Nortel Response to Microsoft Security Bulletin MS07-035
| Description: |
Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories On June 12, 2007, Microsoft released a security update MS07-035 - Vulnerability in Win 32 API Could Allow Remote Code Execution (935839). Some Nortel products are potentially affected by the vulnerabilities addressed in MS07-035. This bulletin provides a multi-product consolidated response for the Nortel products which contain a Microsoft software component potentially affected by MS07-035. MS07-035 addresses the following potential vulnerability: 1) Win32 API Vulnerability - CVE-2007-2219 A remote code execution vulnerability exists in the way that the Win32 API validates parameters. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical For more information: Please contact your next level of support or visit http://www.nortel.com/contact for support numbers within your region. Nortel security advisories: http://nortel.com/securityadvisories Nortel Partner Information Center (PIC) website: http://www.nortelnetworks.com/pic |
| Type: |
Security Advisories |
| Number: |
2007008071, Rev 1 |
| Status: |
Retired |
| Date: |
2007-11-16 |
