WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec
July 25, 2006
Symantec ESM 6.5 Network Assessment Security Updates 27.01


Download the cumulative Symantec ESM Network Assessment Release Notes (PDF)


This update for Symantec ESM Network Assessment detects and reports 24 additional vulnerabilities and 126 updated vulnerabilities.

Use the LiveUpdate feature of Symantec ESM Network Assessment to download this security update.

Additional vulnerabilities

Bugtraq ID     Vulnerability name
7539	Internet Explorer file:// Request Zone Bypass Vulnerability
18858	Microsoft IIS ASP Remote Code Execution Vulnerability
3116	Microsoft Internet Explorer Arbitrary HTML File Execution Vulnerability
6779	Microsoft Internet Explorer Dialog Box Cross-Domain Violation Vulnerability
17468	Microsoft Internet Explorer HTML Tag Memory Corruption Vulnerability
6205	Microsoft Internet Explorer IFRAME dialogArguments Cross-Zone Access Vulnerability
11515	Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability
5196	Microsoft Internet Explorer OBJECT Tag Same Origin Policy Violation Vulnerability
7419	Microsoft Internet Explorer Remote URLMON.DLL Buffer Overflow Vulnerability
6780	Microsoft Internet Explorer ShowHelp Arbitrary Command Execution Vulnerability
5963	Microsoft Internet Explorer Unauthorized Document Object Model Access Vulnerability
18923	Microsoft Windows DHCP Client Service Remote Code Execution Vulnerability
18863	Microsoft Windows Server Driver Mailslot Remote Heap Buffer Overflow Vulnerability
18891	Microsoft Windows Server Driver Remote Information Disclosure Vulnerability
9320	Microsoft Windows showHelp CHM File Execution Weakness
14480	Microsoft Windows Unspecified Remote Arbitrary Code Execution Vulnerability
18116	PHP cURL Encoded NULL Character Safe_Mode Restriction Bypass Vulnerability
16803	PHP Error Message Cross-Site Scripting Vulnerability
18645	PHP Error_Log Safe_Mode Restriction-Bypass Vulnerability
17296	PHP Html_Entity_Decode() Information Disclosure Vulnerability
17439	PHP Multiple Safe_Mode and Open_Basedir Restriction Bypass Vulnerabilities
16878	PHP Multiple Security Bypass Vulnerabilities
17843	PHP Multiple Unspecified Vulnerabilities
17362	PHP PHPInfo Large Input Cross-Site Scripting Vulnerability

Updated vulnerabilities

Bugtraq ID     Vulnerability name
10118	Microsoft ASN.1 Library Double Free Memory Corruption Vulnerability
17453	Microsoft Internet Explorer COM Object Instantiation Code Execution Vulnerability
17196	Microsoft Internet Explorer CreateTextRange Remote Code Execution Vulnerability
5561	Microsoft Internet Explorer Dialog Same Origin Policy Bypass Variant Vulnerability
17454	Microsoft Internet Explorer Double Byte Character Memory Corruption Vulnerability
5559	Microsoft Internet Explorer Download Dialogue File Source Obfuscation Vulnerability
17455	Microsoft Internet Explorer Erroneous IOleClientSite Data Zone Bypass Vulnerability
5610	Microsoft Internet Explorer HTML Same Origin Policy Violation Vulnerability
5672	Microsoft Internet Explorer IFrame/Frame Cross-Site/Zone Script Execution Vulnerability
17450	Microsoft Internet Explorer Invalid HTML Parsing Code Execution Vulnerability
14087	Microsoft Internet Explorer Javaprxy.DLL COM Object Instantiation Heap Overflow Vulnerability
5558	Microsoft Internet Explorer Legacy Text Formatting ActiveX Component Buffer Overflow Vulnerability
6217	Microsoft Internet Explorer Object Tag Temporary Internet File Folder Vulnerability
17460	Microsoft Internet Explorer Persistent Window Content Address Bar Spoofing Vulnerability
6216	Microsoft Internet Explorer PNG Buffer Overflow Vulnerability
6366	Microsoft Internet Explorer PNG Deflate Heap Corruption Vulnerability
17457	Microsoft Internet Explorer Popup Cross-Domain Information Disclosure Vulnerability
17131	Microsoft Internet Explorer Script Action Handler Buffer Overflow Vulnerability
17181	Microsoft Internet Explorer Unspecified Remote HTA Execution Vulnerability
5560	Microsoft Internet Explorer XML Redirect File Disclosure Vulnerability
10112	Microsoft Jet Database Engine Remote Code Execution Vulnerability
10113	Microsoft Negotiate SSP Remote Buffer Overflow Vulnerability
8458	Microsoft RPCSS DCERPC DCOM Object Activation Packet Length Heap Corruption Vulnerability
8459	Microsoft RPCSS DCOM Interface Long Filename Heap Corruption Vulnerability
10117	Microsoft Virtual DOS Machine Local Privilege Escalation Vulnerability
11378	Microsoft Window Management API Local Privilege Escalation Vulnerability
10114	Microsoft Windows 2000 Domain Controller LDAP Denial Of Service Vulnerability
2988	Microsoft Windows 2000 SMTP Improper Authentication Vulnerability
10123	Microsoft Windows COM Internet Service/RPC Over HTTP Remote Denial Of Service Vulnerability
8205	Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability
15064	Microsoft Windows Explorer Web View Script Injection Vulnerability
10111	Microsoft Windows H.323 Remote Buffer Overflow Vulnerability
10119	Microsoft Windows Help And Support Center URI Validation Code Execution Vulnerability
11365	Microsoft Windows Kernel Local Denial of Service Vulnerability
11369	Microsoft Windows Kernel Virtual DOS Machine Privilege Escalation Vulnerability
12481	Microsoft Windows License Logging Service Buffer Overflow Vulnerability
10122	Microsoft Windows Local Descriptor Table Local Privilege Escalation Vulnerability
10126	Microsoft Windows Logon Process Remote Buffer Overflow Vulnerability
10108	Microsoft Windows LSASS Buffer Overrun Vulnerability
15070	Microsoft Windows Malicious Shortcut Handling Remote Code Execution Variant Vulnerability
15069	Microsoft Windows Malicious Shortcut Handling Remote Code Execution Vulnerability
10121	Microsoft Windows Object Identity Network Communication Vulnerability
10116	Microsoft Windows Private Communications Transport Protocol Buffer Overrun Vulnerability
8234	Microsoft Windows RPCSS DCOM Interface Denial of Service Vulnerability
8811	Microsoft Windows RPCSS Multi-thread Race Condition Vulnerability
10127	Microsoft Windows RPCSS Service Remote Denial Of Service Vulnerability
7146	Microsoft Windows Script Engine JScript.DLL Heap Overflow Vulnerability
9510	Microsoft Windows Shell CLSID File Extension Misrepresentation Vulnerability
10115	Microsoft Windows SSL Library Denial of Service Vulnerability
10708	Microsoft Windows Task Scheduler Remote Buffer Overflow Vulnerability
10124	Microsoft Windows Utility Manager Local Privilege Escalation Vulnerability
11763	Microsoft Windows WINS Association Context Data Remote Memory Corruption Vulnerability
11922	Microsoft Windows WINS Name Value Handling Remote Buffer Overflow Vulnerability
11375	Microsoft Windows WMF/EMF Image Format Rendering Remote Buffer Overflow Vulnerability
10120	Microsoft Windows WMF/EMF Image Formats Remote Buffer Overflow Vulnerability
9892	Microsoft Windows XP explorer.exe Remote Denial of Service Vulnerability
5557	Multiple Microsoft Internet Explorer Vulnerabilities
4930	Multiple Microsoft Product Gopher Client Buffer Overflow Vulnerability
9694	Windows NtSystemDebugControl() Kernel API Function Privilege Escalation
13767	GNU SHTool Insecure Temporary File Deletion Vulnerability
2206	PHP .htaccess Attribute Transfer Vulnerability
6557	PHP 4.0.3 IMAP Module Buffer Overflow Vulnerability
16220	PHP 5 User-Supplied Session ID Input Validation Vulnerability
15177	PHP Apache 2 Local Denial of Service Vulnerability
15413	PHP Apache 2 Virtual() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
7256	PHP array_pad() Integer Overflow Memory Corruption Vulnerability
6875	PHP CGI SAPI Code Execution Vulnerability
15411	PHP cURL and GD Multiple Safe_Mode and Open_Basedir Restriction Bypass Vulnerabilities
11557	PHP cURL Open_Basedir Restriction Bypass Vulnerability
8405	PHP DLOpen Memory Disclosure Vulnerability
7199	PHP emalloc() Unspecified Integer Overflow Memory Corruption Vulnerability
2205	PHP Engine Disable Source Viewing Vulnerability
1786	PHP Error Logging Format String Vulnerability
15250	PHP File Upload GLOBAL Variable Overwrite Vulnerability
5681	PHP Function CRLF Injection Vulnerability
12701	PHP Glob Function Local Information Disclosure Vulnerability
13164	PHP Group Exif Module IFD Nesting Denial Of Service Vulnerability
13163	PHP Group Exif Module IFD Tag Integer Overflow Vulnerability
15358	PHP Group Exif Module Infinite Recursion Denial Of Service Vulnerability
12962	PHP Group PHP Image File Format Remote Denial Of Service Vulnerability
13143	PHP Group PHP Multiple Unspecified Vulnerabilities
12963	PHP Group PHP Remote JPEG File Format Remote Denial Of Service Vulnerability 
5669	PHP Header Function Script Injection Vulnerability
5278	PHP HTTP POST Incorrect MIME Header Parsing Vulnerability
4063	PHP Include File Relative Directory Information Disclosure Vulnerability
10427	PHP Input/Ouput Wrapper Remote Include Function Command Execution Weakness
5280	PHP Interpreter Direct Invocation Denial Of Service Vulnerability
11992	PHP JPEG Image Buffer Overflow Vulnerability
5562	PHP Mail Function ASCII Control Character Header Spoofing Vulnerability
15571	PHP MB_Send_Mail TO Argument Header Injection Vulnerability
10725	PHP memory_limit Remote Code Execution Vulnerability
10471	PHP Microsoft Windows Shell Escape Functions Command Execution Vulnerability
4325	PHP Move_Uploaded_File Open_Basedir Circumvention Vulnerability
11964	PHP Multiple Local And Remote Vulnerabilities
11981	PHP Multiple Remote Vulnerabilities
4026	PHP MySQL Safe_Mode Filesystem Circumvention Vulnerability
16145	PHP MySQL_Connect Remote Buffer Overflow Vulnerability
16219	PHP MySQLI Error Logging Remote Format String Vulnerability
17688	PHP MySQLI Error Logging Remote Format String Vulnerability_copy
14957	PHP Open_BaseDir Security Restriction Bypass Vulnerability
7210	PHP openlog() Buffer Overflow Vulnerability
15249	PHP Parse_Str Register_Globals Activation Weakness
11334	PHP PHP_Variables Remote Memory Disclosure Vulnerability
7805	PHP PHPInfo Cross-Site Scripting Vulnerability
15248	PHP PHPInfo Cross-Site Scripting Vulnerability
4606	PHP posix_getpwnam / posix_getpwuid safe_mode Circumvention Vulnerability
4183	PHP Post File Upload Buffer Overflow Vulnerabilities
11190	PHP Remote Arbitrary Location File Upload Vulnerability
15119	PHP Safedir Restriction Bypass Vulnerabilities
2954	PHP SafeMode Arbitrary File Execution Vulnerability
14858	PHP Session Handling Local Session Hijacking Vulnerability
12045	PHP Shared Memory Module Offset Memory Corruption Vulnerability
7187	PHP socket_iovec_alloc() Integer Overflow Vulnerability
7197	PHP socket_recv() Signed Integer Memory Corruption Vulnerability
7198	PHP socket_recvfrom() Signed Integer Memory Corruption Vulnerability
7259	PHP STR_Repeat Boundary Condition Error Vulnerability
10724	PHP Strip_Tags() Function Bypass Vulnerability
7761	PHP Transparent Session ID Cross Site Scripting Vulnerability
8201	PHP Undefined Safe_Mode_Include_Dir Safemode Bypass Vulnerability
6488	PHP wordwrap() Heap Corruption Vulnerability
911	PHP3 'safe_mode' Failure Vulnerability
8693	PHP4 Base64_Encode() Integer Overflow Vulnerability
8696	PHP4 Multiple Vulnerabilities
12665	PHP4 Readfile Denial Of Service Vulnerability
3873	PHP4 Session Files Local Information Disclosure Vulnerability
14088	XML-RPC for PHP Remote Code Injection Vulnerability

Initial Post on: Tuesday, 21-Jul-06 15:40:00
Last modified on: Tuesday, 25-Jul-06 15:43:39