NORTEL RESPONSE TO MICROSOFT SECURITY BULLETIN MS06-004
| Description: |
Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories =========== == Source == =========== On February 14, 2006 - Microsoft issued Security Bulletin MS06-004 addressing "Cumulative Security Update for Internet Explorer (910620)". Some Nortel products are potentially affected by this issue. ============= == Overview == ============= Microsoft Bulletin MS06-004 is available at: http://www.microsoft.com/technet/security/Bulletin/MS06-004.mspx Impact of Vulnerability: Remote Code Execution Description: WMF Image Parsing Memory Corruption Vulnerability - CVE-2006-0020: A remote code execution vulnerability exists in Internet Explorer because of the way that it handles Windows Metafile (WMF) images. An attacker could exploit the vulnerability by constructing a specially crafted WMF image that could potentially allow remote code execution if a user visited a malicious Web site, opened or previewed an e-mail message, or opened a specially crafted attachment in e-mail. An attacker who successfully exploited this vulnerability could take complete control of an affected system. Security Update Replacement: This update replaces the update that is included with Microsoft Security Bulletin MS05-054 . That update is also a cumulative update. |
| Type: |
Security Advisories |
| Number: |
2006006704, Rev 3 |
| Status: |
Retired |
| Date: |
2007-10-17 |
