SecurityHome.eu MS09-071 - Critical: Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318)

Home / bulletins

MS09-071 - Critical: Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318) - Version:1.0
Posted on 08 December 2009
There is an newer version: MS09-071 - Version: 1.1
Critical
Severity Rating: Critical - Revision Note: V1.0 (December 8, 2009): Bulletin published.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Windows. These vulnerabilities could allow remote code execution if messages received by the Internet Authentication Service server are copied incorrectly into memory when handling PEAP authentication attempts. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system. Servers using Internet Authentication Service are only affected when using PEAP with MS-CHAP v2 authentication.
Link
Other versions
MS09-071 - Version: 1.0
MS09-071 - Version: 1.1

TOP

Bulletins :

4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 2.0 -
4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0 -
4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 1.0 -
MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - 1.1
MS16-JUL Security Bulletin Summary for July 2016 - 2.0

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20