New list of critical vulnerabilities released for Q1 2005
- By William Jackson
- May 02, 2005
The SANS Institute of Bethesda, Md., has begun updating its top 20 list of Internet vulnerabilities on a quarterly basis in an effort to give administrators more timely data to help prioritize patching.
"Since new Internet threats are discovered daily, user organizations that rely on the top 20 list have been asking for more frequent updates," the organization announced.
The update for the first quarter of 2005, released Monday, includes a dozen vulnerabilities reported in the first three months of the year. Most of the vulnerabilities affect Microsoft operating systems or applications.
The new entries were culled from among more than 600 vulnerabilities reported during January, February and March. To make the cut, the vulnerabilities must affect a large number of users, be unpatched on a substantial number of systems, allow remote exploitation and have enough information available to make an exploit likely.
New vulnerabilities on the list are:
For Microsoft Internet Explorer:
- Microsoft DHTML Edit ActiveX Remote Code Execution
- Microsoft Cursor and Icon Handling Overflow
- Microsoft HTML Help ActiveX Control Cross Domain Vulnerability Vulnerabilities
- included in cumulate updates for Internet Explorer.
For Windows Media Player, Windows Messenger and MSN Messenger:
- Microsoft PNG File Sharing Vulnerabilities.
For Microsoft Windows XP Service Pack 1 and 2, Windows 2000 Service Pack 2 and 4, and Windows Server 2003:
- Microsoft Server Message Block Vulnerability.
For Microsoft Windows NT server 4.0 Service Pack 6a and Terminal Server Edition Service Pack 6, Windows 2000 Server Service Pack 3 and 4, and Windows Server 2003:
- Windows License Logging Service Overflow.
For Microsoft Windows NT and Windows 2000 (prior to SP3) DNS servers, and Symantec
Gateway Security, Enterprise Firewall and VelociRaptor:
- DNS Cache Poisoning Vulnerability.
For antivirus products from Symantec, F-Secure, TrendMicro and McAfee:
- Buffer Overflows in decoding files.
For Oracle Application Server 9I and 10g, and Oracle Collaboration Suite release 2:
- Vulnerability patched in Oracle's January Critical Patch Update.
For Computer Associates Products running License Manager:
- CA License Package Buffer Overflow Vulnerabilities.
For RealPlayer, iTunes and WinAmp media players:
William Jackson is a Maryland-based freelance writer.