SecurityHome.eu MS09-070 - Important: Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726)

Home / bulletins

MS09-070 - Important: Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726) - Version:1.1
Posted on 09 December 2009
Important
Severity Rating: Important - Revision Note: V1.1 (December 9, 2009): Corrected the SMS 2.0 and SMS 2003 with SUIT entries for Windows Server 2003 x64 Edition Service Pack 2 in the SMS table. This is an information change only.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if an attacker sent a specially crafted HTTP request to an ADFS-enabled Web server. An attacker would need to be an authenticated user in order to exploit either of these vulnerabilities.
Link
Other versions
MS09-070 - Version: 1.0
MS09-070 - Version: 1.1

TOP

Bulletins :

4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 2.0 -
4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0 -
4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 1.0 -
MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - 1.1
MS16-JUL Security Bulletin Summary for July 2016 - 2.0

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20