value="CVE-2007-0216;CVE-2008-0105;CVE-2008-0108"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3 ;Microsoft Office 2003 Service Pack 2;Microsoft Works 8.0;Microsoft Works Suite 2005"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security advisory resolves three privately reported vulnerabilities in Microsoft Works File Converter. Once exploited, it allows a remote user to control the affected system."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080012"/>
<P Name="VulnerabilityName" Value="MS08-012"/>
<P Name="CVEID" Value="CVE-2008-0102;CVE-2008-0104"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution (947085)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3 ;Microsoft Office 2003 Service Pack 2;Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves two vulnerabilities in Microsoft Office Publisher that allows remote code execution if a user opens a specially crafted Publisher file."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080013"/>
<P Name="VulnerabilityName" Value="MS08-013"/>
<P Name="CVEID" Value="CVE-2008-0103"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Office Could Allow Remote Code Execution (947108)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2;Microsoft Office 2004 for Mac;Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves a vulnerability in Microsoft Office that allows remote code execution if a user opens a specially crafted Microsoft Office file with a malformed object inserted into the document."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080014"/>
<P Name="VulnerabilityName" Value="MS08-014"/>
<P Name="CVEID" Value="CVE-2008-0111, CVE-2008-0112, CVE-2008-0114, CVE-2008-0115, CVE-2008-0116, CVE-2008-0117, CVE-2008-0081 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2;Microsoft Office 2004 for Mac;Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats;Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. A remote malicious user who successfully exploits these vulnerabilities can take complete control of an affected system. The said malicious user could then install programs; view, change, or delete data; or create new accounts with full user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-014.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080015"/>
<P Name="VulnerabilityName" Value="MS08-015"/>
<P Name="CVEID" Value="CVE-2008-0110"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (949031)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2;Microsoft Office 2007;Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves a vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-015.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080016"/>
<P Name="VulnerabilityName" Value="MS08-016"/>
<P Name="CVEID" Value="CVE-2008-0113, CVE-2008-0118"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949030)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office 2004 for Mac;Microsoft Office XP Service Pack 2;Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves two vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file.  A remote malicious user who successfully exploits this vulnerability can take complete control of an affected system. The said malicious user could then install programs; view, change, or delete data; or create new accounts with full user rights. Users with accounts configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-016.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080017"/>
<P Name="VulnerabilityName" Value="MS08-017"/>
<P Name="CVEID" Value="CVE-2006-4695, CVE-2007-1201 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103) "/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This critical security advisory resolves two vulnerabilities in Microsoft Office Web Components. These said vulnerabilities could allow remote code execution if a user views a specially crafted Web page.  A remote malicious user who successfully exploits this vulnerability can take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users with accounts configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-017.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080018"/>
<P Name="VulnerabilityName" Value="MS08-018"/>
<P Name="CVEID" Value="CVE-2008-1088"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)"/>
<P Name="AffectedSoftware" Value="Microsoft Project 2000 Service Release 1;Microsoft Project 2002 Service Pack 1;Microsoft Project 2003 Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves a known issue Microsoft Office Project that allows remote code execution if a user opens a specially crafted Project file.  Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/Bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080019"/>
<P Name="VulnerabilityName" Value="MS08-019"/>
<P Name="CVEID" Value="CVE-2008-1089; CVE-2008-1090"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2003 Service Pack 2;Microsoft Visio 2002 Service Pack 2 (Microsoft Office XP Service Pack 2);Microsoft Visio 2003 Service Pack 2 (Microsoft Office 2003 Service Pack 2);Microsoft Visio 2003 Service Pack 3 (Microsoft Office 2003 Service Pack 3);Microsoft Visio 2007 (2007 Microsoft Office System);Microsoft Visio 2007 Service Pack 1 (2007 Microsoft Office System Service Pack 1)"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security advisory resolves two vulnerabilities in Microsoft Office Visio that allows remote code execution if a user opens a specially crafted Visio file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/Bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080020"/>
<P Name="VulnerabilityName" Value="MS08-020"/>
<P Name="CVEID" Value="CVE-2008-0087"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in DNS Client Could Allow Spoofing (945553)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows XP Service Pack 2;Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2;Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems;Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2;Windows Vista;Windows Vista x64 Edition;Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security advisory resolves a vulnerability in Windows DNS clients that allows spoofing or ridirecting of Internet traffic from legitimate sites. This is done by allowing remote users to send specially crafted responses to DNS requests."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/Bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080021"/>
<P Name="VulnerabilityName" Value="MS08-021"/>
<P Name="CVEID" Value="CVE-2008-1083; CVE-2008-1087"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in GDI Could Allow Remote Code Execution (948590)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows XP Service Pack 2;Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2;Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems;Windows Server 2008 for x64-based Systems;Windows Vista;Windows Vista Service Pack 1;Windows Vista x64 Edition;Windows Vista x64 Edition Service Pack 1;Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves two vulnerabilities in GID that allows remote code execution if a user opens a specially crafted EMF or WMF image file. A malicious user who successfully exploits these vulnerabilities could install programs, or view, change, or delete data, or even create new accounts with full user rights.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/Bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080022"/>
<P Name="VulnerabilityName" Value="MS08-022"/>
<P Name="CVEID" Value="CVE-2008-0083"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)"/>
<P Name="AffectedSoftware" Value="VBScript 5.1 and JScript 5.1 (Microsoft Windows 2000 Service Pack 4);VBScript 5.6 and JScript 5.6 (Microsoft Windows 2000 Service Pack 4);VBScript 5.6 and JScript 5.6 (Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2);VBScript 5.6 and JScript 5.6 (Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium based Systems);VBScript 5.6 and JScript 5.6 (Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2);VBScript 5.6 and JScript 5.6 (Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2);VBScript 5.6 and JScript 5.6 (Windows XP Service Pack 2)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves a vulnerability in the VBScript and JScript scripting engines in Windows that gives malicious users complete control of an affected system. The said malicious user could then install programs, or view, change, or delete data, or even create new accounts with full user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/Bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080023"/>
<P Name="VulnerabilityName" Value="MS08-023"/>
<P Name="CVEID" Value="CVE-2008-1086"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Security Update of ActiveX Kill Bits (948881)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems;Windows Server 2008 for x64-based Systems;Windows Vista;Windows Vista Service Pack 1;Windows Vista x64 Edition;Windows Vista x64 Edition Service Pack 1"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves a vulnerability in a Microsoft profuct that allows remote code execution if a user opens a specially crafted Web page file using Internet Explorer. This advisory also includes a kill bit for Yahoo! Music Jukebox."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/Bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080024"/>
<P Name="VulnerabilityName" Value="MS08-024"/>
<P Name="CVEID" Value="CVE-2008-1085"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (947864)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4);Microsoft Internet Explorer 6 (Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 6 (Windows Server 2003 Service Pack 2);Microsoft Internet Explorer 6 (Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 6 (Windows Server 2003 with SP2 for Itanium-based Systems);Microsoft Internet Explorer 6 (Windows Server 2003 x64 Edition Service Pack 2);Microsoft Internet Explorer 6 (Windows Server 2003 x64 Edition);Microsoft Internet Explorer 6 (Windows XP Professional x64 Edition Service Pack 2);Microsoft Internet Explorer 6 (Windows XP Professional x64 Edition);Microsoft Internet Explorer 6 (Windows XP Service Pack 2);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Windows Internet Explorer 7 (Windows Server 2003 Service Pack 1);Windows Internet Explorer 7 (Windows Server 2003 Service Pack 2);Windows Internet Explorer 7 (Windows Server 2003 with SP1 for Itanium-based Systems);Windows Internet Explorer 7 (Windows Server 2003 with SP2 for Itanium-based Systems);Windows Internet Explorer 7 (Windows Server 2003 x64 Edition Service Pack 2);Windows Internet Explorer 7 (Windows Server 2003 x64 Edition);Windows Internet Explorer 7 (Windows Server 2008 for 32-bit Systems);Windows Internet Explorer 7 (Windows Server 2008 for Itanium-based Systems);Windows Internet Explorer 7 (Windows Server 2008 for x64-based Systems);Windows Internet Explorer 7 (Windows Vista Service Pack 1);Windows Internet Explorer 7 (Windows Vista x64 Edition Service Pack 1);Windows Internet Explorer 7 (Windows Vista x64 Edition);Windows Internet Explorer 7 (Windows Vista);Windows Internet Explorer 7 (Windows XP Professional x64 Edition Service Pack 2);Windows Internet Explorer 7 (Windows XP Professional x64 Edition);Windows Internet Explorer 7 (Windows XP Service Pack 2)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security advisory resolves a vulnerability in Windows that allows remote code execution if a user opens a specially crafted Web page files using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/Bulletin/MS08-024.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080025"/>
<P Name="VulnerabilityName" Value="MS08-025"/>
<P Name="CVEID" Value="CVE-2008-1084"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems;Windows Server 2008 for x64-based Systems;Windows Vista;Windows Vista Service Pack 1;Windows Vista x64 Edition;Windows Vista x64 Edition Service Pack 1"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security advisory resolves a vulnerability in the Windows kernel that allows a malicious user to take complete control of an affected system. The said malicious user could then install programs, or view, change, or delete data, or even create new accounts with full user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/Bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080026"/>
<P Name="VulnerabilityName" Value="MS08-026"/>
<P Name="CVEID" Value="CVE-2008-1434; CVE-2008-1091"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)"/>
<P Name="AffectedSoftware" Value="2007 Microsoft Office System;Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2;Microsoft Office 2004 for Mac;Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats;Microsoft Office XP Service Pack 3;Microsoft Word Viewer 2003"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves several privately reported vulnerabilities in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080027"/>
<P Name="VulnerabilityName" Value="MS08-027"/>
<P Name="CVEID" Value="CVE-2008-0119"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)"/>
<P Name="AffectedSoftware" Value="2007 Microsoft Office System;Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2;Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves a privately reported vulnerability in Microsoft Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. "/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080028"/>
<P Name="VulnerabilityName" Value="MS08-028"/>
<P Name="CVEID" Value="CVE-2007-6026"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Service Pack 2;Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves a security vulnerability in the Microsoft Jet Database Engine (Jet) in Windows. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/Bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080029"/>
<P Name="VulnerabilityName" Value="MS08-029"/>
<P Name="CVEID" Value="CVE-2008-1437; CVE-2008-1438"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)"/>
<P Name="AffectedSoftware" Value="Microsoft Antigen for Exchange 9.x;Microsoft Antigen for SMTP Gateway 9.x;Microsoft Forefront Security for SharePoint;Microsoft Windows Defender;Windows Live OneCare"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="This security update resolves two privately reported vulnerabilities in the Microsoft Malware Protection Engine. An attacker who successfully exploited either vulnerability could cause the Microsoft Malware Protection Engine to stop responding and automatically restart."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/Bulletin"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080030"/>
<P Name="VulnerabilityName" Value="MS08-030"/>
<P Name="CVEID" Value="CVE-2008-1453"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)"/>
<P Name="AffectedSoftware" Value="Windows Vista ;Windows Vista Service Pack 1;Windows Vista x64 Edition;Windows Vista x64 Edition Service Pack 1;Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2;Windows XP Service Pack 2"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update addresses a vulnerability in the Bluetooth stack in Windows that could allow remote code execution. Upon successful exploit, an unauthorized user is granted complete control of an affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080031"/>
<P Name="VulnerabilityName" Value="MS08-031"/>
<P Name="CVEID" Value="CVE-2008-1442; CVE-2008-1544"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (950759)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4 ;Microsoft Internet Explorer 6 (Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 6 (Windows Server 2003 Service Pack 2);Microsoft Internet Explorer 6 (Windows Server 2003 with SP1 for Itanium-based Systems) ;Microsoft Internet Explorer 6 (Windows Server 2003 with SP2 for Itanium-based Systems);Microsoft Internet Explorer 6 (Windows Server 2003 x64 Edition Service Pack 2);Microsoft Internet Explorer 6 (Windows Server 2003 x64 Edition);Microsoft Internet Explorer 6 (Windows XP Professional x64 Edition Service Pack 2);Microsoft Internet Explorer 6 (Windows XP Professional x64 Edition);Microsoft Internet Explorer 6 (Windows XP Service Pack 2);Microsoft Internet Explorer 6 (Windows XP Service Pack 3);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Windows Internet Explorer 7 (Windows Server 2003 Service Pack 1);Windows Internet Explorer 7 (Windows Server 2003 Service Pack 2);Windows Internet Explorer 7 (Windows Server 2003 with SP1 for Itanium-based Systems);Windows Internet Explorer 7 (Windows Server 2003 with SP2 for Itanium-based Systems);Windows Internet Explorer 7 (Windows Server 2003 x64 Edition Service Pack 2);Windows Internet Explorer 7 (Windows Server 2003 x64 Edition);Windows Internet Explorer 7 (Windows Server 2008 for 32-bit Systems);Windows Internet Explorer 7 (Windows Server 2008 for Itanium-based Systems);Windows Internet Explorer 7 (Windows Server 2008 for x64-based Systems);Windows Internet Explorer 7 (Windows Vista Service Pack 1);Windows Internet Explorer 7 (Windows Vista x64 Edition Service Pack 1);Windows Internet Explorer 7 (Windows Vista x64 Edition);Windows Internet Explorer 7 (Windows Vista;Windows Internet Explorer 7 (Windows XP Professional x64 Edition Service Pack 2);Windows Internet Explorer 7 (Windows XP Professional x64 Edition);Windows Internet Explorer 7 (Windows XP Service Pack 2);Windows Internet Explorer 7 (Windows XP Service Pack 3)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update solves the following vulnerabilities in certain versions of Internet Explorer. Both vulnerabilities, when exploited, could gain the same user rights as the user currently logged-on."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080032"/>
<P Name="VulnerabilityName" Value="MS08-032"/>
<P Name="CVEID" Value="CVE-2007-0675"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update of ActiveX Kill Bits (950760)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Service Pack 3;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems;Windows Server 2008 for x64-based Systems;Windows Vista;Windows Vista Service Pack 1;Windows Vista x64 Edition;Windows Vista x64 Edition Service Pack 1"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="This update solves the vulnerability that exists in the Speech Components DLL file. The said vulnerability could allow an attacker to execute codes remotely. To successfully exploit this vulnerability, the affected machine must have the Speech Recognition feature enabled."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080033"/>
<P Name="VulnerabilityName" Value="MS08-033"/>
<P Name="CVEID" Value="CVE-2008-0011; CVE-2008-1444"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 with DirectX 7.0;Microsoft Windows 2000 Service Pack 4 with DirectX 8.1 ;Microsoft Windows 2000 Service Pack 4 with DirectX 9.0;Microsoft Windows 2000 Service Pack 4 with DirectX 9.0b;Microsoft Windows 2000 Service Pack 4 with DirectX 9.0c;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Service Pack 3;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems;Windows Server 2008 for x64-based Systems;Windows Vista;Windows Vista Service Pack 1;Windows Vista x64 Edition;Windows Vista x64 Edition Service Pack 1"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update solves remote code execution vulnerabilities found in Windows MJPEG Codec Decoder and DirectX SAMI Format Parser. Both vulnerabilities are exploited when a user opens or executes a specially-crafted file that is meant to be opened by the aforementioned components."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080034"/>
<P Name="VulnerabilityName" Value="MS08-034"/>
<P Name="CVEID" Value="CVE-2008-1451"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in WINS Could Allow Elevation of Privilege (948745)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 2;Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="A vulnerability in the Windows Internet Name Service (WINS) exists in the way that it validates data structures found in specially-crafted WINS network packets. When successfully exploited, an attacker could elevate privileges on the affected computer."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080035"/>
<P Name="VulnerabilityName" Value="MS08-035"/>
<P Name="CVEID" Value="CVE-2008-1445"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Active Directory Could Allow Denial of Service (953235)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Server Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional SP2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for x64-based Systems"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="A vulnerability in the Active Directory exists on certain Windows platforms. The said vulnerability is due to insufficient validation on specially-crafted LDAP requests."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080036"/>
<P Name="VulnerabilityName" Value="MS08-036"/>
<P Name="CVEID" Value="CVE-2008-1440; CVE-2008-1441"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Service Pack 3;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems ;Windows Server 2008 for x64-based Systems;Windows Vista;Windows Vista Service Pack 1;Windows Vista x64 Edition;Windows Vista x64 Edition Service Pack 1"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update solves the vulnerabilities found in PGM Invalid Length and PGM Malformed Fragment. When successfully exploited, these vulnerabilities could render the affected computer to become non-responsive."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080037"/>
<P Name="VulnerabilityName" Value="MS08-037"/>
<P Name="CVEID" Value="CVE-2008-1447;CVE-2008-1454 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in DNS Could Allow Spoofing (953230)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4 ;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition ;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition ;oft Windows XP Professional x64 Edition Service Pack 2 ;Microsoft Windows XP Service Pack 2 ;Microsoft Windows XP Service Pack 3 ;Windows Server 2008 for 32-bit Systems ;Windows Server 2008 for x64-based Systems "/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update solves the vulnerabilities vulnerabilities that affect both DNS client and DNS server. The said vulnerabilities could allow a remote user to redirect network traffic intended for systems on the Internet to his own systems."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080038"/>
<P Name="VulnerabilityName" Value="MS08-038"/>
<P Name="CVEID" Value="CVE-2008-1435"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)"/>
<P Name="AffectedSoftware" Value="Windows Server 2008 for 32-bit Systems ;Windows Server 2008 for Itanium-based Systems ;Windows Server 2008 for x64-based Systems;Windows Vista;Windows Vista Service Pack 1;Windows Vista x64 Edition;Windows Vista x64 Edition Service Pack 1 "/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update addresses a vulnerability in Windows Explorer which allows remote code execution when a specially crafted saved-search file is opened and saved. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080039"/>
<P Name="VulnerabilityName" Value="MS08-039"/>
<P Name="CVEID" Value="CVE-2008-2247;CVE-2008-2248 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)"/>
<P Name="AffectedSoftware" Value="Microsoft Exchange Server 2003 Service Pack 2 ;Microsoft Exchange Server 2007 ;Microsoft Exchange Server 2007 Service Pack 1"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security update resolves vulnerabilities in Outlook Web Access (OWA) for Microsoft Exchange Server which may allow an attacker to gain access to an individual OWA client’s session data, allowing elevation of privilege."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080040"/>
<P Name="VulnerabilityName" Value="MS08-040"/>
<P Name="CVEID" Value="CVE-2008-0085;CVE-2008-0086;CVE-2008-0107;CVE-2008-0106 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)"/>
<P Name="AffectedSoftware" Value="Microsoft Data Engine (MSDE) 1.0 Service Pack 4;Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) Service Pack 4;Microsoft SQL Server 2000 Desktop Engine (WMSDE);Microsoft SQL Server 2000 Itanium-based Edition Service Pack 4;Microsoft SQL Server 2000 Service Pack 4;Microsoft SQL Server 2005 Express Edition Service Pack 2;Microsoft SQL Server 2005 Express Edition with Advanced Services Service Pack 2;Microsoft SQL Server 2005 with SP2 for Itanium-based Systems;Microsoft SQL Server 2005 x64 Edition Service Pack 2;Microsoft SQL Server 7.0 Service Pack 4;Windows Internal Database (WYukon) Service Pack 2;Windows Internal Database (WYukon) x64 Edition Service Pack 2"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security update fixes four reported vulnerabilities by modification of the way that SQL Server manages certain items. An authenticated attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080041"/>
<P Name="VulnerabilityName" Value="MS08-041"/>
<P Name="CVEID" Value="CVE-2008-2463 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617)"/>
<P Name="AffectedSoftware" Value="Microsoft Access Snapshot Viewer;Microsoft Office 2000 Service Pack 3 ;Microsoft Office 2003 Service Pack 2 ;Microsoft Office XP Service Pack 3 "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This update resolves a vulnerability in the ActiveX control for the Snapshot Viewer for Microsoft Access, which could allow remote code execution, thereby granting the same user rights as the logged-on user."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080042"/>
<P Name="VulnerabilityName" Value="MS08-042"/>
<P Name="CVEID" Value="CVE-2008-2244"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2003 Service Pack 2 ;Microsoft Office 2003 Service Pack 3 ;Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability could allow remote code execution if a user opens a specially crafted MS Word file. Successfull exploitation of this vulnerability could allow an attacker to take complete control of an affected system, that is, install programs; view, change, or delete data; or create new accounts with full user rights."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>  
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080043"/>
<P Name="VulnerabilityName" Value="MS08-043"/>
<P Name="CVEID" Value="CVE-2008-3004; CVE-2008-3005; CVE-2008-3006; CVE-2008-3003 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066)"/>
<P Name="AffectedSoftware" Value="2007 Microsoft Office System ;2007 Microsoft Office System Service Pack 1 ;Microsoft Excel Viewer 2003 ;Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2;Microsoft Office 2003 Service Pack 3;Microsoft Office 2004 for Mac;Microsoft Office 2008 for Mac;Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats ;Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1;Microsoft Office Excel Viewer ;Microsoft Office Excel Viewer 2003 Service Pack 3;Microsoft Office SharePoint Server 2007;Microsoft Office SharePoint Server 2007 Service Pack 1 ;Microsoft Office SharePoint Server 2007 x64 Edition;Microsoft Office SharePoint Server 2007 x64 Edition Service Pack 1;Microsoft Office XP Service Pack 3 "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves vulnerabilities in Microsoft Office Excel which could allow an attacker to take complete control of an affected system through a specially crafted Excel file."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080044"/>
<P Name="VulnerabilityName" Value="MS08-044"/>
<P Name="CVEID" Value="CVE-2008-3019; CVE-2008-3018; CVE-2008-3021; CVE-2008-3020; CVE-2008-3460"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090)"/>
<P Name="AffectedSoftware" Value="Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2;Microsoft Office Converter Pack;Microsoft Office Project 2002 Service Pack 1;Microsoft Office XP Service Pack 3;Microsoft Works 8.0 "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves vulnerabilities which could allow remote code execution if a user viewed a specially crafted image file using Microsoft Office."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080045"/>
<P Name="VulnerabilityName" Value="MS08-045"/>
<P Name="CVEID" Value="CVE-2008-2254; CVE-2008-2255; CVE-2008-2256; CVE-2008-2257; CVE-2008-2258; CVE-2008-2259"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (953838)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems);Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition Service Pack 2) ;Microsoft Internet Explorer 6 (Microsoft Windows Server 2003 x64 Edition);oft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 6 (Microsoft Windows XP Service Pack 2);Microsoft Internet Explorer 6 (Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 6 (Windows Server 2003 Service Pack 2);Microsoft Internet Explorer 6 (Windows XP Professional x64 Edition Service Pack 2);Microsoft Internet Explorer 6 (Windows XP Service Pack 2);Microsoft Internet Explorer 6 (Windows XP Service Pack 3);Microsoft Internet Explorer 6.0 Service Pack 1;Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 Service Pack 2);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 7 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems);Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition Service Pack 2) ;Microsoft Internet Explorer 7 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 7 (Microsoft Windows XP Service Pack 2);Microsoft Internet Explorer 7 (Windows Server 2008 for 32-bit Systems);Microsoft Internet Explorer 7 (Windows Server 2008 for Itanium-based Systems);Microsoft Internet Explorer 7 (Windows Server 2008 for x64-based Systems);Microsoft Internet Explorer 7 (Windows Vista Service Pack 1);Microsoft Internet Explorer 7 (Windows Vista x64 Edition Service Pack 1) ;Microsoft Internet Explorer 7 (Windows Vista x64 Edition) ;Microsoft Internet Explorer 7 (Windows Vista);Microsoft Internet Explorer 7 (Windows XP Service Pack 3)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves vulnerabilities which could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080046"/>
<P Name="VulnerabilityName" Value="MS08-046"/>
<P Name="CVEID" Value="CVE-2008-2245 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2 ;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Service Pack 3"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This vulnerability in the Microsoft Image Color Management (ICM) system could allow remote code execution in the context of the current user. Users configured to have fewer administrative privileges could be less impacted than users who operate with full administrative user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080047"/>
<P Name="VulnerabilityName" Value="MS08-047"/>
<P Name="CVEID" Value="CVE-2008-2246 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)"/>
<P Name="AffectedSoftware" Value="Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems;Windows Server 2008 for x64-based Systems;Windows Vista ;Windows Vista Service Pack 1;Windows Vista x64 Edition ;Windows Vista x64 Edition Service Pack 1 "/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves a vulnerability in the way certain Windows Internet Protocol Security (IPsec) rules are applied, which may cause systems to ignore IPsec policies and transmit network traffic in clear text."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080048"/>
<P Name="VulnerabilityName" Value="MS08-048"/>
<P Name="CVEID" Value="CVE-2008-1448"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Security Update for Outlook Express and Windows Mail (951066)"/>
<P Name="AffectedSoftware" Value="Microsoft Outlook Express 5.5 Service Pack 2;Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 for Itanium-based Systems;Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 Service Pack 1) ;Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 Service Pack 2);Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 x64 Edition Service Pack 2) ;Microsoft Outlook Express 6.0 (Microsoft Windows Server 2003 x64 Edition) ;Microsoft Outlook Express 6.0 (Microsoft Windows XP Professional x64 Edition Service Pack 2) ;Microsoft Outlook Express 6.0 (Microsoft Windows XP Professional x64 Edition);Microsoft Outlook Express 6.0 Service Pack 1;Windows Mail (Microsoft Windows Server 2008 for 32-bit Systems);Windows Mail (Microsoft Windows Server 2008 for Itanium-based Systems) ;Windows Mail (Microsoft Windows Server 2008 for x64-based Systems);Windows Mail (Microsoft Windows Vista Service Pack 1);Windows Mail (Microsoft Windows Vista x64 Edition Service Pack 1);Windows Mail (Windows Vista);Windows Mail (Microsoft Windows Vista x64 Edition)"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security update resolves an Outlook Express and Windows Mail vulnerability which could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080049"/>
<P Name="VulnerabilityName" Value="MS08-049"/>
<P Name="CVEID" Value="CVE-2008-1457; CVE-2008-1456 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Event System Could Allow Remote Code Execution (950974)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems ;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems ;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2 ;Microsoft Windows XP Professional x64 Edition ;Microsoft Windows XP Professional x64 Edition Service Pack 2 ;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Service Pack 3 ;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems ;Windows Server 2008 for x64-based Systems ;Windows Vista ;Windows Vista Service Pack 1 ;Windows Vista x64 Edition ;Windows Vista x64 Edition Service Pack 1 "/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This vulnerability in Microsoft Windows Event System could allow a malicious user who successfully exploits this vulnerability could take complete control of an affected system, and may therefore be able to install programs; view, change, or delete data; or create new accounts with full administrative rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080050"/>
<P Name="VulnerabilityName" Value="MS08-050"/>
<P Name="CVEID" Value="CVE-2008-0082 "/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)"/>
<P Name="AffectedSoftware" Value="Windows Messenger 4.7 (Microsoft Windows Server 2003 Service Pack 1) ;Windows Messenger 4.7 (Microsoft Windows Server 2003 Service Pack 2);Windows Messenger 4.7 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems ;Windows Messenger 4.7 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems) ;Windows Messenger 4.7 (Microsoft Windows Server 2003 x64 Edition Service Pack 2) ;Windows Messenger 4.7 (Microsoft Windows Server 2003 x64 Edition);Windows Messenger 4.7 (Microsoft Windows XP Professional x64 Edition Service Pack 2) ;Windows Messenger 4.7 (Microsoft Windows XP Professional x64 Edition) ;Windows Messenger 4.7 (Microsoft Windows XP Service Pack 2);Windows Messenger 4.7 (Microsoft Windows XP Service Pack 3) ;Windows Messenger 5.1 (Microsoft Windows 2000 Service Pack 4);Windows Messenger 5.1 (Microsoft Windows Server 2003 Service Pack 1) ;Windows Messenger 5.1 (Microsoft Windows Server 2003 Service Pack 2) ;Windows Messenger 5.1 (Microsoft Windows Server 2003 with SP1 for Itanium-based Systems) ;Windows Messenger 5.1 (Microsoft Windows Server 2003 with SP2 for Itanium-based Systems) ;Windows Messenger 5.1 (Microsoft Windows Server 2003 x64 Edition Service Pack 2);Windows Messenger 5.1 (Microsoft Windows Server 2003 x64 Edition) ;Windows Messenger 5.1 (Microsoft Windows XP Professional x64 Edition Service Pack 2) ;Windows Messenger 5.1 (Microsoft Windows XP Professional x64 Edition);Windows Messenger 5.1 (Microsoft Windows XP Service Pack 2) ;Windows Messenger 5.1 (Microsoft Windows XP Service Pack 3) "/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security update addresses a vulnerability in supported versions of Windows Messenger which allows scripting of an ActiveX control that may lead to information disclosure in the context of the logged-on user."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080051"/>
<P Name="VulnerabilityName" Value="MS08-051"/>
<P Name="CVEID" Value="CVE-2008-0120; CVE-2008-0121; CVE-2008-1455"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785)"/>
<P Name="AffectedSoftware" Value="2007 Microsoft Office System ;2007 Microsoft Office System Service Pack 1;Microsoft Office 2000 Service Pack 3;Microsoft Office 2003 Service Pack 2 ;Microsoft Office 2003 Service Pack 3;Microsoft Office 2004 for Mac ;Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats ;Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1 ;Microsoft Office PowerPoint Viewer 2003 ;Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file."/>
<P Name="UpdateType" Value="Office Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080056"/>
<P Name="VulnerabilityName" Value="MS08-056"/>
<P Name="CVEID" Value="CVE-2008-4020"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)"/>
<P Name="AffectedSoftware" Value="Microsoft Office XP Service Pack 3"/>
<P Name="RiskRating" Value="Moderate"/>
<P Name="Description" Value="This vulnerability could allow information disclosure if a user clicks a specially crafted CDO URL. An attacker who successfully exploits this vulnerability could inject a client-side script in the user's browser that could spoof content, disclose information, or take any action that the user could take on the affected Web site. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-056.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080057"/>
<P Name="VulnerabilityName" Value="MS08-057"/>
<P Name="CVEID" Value="CVE-2008-3477; CVE-2008-3471; CVE-2008-4019"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)"/>
<P Name="AffectedSoftware" Value="Microsoft Excel 2000 Service Pack 3 (Microsoft Office 2000 Service Pack 3);Microsoft Excel 2002 Service Pack 3 (Microsoft Office XP Service Pack 3);Microsoft Excel 2003 Service Pack 2 (Microsoft Office 2003 Service Pack 2);Microsoft Excel 2003 Service Pack 3 (Microsoft Office 2003 Service Pack 3);Microsoft Office 2004 for Mac;Microsoft Office 2008 for Mac;Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats;Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1;Microsoft Office Excel 2007 (2007 Microsoft Office System);Microsoft Office Excel 2007 Service Pack 1 (2007 Microsoft Office System Service Pack 1);Microsoft Office Excel Viewer;Microsoft Office Excel Viewer 2003;Microsoft Office Excel Viewer 2003 Service Pack 3;Microsoft Office SharePoint Server 2007;Microsoft Office SharePoint Server 2007 Service Pack 1;Microsoft Office SharePoint Server 2007 x64 Edition;Microsoft Office SharePoint Server 2007 x64 Edition Service Pack 1;Open XML File Format Converter for Mac"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves three vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploits these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-057.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080058"/>
<P Name="VulnerabilityName" Value="MS08-058"/>
<P Name="CVEID" Value="CVE-2008-2947; CVE-2008-3472; CVE-2008-3473; CVE-2008-3474; CVE-2008-3475; CVE-2008-3476"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Cumulative Security Update for Internet Explorer (956390)"/>
<P Name="AffectedSoftware" Value="Microsoft Internet Explorer 5.01 Service Pack 4 (Microsoft Windows 2000 Service Pack 4;Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition Service Pack 2);Microsoft Internet Explorer 6 (Microsoft Windows XP Professional x64 Edition);Microsoft Internet Explorer 6 (Windows Server 2003 Service Pack 1);Microsoft Internet Explorer 6 (Windows Server 2003 Service Pack 2);Microsoft Internet Explorer 6 (Windows Server 2003 with SP1 for Itanium-based Systems);Microsoft Internet Explorer 6 (Windows Server 2003 with SP2 for Itanium-based Systems);Microsoft Internet Explorer 6 (Windows Server 2003 x64 Edition Service Pack 2);Microsoft Internet Explorer 6 (Windows Server 2003 x64 Edition);Microsoft Internet Explorer 6 (Windows XP Service Pack 2);Microsoft Internet Explorer 6 (Windows XP Service Pack 3);Microsoft Internet Explorer 6 Service Pack 1 (Microsoft Windows 2000 Service Pack 4);Windows Internet Explorer 7 (Windows Server 2003 Service Pack 1);Windows Internet Explorer 7 (Windows Server 2003 Service Pack 2);Windows Internet Explorer 7 (Windows Server 2003 with SP1 for Itanium-based Systems);Windows Internet Explorer 7 (Windows Server 2003 with SP2 for Itanium-based Systems);Windows Internet Explorer 7 (Windows Server 2003 x64 Edition Service Pack 2);Windows Internet Explorer 7 (Windows Server 2003 x64 Edition);Windows Internet Explorer 7 (Windows Server 2008 for 32-bit Systems);Windows Internet Explorer 7 (Windows Server 2008 for Itanium-based Systems);Windows Internet Explorer 7 (Windows Server 2008 for x64-based Systems);Windows Internet Explorer 7 (Windows Vista Service Pack 1);Windows Internet Explorer 7 (Windows Vista x64 Edition Service Pack 1);Windows Internet Explorer 7 (Windows Vista x64 Edition);Windows Internet Explorer 7 (Windows Vista);Windows Internet Explorer 7 (Windows XP Professional x64 Edition Service Pack 2);Windows Internet Explorer 7 (Windows XP Professional x64 Edition)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerabilities could allow information disclosure or remote code execution if a user views a specially crafted Web page using Internet Explorer."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-058.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080059"/>
<P Name="VulnerabilityName" Value="MS08-059"/>
<P Name="CVEID" Value="CVE- 2008-3466"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)"/>
<P Name="AffectedSoftware" Value="Microsoft Host Integration Server 2000 Administrator Client;Microsoft Host Integration Server 2000 Service Pack 2 (Server);Microsoft Host Integration Server 2004 (Client);Microsoft Host Integration Server 2004 (Server);Microsoft Host Integration Server 2004 Service Pack 1 (Client);Microsoft Host Integration Server 2004 Service Pack 1 (Server);Microsoft Host Integration Server 2006 for 32-bit systems;Microsoft Host Integration Server 2006 for x64-based systems"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves a vulnerability in Microsoft Host Integration Server. The vulnerability could allow remote code execution if an attacker sent a specially crafted Remote Procedure Call (RPC) request to an affected system. Customers who follow best practices and configure the SNA RPC service account to have fewer user rights on the system could be less impacted than customers who configure the SNA RPC service account to have administrative user rights."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-059.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080060"/>
<P Name="VulnerabilityName" Value="MS08-060"/>
<P Name="CVEID" Value="CVE-2008-4023"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Active Directory Could Allow Remote Code Execution (957280)"/>
<P Name="AffectedSoftware" Value="Active Directory (Microsoft Windows 2000 Server Service Pack 4)"/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves a vulnerability in implementation of Active Directory on Microsoft Windows 2000 Server. It could allow remote code execution if an attacker gains access to an affected network. It only affects Microsoft Windows 2000 servers configured to be domain controllers. If a Microsoft Windows 2000 server has not been promoted to a domain controller, it will not be listening to Lightweight Directory Access Protocol (LDAP) or LDAP over SSL (LDAPS) queries, and will not be exposed to this vulnerability.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-060.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080061"/>
<P Name="VulnerabilityName" Value="MS08-061"/>
<P Name="CVEID" Value="CVE-2008-2250; CVE-2008-2251; CVE-2008-2252"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Service Pack 3;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems;Windows Server 2008 for x64-based Systems;Windows Vista;Windows Vista Service Pack 1;Windows Vista x64 Edition;Windows Vista x64 Edition Service Pack 1"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security update resolves three vulnerabilities in the Windows kernel. A local attacker who successfully exploited these vulnerabilities could take complete control of an affected system. The vulnerabilities could not be exploited remotely or by anonymous users.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-061.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080062"/>
<P Name="VulnerabilityName" Value="MS08-062"/>
<P Name="CVEID" Value="CVE-2008-1446"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Service Pack 3;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems;Windows Server 2008 for x64-based Systems;Windows Vista;Windows Vista Service Pack 1;Windows Vista x64 Edition;Windows Vista x64 Edition Service Pack 1"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This update resolves a vulnerability in the Windows Internet Printing Service that could allow remote code execution in the context of the current user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-062.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080063"/>
<P Name="VulnerabilityName" Value="MS08-063"/>
<P Name="CVEID" Value="CVE-2008-4038"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in SMB Could Allow Remote Code Execution (957095)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Service Pack 3;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems;Windows Server 2008 for x64-based Systems;Windows Vista;Windows Vista Service Pack 1;Windows Vista x64 Edition;Windows Vista x64 Edition Service Pack 1"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security update resolves a vulnerability in Microsoft Server Message Block (SMB) Protocol. The vulnerability could allow remote code execution on a server that is sharing files or folders. An attacker who successfully exploited these vulnerabilities could install programs; view, change, or delete data; or create new accounts with full user rights. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-063.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080064"/>
<P Name="VulnerabilityName" Value="MS08-064"/>
<P Name="CVEID" Value="CVE-2008-4036"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Service Pack 3;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems;Windows Server 2008 for x64-based Systems;Windows Vista;Windows Vista Service Pack 1;Windows Vista x64 Edition;ndows Vista x64 Edition Service Pack 1"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security update resolves a vulnerability in Virtual Address Descriptor. The vulnerability could allow elevation of privilege if a user runs a specially crafted application. An authenticated attacker who successfully exploited this vulnerability could gain elevation of privilege on an affected system."/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-064.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080065"/>
<P Name="VulnerabilityName" Value="MS08-065"/>
<P Name="CVEID" Value="CVE-2008-3479"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security update resolves a vulnerability in the Message Queuing Service (MSMQ) on Microsoft Windows 2000 systems. The vulnerability could allow remote code execution on Microsoft Windows 2000 systems with the MSMQ service enabled. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-065.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080066"/>
<P Name="VulnerabilityName" Value="MS08-066"/>
<P Name="CVEID" Value="CVE-2008-3464"/>
<P Name="MalwareName" Value=""/>
<P Name="MalwareRiskRating" Value=""/>
<P Name="VulnerabilityTitle" Value="Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Service Pack 3"/>
<P Name="RiskRating" Value="Important"/>
<P Name="Description" Value="This security update resolves a vulnerability in the Microsoft Ancillary Function Driver. A local attacker who successfully exploited this vulnerability could take complete control of an affected system.  "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-066.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
   <MSG Type="VAC_VulnerabilityInfo">
<P Name="VulnerabilityID" Value="20080067"/>
<P Name="VulnerabilityName" Value="MS08-067"/>
<P Name="CVEID" Value="CVE-2008-4250"/>
<P Name="MalwareName" Value="WORM_GIMMIV.A;TSPY_GIMMIV.A"/>
<P Name="MalwareRiskRating" Value="High;High"/>
<P Name="VulnerabilityTitle" Value="(MS08-067) Vulnerability in Server Service Could Allow Remote Code Execution (958644)"/>
<P Name="AffectedSoftware" Value="Microsoft Windows 2000 Service Pack 4;Microsoft Windows Server 2003 Service Pack 1;Microsoft Windows Server 2003 Service Pack 2;Microsoft Windows Server 2003 with SP1 for Itanium-based Systems;Microsoft Windows Server 2003 with SP2 for Itanium-based Systems;Microsoft Windows Server 2003 x64 Edition;Microsoft Windows Server 2003 x64 Edition Service Pack 2;Microsoft Windows XP Professional x64 Edition;Microsoft Windows XP Professional x64 Edition Service Pack 2;Microsoft Windows XP Service Pack 2;Microsoft Windows XP Service Pack 3;Windows Server 2008 for 32-bit Systems;Windows Server 2008 for Itanium-based Systems;Windows Server 2008 for x64-based Systems;Windows Vista;Windows Vista Service Pack 1;Windows Vista x64 Edition;Windows Vista x64 Edition Service Pack 1 "/>
<P Name="RiskRating" Value="Critical"/>
<P Name="Description" Value="This security update resolves a privately reported vulnerability in the Server service. This vulnerability could allow remote code execution if an affected system received a specially-crafted RPC request. This vulnerability may be used by malicious users in the crafting of a wormable exploit. "/>
<P Name="UpdateType" Value="Windows Update"/>
<P Name="URL" Value="http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx"/>
<P Name="Unknown1" Value=""/>
<P Name="Unknown2" Value=""/>
</MSG>
</Document>
