File(s)

Download the cumulative Symantec Vulnerability Assessment Release Notes (PDF)

Description

This content update for Symantec Vulnerability Assessment 1.0 detects and reports 20 additional vulnerabilities including three critical new vulnerabilities disclosed by Microsoft on January 13, 2004 (see below).

Vulnerability updates can be downloaded only by using the LiveUpdate feature of Symantec Vulnerability Assessment 1.0.

New Vulnerabilities

Bugtraq ID	Vulnerability name
8207		Microsoft ISA Server Cross-Site Scripting Vulnerabilites
9409		Microsoft Exchange Server 2003 Outlook Web Access Random Mailbox Access Vulnerability
9278		Microsoft Internet Explorer File Download Warning Bypass Vulnerability
9295		Microsoft Internet Explorer HTTP Referer Information Disclosure Vulnerability
9335		Microsoft Internet Explorer Malicious Shortcut Self-Executing HTML Vulnerability
9320		Microsoft Internet Explorer showHelp CHM File Execution Weakness
8565		Microsoft Internet Explorer XML Page Object Type Validation Vulnerability
9408		Microsoft ISA Server 2000 H.323 Filter Remote Buffer Overflow Vulnerability
3198		Microsoft ISA Server Cross-Site Scripting Vulnerability
3501		Microsoft ISA Server Denial of Service Vulnerability
7145		Microsoft ISA Server DNS Intrusion Filter Denial of Service Vulnerability
7623		Microsoft ISA Server Error Page Cross-Site Scripting Vulnerability
3196		Microsoft ISA Server H.323 Memory Leak Denial of Service Vulnerability
3197		Microsoft ISA Server Proxy Service Memory Leak Denial of Service Vulnerability
2600		Microsoft ISA Server Web Proxy DoS Vulnerability
9407		Microsoft MDAC Function Broadcast Response Buffer Overrun Vulnerability
9281		Opera Browser URI Display Obfuscation Weakness
9280		Sun Solaris tcsh ls-F Builtin Unspecified Privilege Escalation Vulnerability
7064		Sun SUNWlldap Library Hostname Buffer Overflow Vulnerability
9383		Yahoo! Messenger File Transfer Buffer Overrun Variant Vulnerability