United States | English [Change]
Welcome, Guest

Nortel Response to Microsoft Security Bulletin MS07-061

Description: Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories On November 13, 2007, Microsoft released a security update MS07-061 - Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460). Some Nortel products contain this software as a component and thus are potentially affected by the vulnerability addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. MS07-061 addresses the following potential vulnerability: 1) Windows URI Handling Vulnerability - CVE-2007-3896 A remote code execution vulnerability exists in the way that the Windows shell handles specially crafted URIs that are passed to it. An attacker could exploit this vulnerability by including a specially crafted URI in an application or attachment, which could potentially allow remote code execution. Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical For more information: Please contact your next level of support or visit http://www.nortel.com/contact for support numbers within your region. Nortel security advisories: http://nortel.com/securityadvisories Nortel Partner Information Center (PIC) website: http://www.nortelnetworks.com/pic
Type: Security Advisories
Number: 2007008457, Rev 1
Status: Retired
Date: 2008-02-22


Bulletin Downloads
Title Extension File Size Language
    Nortel Response to Microsoft Security Bulletin MS07-061
Checksum: 055785ad3c0b3a4fe9768c8468b6ef1e  [MD5]		 [pdf] 23086 bytes English  




Associated Products
Application Server 5200
BroadBand STP
CallPilot
CDMA Networks
CDMA SuperNode Data Manager
Centrex IP Client Manager (CICM)
Centrex IP Element Manager (CICE)
Circuit Switching
Communication Control Toolkit
Communication Server 1000 Telephony Manager
Communication Server 2000
Communication Server 2000 Core Manager
Communication Server 2000 Session Server Trunks
Communication Server 2000-Compact
Communication Server 2100
Contact Center - Express
Contact Center - Multimedia
Contact Center Manager Administration
Contact Center Manager Server
Contact Center Portfolio
DMS-100 SSP
DMS-100/200 Local Switching Systems
DMS-250
DMS-500
DMS-Global Services Platform
DMS-STP
DMS-STP/SSP IntegratedNode (INode)
Enterprise Network Management System
Enterprise Policy Manager
Extended Peripheral Module (XPM)
GSM Networks
GSM-UMTS Home Location Register
  
GSM-UMTS Mobile Switching Center Server
GSM-UMTS SuperNode Data Manager
Integrated Access - Cable
Integrated Element Management System (IEMS)
IP Address Domain Manager
IP Softphone 2050
Media Processing Server (MPS) 1000
Media Processing Server (MPS) 500
Meridian SL-100
Multimedia Communication Server 5100
Multiservice Data Manager (MDM)
Optivity Policy Services for Business Policy Switch
Optivity Telephony Manager for SL-100
Packet Transit - AAL2
Packet Transit - IP
Packet Trunking - AAL1
Periphonics Common Channel Signaling Server (CCSS)
Periphonics Speech Platform
Policy Services application
Self-Service Portfolio
Spectrum Peripheral Module (SPM)
Speech and Self-Service
SuperNode Data Manager
Symposium Agent
Symposium TAPI Service Provider
UMTS Networks
Universal Access - AAL1
Universal Access - IP
VPN Client
VPN Router Portfolio
XA-Core