> *************************
> Major New Exploits
> *************************
>
> (1) CRITICAL: Microsoft Internet Explorer JavaScript Vulnerability
> Affected:
> Internet Explorer versions 5.5 and 6.x
>
> Description: Internet Explorer contains a flaw in the handling of the
> Window() JavaScript function. A user visiting a malicious website that
> calls this function from a <body onLoad> tag is vulnerable to a
> denial-of-service attack or to remote code execution. This
> vulnerability
> has been known for some time, and documented in CVE-2005-1790. It was
> initially thought that this vulnerability could only result in the
> denial-of-service condition, and could not be used for remote code
> execution. However, it was recently discovered that remote code could
> be inserted, given the right conditions. A proof-of-concept
> exploit has
> been released and is widely available.
>
> Status: Vendor confirmed, no patch available.
>
> Council Site Actions: Most of the council sites are awaiting
> a patch and
> further information from the vendor. One site noted that
> Javascript for
> the Internet zone in IE has been disabled
>
> References:
> CVE Reference
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1790
>
> Original BugTraq Posting
> http://marc.theaimsgroup.com/?l=bugtraq&m=111746394106172&w=2
>
> Computer Terrorism Article Detailing Remote Code Execution
> http://computerterrorism.com/research/ie/CT21-11-2005.htm
>
> **************************************************************
>
> 05.47.1 CVE: Not Available
> Platform: Windows
> Title: Microsoft Windows Plug and Play Denial of Service
> Description: Microsoft Windows Plug and Play (PnP) service is used by
> the operating system. It is prone to a denial of service
> vulnerability. Sending malformed data to the "upnp_getdevicelist"
> function of the Plug and Play service causes the system to consume
> excessive virtual memory and potentially stop responding to all
> requests. This issue affects various Windows versions. Please check
> the attached link for details.
> Ref: http://www.microsoft.com/technet/security/advisory/911052.mspx
> ______________________________________________________________________
>
> 05.47.11 CVE: Not Available
> Platform: Cross Platform
> Title: Multiple Vendor TCP Acknowledgements Remote Denial of Service
> Description: Multiple vendors implement RFC 793 (Transmission Control
> Protocol) in devices and operating systems. Multiple vendors are
> susceptible to a remote TCP acknowledgement denial of service
> vulnerability. This issue presents itself when the remote peer forges
> acknowledgement packets prior to actually receiving packets from the
> sending host. Please refer to the referenced U. Maryland technical
> report for further details.
> Ref: http://www.cs.umd.edu/~capveg/optack/optack-extended.pdf
> ______________________________________________________________________
>
> 05.47.12 CVE: Not Available
> Platform: Cross Platform
> Title: Opera HTML Form Status Bar Misrepresentation
> Description: Opera is a Web browser. It is vulnerable to a Form Status
> Bar Misrepresentation when an HTML form with the submit "href" or
> "title" properties set to a legitimate site and the "action" property
> set to the attacker-specified site. Opera Software Opera Web Browser
> versions 8.50 and ealier are vulnerable.
> Ref: http://secunia.com/advisories/17571/
> ______________________________________________________________________
>