Nortel Response to Microsoft Security Bulletin MS06-042
| Description: |
Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories =========== == Source == =========== On August 08, 2006 - Microsoft issued Security Bulletin MS06-042 addressing "Cumulative Security Update for Internet Explorer (918899)". Some Nortel products are potentially affected by this issue. ============= == Overview == ============= Microsoft Bulletin MS06-042 is available at: http://www.microsoft.com/technet/security/Bulletin/MS06-042.mspx Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Description: MS06-042 addresses 8 potential vulnerabilities. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. - Redirect Cross-Domain Information Disclosure Vulnerability - CVE-2006-3280 - HTML Layout and Positioning Memory Corruption Vulnerability - CVE-2006-3450 - CSS Memory Corruption Vulnerability - CVE-2006-3451 - HTML Rendering Memory Corruption Vulnerability - CVE-2006-3637 - COM Object Instantiation Memory Corruption Vulnerability - CVE-2006-3638 - Source Element Cross-Domain Vulnerability - CVE-2006-3639 - Window Location Information Disclosure Vulnerability - CVE-2006-3640 - FTP Server Command Injection Vulnerability - CVE-2004-1166 Security Update Replacement: This bulletin replaces several prior security updates. Please see the Microsoft link above for additional details. |
| Type: |
Security Advisories |
| Number: |
2006007223, Rev 1 |
| Status: |
Retired |
| Date: |
2007-10-24 |
