Microsoft Internet Explorer Remote Information Disclosure
Microsoft Internet Explorer 5.0, 5.0.1, SP1-SP4, 5.5, preview, SP1&SP2, 6.0 SP1&SP2
A vulnerability exists due to a failure to secure scripts residing on a local computer, which could let a remote malicious user obtain sensitive information. No workaround or patch was available at time of publishing. No exploit is required to take advantage of this vulnerability.
Microsoft Windows Indexing Service Buffer Overflow
Microsoft Windows XP SP1 & prior service packs, 2003
A buffer overflow vulnerability exists in the Indexing Service due to the way query validation is handled, which could let a remote malicious user cause a denial of service or execute arbitrary code. Updates are available at http://www.microsoft.com/technet/ There are no known exploits for this vulnerability.
Threat level: Low. High if arbitrary code can be executed.
Apache 2.0.35-2.0.52
Threat level: Medium
OpenPKG:
>ftp://ftp.openpkg.org/release/
Gentoo:
glsa/glsa-200410-21.xml>http://security.gentoo.org/
glsa/glsa-200410-21.xml
Slackware:
ftp://ftp.slackware.com/pub/slackware/
Conectiva:
ftp://atualizacoes.conectiva.com.br/
Mandrake:
http://www.mandrakesoft.com/security/advisories
Fedora:
/linux/core/updates/2/>http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
RedHat:
http://rhn.redhat.com/errata/RHSA-2004-562.html
SuSE:
In the process of releasing packages.
RedHat:
http://rhn.redhat.com/errata/RHSA-2004-600.html
Avaya:
ASA-2005-010_RHSA-2004-600.pdf>http://support.avaya.com/elmodocs2/security/
ASA-2005-010_RHSA-2004-600.pdf
VMware:
http://www.vmware.com/download/esx/
A complete list of vulnerabilties and other information can be found here.
