WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec
June 20, 2006
Symantec ESM 6.5 Network Assessment Security Updates 26.05


Download the cumulative Symantec ESM Network Assessment Release Notes (PDF)


This update for Symantec ESM Network Assessment detects and reports 39 additional vulnerabilities and 160 updated vulnerabilities.

Use the LiveUpdate feature of Symantec ESM Network Assessment to download this security update.

Additional vulnerabilities

Bugtraq ID     Vulnerability name
4849	Microsoft Active Data Objects Buffer Overflow Vulnerability
5372	Microsoft Data Access Components Buffer Overflow Vulnerability
8455	Microsoft Data Access Components ODBC Buffer Overflow Vulnerability
18303	Microsoft DXImageTransform.Microsoft.Light ActiveX Control Remote Code Execution Vulnerability
1869	Microsoft Exchange Server Invalid MIME Header charset
18381	Microsoft Exchange Server Outlook Web Access Script Injection Vulnerability
1476	Microsoft IIS 3.0 .htr Missing Variable Denial of Service Vulnerability
1488	Microsoft IIS 4.0/5.0 Source Fragment Disclosure Vulnerability
3193	Microsoft IIS 5.0 In-Process Table Privelege Elevation Vulnerability
2717	Microsoft IIS FTP Denial of Service Vulnerability
4486	Microsoft IIS HTTP Error Page Cross Site Scripting Vulnerability
4479	Microsoft IIS ISAPI Filter Access Violation Denial of Service Vulnerability
2440	Microsoft IIS Multiple Invalid URL Request DoS Vulnerability
6069	Microsoft IIS Out Of Process Privilege Escalation Vulnerability
3190	Microsoft IIS SSI Buffer Overrun Privelege Elevation Vulnerability
2453	Microsoft IIS WebDAV Denial of Service Vulnerability
17404	Microsoft Internet Explorer Address Bar Spoofing Vulnerability
4411	Microsoft Internet Explorer Cascading Style Sheet File Disclosure Vulnerability
18328	Microsoft Internet Explorer COM Object Instantiation Code Execution Vulnerability Variant
15660	Microsoft Internet Explorer CSS Import Cross-Domain Restriction Bypass Vulnerability
4527	Microsoft Internet Explorer Dialog Same Origin Policy Bypass Vulnerability
18309	Microsoft Internet Explorer HTML Decoding Remote Code Execution Vulnerability
18320	Microsoft Internet Explorer Multipart HTML File Handling Remote Code Execution Vulnerability
18321	Microsoft Internet Explorer Persistent Modal Dialog Window Address Bar Spoofing Vulnerability
3693	Microsoft Internet Explorer Remote File Viewing Vulnerability
17820	Microsoft Internet Explorer Unspecified OBJECT Tag Memory Corruption Variant Vulnerability
654	Microsoft JET/ODBC Patch and RDS Fix Registry Key Vulnerabilities
18359	Microsoft JScript Memory Corruption Vulnerability
9407	Microsoft MDAC Function Broadcast Response Buffer Overrun Vulnerability
18357	Microsoft SMB Driver Local Denial Of Service Vulnerability
18394	Microsoft Windows Malformed ART Image Remote Code Execution Vulnerability
18358	Microsoft Windows Routing and Remote Access RASMAN Registry Remote Code Execution Vulnerability
18325	Microsoft Windows Routing and Remote Access Remote Code Execution Vulnerability
18389	Microsoft Windows RPC Mutual Authentication Service Spoofing Vulnerability
18356	Microsoft Windows SMB Driver Local Privilege Escalation Vulnerability
4205	Microsoft Windows SMTP Service Authorization Bypass Vulnerability
18374	Microsoft Windows TCP/IP Protocol Driver Remote Buffer Overflow Vulnerability
6068	Multiple Microsoft IIS Vulnerabilities
307	NT IIS4 Buffer Overflow Vulnerability

Updated vulnerabilities

Bugtraq ID     Vulnerability name
15067	Microsoft Collaboration Data Objects Remote Buffer Overflow Vulnerability
6214	Microsoft Data Access Components RDS Buffer Overflow Vulnerability
4053	Microsoft Exchange Inappropriate Registry Permissions Vulnerability
924	Microsoft Exchange Server AUTH / XAUTH / AUTHINFO DoS Vulnerabilities
8838	Microsoft Exchange Server Buffer Overflow Vulnerability
17908	Microsoft Exchange Server Calendar Remote Code Execution Vulnerability
13952	Microsoft Exchange Server Outlook Web Access HTML Injection Vulnerability
13118	Microsoft Exchange Server SMTP Extended Verb Buffer Overflow Vulnerability
2463	Microsoft IE Telnet Client File Overwrite Vulnerability
1565	Microsoft IIS 4.0/5.0 File Permission Canonicalization Vulnerability
1191	Microsoft IIS 4.0/5.0 Malformed .htr Request Vulnerability
1193	Microsoft IIS 4.0/5.0 Malformed Filename Request Vulnerability
1578	Microsoft IIS 5.0 Source Disclosure Vulnerability
2674	Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability
3193	Microsoft IIS 5.0 In-Process Table Privelege Elevation Vulnerability
6072	Microsoft IIS Administrative Pages Cross Site Scripting Vulnerabilities
1806	Microsoft IIS and PWS Extended Unicode Directory Traversal Vulnerability
4478	Microsoft IIS ASP Server-Side Include Buffer Overflow Vulnerability
4490	Microsoft IIS Chunked Encoding Heap Overflow Variant Vulnerability
4485	Microsoft IIS Chunked Encoding Transfer Heap Overflow Vulnerability
1912	Microsoft IIS Executable File Parsing Vulnerability
4482	Microsoft IIS FTP Connection Status Request Denial of Service Vulnerability
4855	Microsoft IIS HTR Chunked Encoding Transfer Heap Overflow Vulnerability
4474	Microsoft IIS HTR ISAPI Extension Buffer Overflow Vulnerability
4476	Microsoft IIS HTTP Header Field Delimiter Buffer Overflow Vulnerability
4487	Microsoft IIS HTTP Redirect Cross Site Scripting Vulnerability
3195	Microsoft IIS MIME Header Denial of Service Vulnerability
3190	Microsoft IIS SSI Buffer Overrun Privelege Elevation Vulnerability
2719	Microsoft IIS Various Domain User Account Access Vulnerability
3578	Microsoft Internet Explorer Arbitrary File Execution Vulnerability
3867	Microsoft Internet Explorer Arbitrary Program Execution Vulnerability
9109	Microsoft Internet Explorer BackToFramedJPU Cross-Domain Policy Vulnerability
9663	Microsoft Internet Explorer Bitmap Processing Integer Overflow Vulnerability
8454	Microsoft Internet Explorer BR549.DLL ActiveX Control Buffer Overflow Vulnerability
8556	Microsoft Internet Explorer Browser Popup Window Object Type Validation Vulnerability
14511	Microsoft Internet Explorer COM Object Instantiation Buffer Overflow Vulnerability
15827	Microsoft Internet Explorer COM Object Instantiation Memory Corruption Vulnerability
15061	Microsoft Internet Explorer COM Object Instantiation Variant Vulnerability
4752	Microsoft Internet Explorer Content-Disposition Handling File Execution Vulnerability
4754	Microsoft Internet Explorer Cookie Content Disclosure Vulnerability
3546	Microsoft Internet Explorer Cookie Disclosure Vulnerability
3513	Microsoft Internet Explorer Cookie Disclosure/Modification Vulnerability
17196	Microsoft Internet Explorer CreateTextRange Remote Code Execution Vulnerability
15823	Microsoft Internet Explorer Dialog Manipulation Vulnerability
17454	Microsoft Internet Explorer Double Byte Character Memory Corruption Vulnerability
11377	Microsoft Internet Explorer Double Byte Character Set Handling Address Bar Spoofing Vulnerability
9629	Microsoft Internet Explorer Double-Null URI Denial Of Service Vulnerability
17455	Microsoft Internet Explorer Erroneous IOleClientSite Data Zone Bypass Vulnerability
9015	Microsoft Internet Explorer ExecCommand Cross-Domain Access Violation Vulnerability
9278	Microsoft Internet Explorer File Download Warning Bypass Vulnerability
9014	Microsoft Internet Explorer Function Pointer Override Cross-Domain Access Violation Vulnerability
11367	Microsoft Internet Explorer Heartbeat ActiveX Control Unspecified Vulnerability
3421	Microsoft Internet Explorer HTTP Request Encoding Vulnerability
15825	Microsoft Internet Explorer HTTPS Proxy Information Disclosure Vulnerability
10973	Microsoft Internet Explorer Implicit Drag and Drop File Installation Vulnerability
11366	Microsoft Internet Explorer Install Engine ActiveX Control Buffer Overflow Vulnerability
9106	Microsoft Internet Explorer Invalid ContentType Cache Directory Location Disclosure Weakness
17450	Microsoft Internet Explorer Invalid HTML Parsing Code Execution Vulnerability
9658	Microsoft Internet Explorer ITS Protocol Zone Bypass Vulnerability
14087	Microsoft Internet Explorer Javaprxy.DLL COM Object Instantiation Heap Overflow Vulnerability
10689	Microsoft Internet Explorer JavaScript Method Assignment Cross-Domain Scripting Vulnerability
13799	Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution Vulnerability
14284	Microsoft Internet Explorer JPEG Image Rendering CMP Fencepost Denial Of Service Vulnerability
14285	Microsoft Internet Explorer JPEG Image Rendering Memory Consumption Denial Of Service Vulnerability
14282	Microsoft Internet Explorer JPEG Image Rendering Unspecified Buffer Overflow Vulnerability
14286	Microsoft Internet Explorer JPEG Image Rendering Unspecified Denial Of Service Vulnerability
4392	Microsoft Internet Explorer Known Local File Script Execution Vulnerability
8530	Microsoft Internet Explorer Malformed GIF Double Free Code Execution Vulnerability
9108	Microsoft Internet Explorer Method Caching Mouse Click Event Hijacking Vulnerability
10473	Microsoft Internet Explorer Modal Dialog Zone Bypass Vulnerability
9009	Microsoft Internet Explorer Mouse Click Event Hijacking Vulnerability
9568	Microsoft Internet Explorer NavigateAndFind() Cross-Zone Policy Vulnerability
7806	Microsoft Internet Explorer OBJECT Tag Buffer Overflow Vulnerability
8456	Microsoft Internet Explorer Object Type Validation Vulnerability
3556	Microsoft Internet Explorer Patch Q312461 Existence Vulnerability
17460	Microsoft Internet Explorer Persistent Window Content Address Bar Spoofing Vulnerability
11381	Microsoft Internet Explorer Plug-in Navigations Handling Address Bar Spoofing Vulnerability
13941	Microsoft Internet Explorer PNG Image Rendering Buffer Overflow Vulnerability
17457	Microsoft Internet Explorer Popup Cross-Domain Information Disclosure Vulnerability
10690	Microsoft Internet Explorer Popup.show Mouse Event Hijacking Vulnerability
17131	Microsoft Internet Explorer Script Action Handler Buffer Overflow Vulnerability
9013	Microsoft Internet Explorer Script URL Cross-Domain Access Violation Vulnerability
11383	Microsoft Internet Explorer Secure Sockets Layer Caching Vulnerability
6961	Microsoft Internet Explorer Self Executing HTML File Vulnerability
9628	Microsoft Internet Explorer Shell: IFrame Cross-Zone Scripting Vulnerability
10816	Microsoft Internet Explorer Style Tag Comment Memory Corruption Vulnerability
13946	Microsoft Internet Explorer Unspecified DigWebX ActiveX Control Vulnerability
13947	Microsoft Internet Explorer Unspecified GIF And BMP Denial Of Service Vulnerability
17181	Microsoft Internet Explorer Unspecified Remote HTA Execution Vulnerability
14515	Microsoft Internet Explorer Unspecified SharePoint Portal Services Log Sink ActiveX Vulnerability
11388	Microsoft Internet Explorer Unspecified showHelp Zone Bypass Vulnerability
11466	Microsoft Internet Explorer Valid File Drag and Drop Embedded Code Vulnerability
14512	Microsoft Internet Explorer Web Folder Behaviors Cross-Domain Scripting Vulnerability
9769	Microsoft Internet Explorer window.open Media Bar Cross-Zone Scripting Vulnerability
9798	Microsoft Internet Explorer window.open Search Pane Cross-Zone Scripting Vulnerability
16516	Microsoft Internet Explorer WMF Image Parsing Memory Corruption Vulnerability
9012	Microsoft Internet Explorer XML Object Zone Restriction Bypass Vulnerability
8565	Microsoft Internet Explorer XML Page Object Type Validation Vulnerability
13943	Microsoft Internet Explorer XML Redirect Information Disclosure Vulnerability
8457	Microsoft Internet Explorer Zone Restriction Bypass Script Execution Vulnerability
3420	Microsoft Internet Explorer Zone Spoofing Vulnerability
4753	Microsoft Internet Explorer Zone Spoofing Vulnerability
17462	Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability
15057	Microsoft MSDTC COM+ Remote Code Execution Vulnerability
15058	Microsoft MSDTC TIP Denial Of Service Vulnerability
15059	Microsoft MSDTC TIP Distributed Denial Of Service Vulnerability
1882	Microsoft Network Monitor Multiple Buffer Overflow Vulnerabilities
10711	Microsoft Outlook Express Malformed Email Header Denial Of Service Vulnerability
9105	Microsoft Outlook Express MHTML Forced File Execution Vulnerability
9107	Microsoft Outlook Express MHTML Redirection Local File Parsing Vulnerability
13951	Microsoft Outlook Express NNTP Response Parsing Buffer Overflow Vulnerability
17459	Microsoft Outlook Express Windows Address Book File Parsing Buffer Overflow Vulnerability
2048	Microsoft PhoneBook Server Buffer Overflow
4387	Microsoft Temporary Internet File Execution Vulnerability
14594	Microsoft Visual Studio .NET msdds.dll Remote Code Execution Vulnerability
11378	Microsoft Window Management API Local Privilege Escalation Vulnerability
2394	Microsoft Windows 2000 Domain Controller DoS Vulnerability
15826	Microsoft Windows Asynchronous Procedure Call Local Privilege Escalation Vulnerability
16194	Microsoft Windows Embedded Web Font Buffer Overflow Vulnerability
15064	Microsoft Windows Explorer Web View Script Injection Vulnerability
16074	Microsoft Windows Graphics Rendering Engine WMF SetAbortProc Code Execution Vulnerability
10119	Microsoft Windows Help And Support Center URI Validation Code Execution Vulnerability
5872	Microsoft Windows Help Facilities Vulnerabilities
5874	Microsoft Windows Help Facility ActiveX Control Buffer Overflow Vulnerability
8016	Microsoft Windows HTML Converter HR Align Buffer Overflow Vulnerability
9624	Microsoft Windows Internet Naming Service Buffer Overflow Vulnerability
13116	Microsoft Windows Internet Protocol Validation Remote Code Execution Vulnerability
14519	Microsoft Windows Kerberos Denial Of Service Vulnerability
14520	Microsoft Windows Kerberos PKINIT Man In The Middle Vulnerability
11369	Microsoft Windows Kernel Virtual DOS Machine Privilege Escalation Vulnerability
12481	Microsoft Windows License Logging Service Buffer Overflow Vulnerability
15070	Microsoft Windows Malicious Shortcut Handling Remote Code Execution Variant Vulnerability
15069	Microsoft Windows Malicious Shortcut Handling Remote Code Execution Vulnerability
7640	Microsoft Windows Media Player Automatic File Download and Execution Vulnerability
8263	Microsoft Windows Media Player IE Zone Access Control Bypass Vulnerability
8035	Microsoft Windows Media Services NSIISlog.DLL Remote Buffer Overflow Vulnerability
17905	Microsoft Windows MSDTC Heap Buffer Overflow Vulnerability
17906	Microsoft Windows MSDTC Invalid Memory Access Denial Of Service Vulnerability
15056	Microsoft Windows MSDTC Memory Corruption Vulnerability
11372	Microsoft Windows NetDDE Remote Buffer Overflow Vulnerability
15065	Microsoft Windows Plug And Play UMPNPMGR.DLL wsprintfW Buffer Overflow Vulnerability
10677	Microsoft Windows Program Group Converter Filename Local Buffer Overrun Vulnerability
7146	Microsoft Windows Script Engine JScript.DLL Heap Overflow Vulnerability
12484	Microsoft Windows Server Message Block Handlers Remote Buffer Overflow Vulnerability
10213	Microsoft Windows Shell Long Share Name Buffer Overrun Vulnerability
14518	Microsoft Windows Telephony Service Buffer Overflow Vulnerability
3997	Microsoft Windows Trusted Domain Privilege Escalation Vulnerability
11375	Microsoft Windows WMF/EMF Image Format Rendering Remote Buffer Overflow Vulnerability
3887	Microsoft Windows XP Pro Upgrade IE Patch Downgrade Vulnerability
2708	MS IIS/PWS Escaped Characters Decoding Command Execution Vulnerability
2906	MS Visual Studio RAD Support Buffer Overflow Vulnerability
9182	Multiple Browser URI Display Obfuscation Weakness
8577	Multiple Microsoft Internet Explorer Script Execution Vulnerabilities
9841	Multiple Vendor Internet Browser Cookie Path Argument Restriction Bypass Vulnerability
10183	Multiple Vendor TCP Sequence Number Approximation Vulnerability
13124	Multiple Vendor TCP/IP Implementation ICMP Remote Denial Of Service Vulnerabilities
13940	Multiple Vendor Telnet Client Remote Information Disclosure Vulnerability
567	NT Exchange Server Encapsulated SMTP Address Vulnerability
529	NT IIS MDAC RDS Vulnerability
4410	Windows 2000 DCOM Client Memory Disclosure Vulnerability

Initial Post on: Tuesday, 20-Jun-06 14:50:00
Last modified on: Tuesday, 20-Jun-06 14:58:14