21 issues in Windows/Outlook Express

[Chris Wysopal <weld () vulnwatch org>]

Microsoft Security Bulletin MS04-011
Security Update for Microsoft Windows (835732)
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx

LSASS Vulnerability - CAN-2003-0533
LDAP Vulnerability . CAN-2003-0663
PCT Vulnerability - CAN-2003-0719
Winlogon Vulnerability - CAN-2003-0806
Metafile Vulnerability - CAN-2003-0906
Help and Support Center Vulnerability - CAN-2003-0907
Utility Manager Vulnerability - CAN-2003-0908
Windows Management Vulnerability - CAN-2003-0909
Local Descriptor Table Vulnerability - CAN-2003-0910
H.323 Vulnerability* - CAN-2004-0117
Virtual DOS Machine Vulnerability - CAN-2004-0118
Negotiate SSP Vulnerability - CAN-2004-0119
SSL Vulnerability - CAN-2004-0120
ASN.1 .Double Free. Vulnerability - CAN-2004-0123


Microsoft Security Bulletin MS04-012
Cumulative Update for Microsoft RPC/DCOM (828741)
http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx

RPC Runtime Library Vulnerability - CAN-2003-0813
RPCSS Service Vulnerability - CAN-2004-0116
COM Internet Services (CIS) . RPC over HTTP Vulnerability - CAN-2003-0807
Object Identity Vulnerability - CAN-2004-0124


Microsoft Security Bulletin MS04-013
Cumulative Security Update for Outlook Express (837009)
http://www.microsoft.com/technet/security/bulletin/MS04-013.mspx

Microsoft Security Bulletin MS04-014
Vulnerability in the Microsoft Jet Database Engine Could Allow Code
Execution (837001)
http://www.microsoft.com/technet/security/bulletin/MS04-014.mspx