Microsoft ISA and Proxy Server Web Site Spoofing Vulnerability
Risk
Medium

Date Discovered
11-04-2004

Description
Microsoft ISA and Proxy Server are reportedly prone to a Web site spoofing vulnerability. Successful exploitation of this issue could allow a remote attacker to spoof a trusted Web site. If a connection were made to the spoofed Web site using SSL, the malicious site would not be able to spoof the certificate of the legitimate site. This would likely cause a warning message to appear to the user. Microsoft Small Business Server 2000 and 2003 include the affected software.

Microsoft Windows Program Group Converter Filename Local Buffer Overrun Vulnerability
Risk
Medium

Date Discovered
07-07-2004

Description
Microsoft Windows Program Group Converter (grpconv.exe) is reported prone to a buffer overrun vulnerability. The issue is reported to exist due to a lack of sufficient validation performed on filename data. An attacker may craft a malicious file and present it to a victim in order to exploit this vulnerability. Additionally, it is demonstrated that this vulnerability may also be exploited using a series of seperate vulnerabilities in Internet Explorer in order to exploit this vulnerability when a malicious website is viewed.  It is reported that exploitation may be hindered because parameter data is stored in Unicode format.

Microsoft Windows Compressed (zipped) Folder Buffer Overflow Vulnerability
Risk
High

Date Discovered
10-12-2004

Description
Microsoft Windows contains a buffer overflow in the Compressed (zipped) Folders feature. A maliciously crafted compressed file could overrun an internal buffer causing arbitrary code to be executed in the security context of the current user.