The OVAL Repository5.102012-01-27T05:09:52.616-05:00GDI+ BMP Integer Overflow VulnerabilityMicrosoft Office 2003Microsoft Office 2007Microsoft Office Visio 2002Microsoft Office XPMicrosoft PowerPoint ViewerMicrosoft SQL Server 2005Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka "GDI+ BMP Integer Overflow Vulnerability."Sudhir GandheDRAFTINTERIMACCEPTEDMike LahINTERIMACCEPTEDPradeep R BINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDACCEPTEDMicrosoft SQL Server 2005 SP2 is installedMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft SQL Server 2005Microsoft SQL Server 2005 SP2 is installed.J. Daniel BrownDRAFTINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDACCEPTEDMicrosoft Office Visio 2002 SP2 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003The application Microsoft Office Visio 2002 SP2 is installed.Robert L. HollisINTERIMACCEPTEDACCEPTEDMicrosoft Office XP is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003The application Microsoft Office XP is installed.Robert L. HollisINTERIMACCEPTEDJonathan BakerINTERIMJonathan BakerACCEPTEDDragos PrisacaINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDACCEPTEDMicrosoft SQL Server 2005 is installedMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft SQL Server 2005Microsoft SQL Server 2005 is installed.Dragos PrisacaDRAFTINTERIMACCEPTEDJ. Daniel BrownINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDACCEPTEDMicrosoft PowerPoint Viewer is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaThe application Microsoft PowerPoint Viewer is installed.Dragos PrisacaDRAFTINTERIMACCEPTEDBrendan MilesINTERIMACCEPTEDACCEPTEDMicrosoft Office 2003 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003The application Microsoft Office 2003 is installed.Robert L. HollisINTERIMACCEPTEDJonathan BakerINTERIMKen LassesenACCEPTEDRachana ShettyINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDMicrosoft Office 2007 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMicrosoft Office 2007The application Microsoft Office 2007 is installed.Jonathan BakerDRAFTINTERIMACCEPTEDRobert L. HollisINTERIMJonathan BakerACCEPTEDACCEPTEDVulnerability in IPMI dissector in WiresharkWiresharkThe IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.Preeti SubramanianDRAFTINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDACCEPTEDWireshark is installed on the system.Microsoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows VistaMicrosoft Windows 7WiresharkWireshark is installed on the system.Prabhu S ADRAFTINTERIMACCEPTEDJ. Daniel BrownINTERIMACCEPTEDPreeti SubramanianINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDACCEPTEDMicrosoft JScript Memory Corruption VulnerabilityMicrosoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code.Robert L. HollisDRAFTINTERIMACCEPTEDNate PrzybyszewskiINTERIMACCEPTEDACCEPTEDMicrosoft Share Level Password VulnerabilityMicrosoft Windows 98File and Print SharingFile and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.Tiffany BergeronINTERIMACCEPTEDChristine WalzerINTERIMACCEPTEDACCEPTEDMicrosoft Outlook Express v6.0 MHTML URL Processing VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Outlook ExpressThe MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."Andrew ButtnerINTERIMACCEPTEDACCEPTEDIE Frame Domain Verification VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Internet ExplorerInternet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874.Tiffany BergeronINTERIMACCEPTEDINTERIMHarvey RubinovitzACCEPTEDChristine WalzerChristine WalzerINTERIMACCEPTEDACCEPTEDMS Jet Database Buffer OverflowMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Jet Database EngineBuffer overflow in Microsoft Jet Database Engine 4.0 allows remote attackers to execute arbitrary code via a specially-crafted database query.Andrew ButtnerINTERIMACCEPTEDACCEPTEDIE File Upload VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Internet ExplorerThe file upload control in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to automatically upload files from the local system via a web page containing a script to upload the files.Tiffany BergeronINTERIMACCEPTEDINTERIMHarvey RubinovitzACCEPTEDACCEPTEDMicrosoft Data Access Components SQL-DMO Buffer Overflow (Test 1)Microsoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Data Access Components 2.5Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434.Christine WalzerINTERIMACCEPTEDChristine WalzerINTERIMACCEPTEDJosh TurpinDEPRECATEDDEPRECATEDIE File Download Dialog VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Internet ExplorerInternet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause Internet Explorer to execute the program, as demonstrated using a large number of FRAME or IFRAME tags, aka the "File Download Dialog Vulnerability."Tiffany BergeronINTERIMACCEPTEDINTERIMHarvey RubinovitzACCEPTEDACCEPTEDIE URLMON Buffer OverflowMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Internet ExplorerBuffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields.Tiffany BergeronINTERIMACCEPTEDINTERIMHarvey RubinovitzACCEPTEDACCEPTEDMS IE HTML Directive Buffer OverflowMicrosoft Windows 98Microsoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Internet ExplorerBuffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated.Tiffany BergeronINTERIMACCEPTEDINTERIMHarvey RubinovitzACCEPTEDChristine WalzerINTERIMACCEPTEDACCEPTEDZone Spoofing through Malformed Web Page VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Internet ExplorerMicrosoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code under fewer security restrictions via a malformed web page that requires NetBIOS connectivity, aka "Zone Spoofing through Malformed Web Page" vulnerability.Tiffany BergeronINTERIMACCEPTEDINTERIMHarvey RubinovitzACCEPTEDChristine WalzerINTERIMACCEPTEDACCEPTEDIE Slash Characters in Type Property VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Internet ExplorerBuffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.Tiffany BergeronINTERIMACCEPTEDINTERIMHarvey RubinovitzACCEPTEDACCEPTEDIE File Execution User-prompt Bypass VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Internet ExplorerInternet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability."Tiffany BergeronINTERIMACCEPTEDINTERIMHarvey RubinovitzACCEPTEDChristine WalzerINTERIMACCEPTEDACCEPTEDIE Cached Content Command Execution VulnerabilityMicrosoft Windows 98Microsoft Windows NTMicrosoft Windows 2000Microsoft Internet ExplorerInternet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.Tiffany BergeronINTERIMACCEPTEDACCEPTEDMicrosoft Outlook Express v5.5,SP2 MHTML URL Processing VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Outlook ExpressThe MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."Andrew ButtnerINTERIMACCEPTEDACCEPTEDMSN Messenger Remote File Access VulnerabilityMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003MSN MessengerMicrosoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files.Christine WalzerINTERIMAndrew ButtnerACCEPTEDACCEPTEDDEPRECATED: Windows Script Engine Heap Overflow (Test 3)Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Windows Script Engine for JScript v5.5Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.Tiffany BergeronDavid ProulxINTERIMACCEPTEDChristine WalzerINTERIMACCEPTEDMatthew WojcikINTERIMACCEPTEDAnna MinINTERIMACCEPTEDNate PrzybyszewskiDEPRECATEDSudhir GandheShane ShafferDEPRECATEDDEPRECATED: Windows Script Engine Heap Overflow (Test 2)Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Windows Script Engine for JScript v5.1Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.Tiffany BergeronDavid ProulxINTERIMACCEPTEDChristine WalzerINTERIMACCEPTEDMatthew WojcikINTERIMACCEPTEDAnna MinINTERIMACCEPTEDNate PrzybyszewskiDEPRECATEDSudhir GandheShane ShafferDEPRECATEDMicrosoft Data Access Components 2.8 Broadcast Response Buffer OverflowMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Data Access Components 2.8Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.Christine WalzerINTERIMACCEPTEDJeff ChengINTERIMJeff ChengACCEPTEDACCEPTEDlibpng buffer overflowMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows Server 2003Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows 7Microsoft Windows MessengerMicrosoft MSN MessengerAdobe Acrobat ReaderMultiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.Josh TurpinDRAFTINTERIMACCEPTEDACCEPTEDMSN Messenger 6.1 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMSN MessengerMSN Messenger 6.1 is installedJosh TurpinDRAFTINTERIMACCEPTEDDavid RothenbergINTERIMACCEPTEDACCEPTEDMicrosoft Windows XP (x86) SP2 is installedMicrosoft Windows XPA version of Microsoft Windows XP (x86) Service Pack 2 is installed.Andrew ButtnerDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDACCEPTEDMicrosoft Windows XP Professional x64 Edition SP1 is installedMicrosoft Windows XPA version of Microsoft Windows XP Professional x64 Edition Service Pack 1 is installed.Andrew ButtnerDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDBrendan MilesINTERIMACCEPTEDTodd DolinskyINTERIMACCEPTEDTodd DolinskyINTERIMTim HarrisonTim HarrisonTim HarrisonACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDACCEPTEDWindows Messenger 4.7 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003The application Windows Messenger 4.7 is installedDragos PrisacaDRAFTINTERIMACCEPTEDDragos PrisacaINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2003 SP1 (x86) is installedMicrosoft Windows Server 2003A version of Microsoft Windows Server 2003 Service Pack 1 (x86) is installed.Robert L. HollisDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDShane ShafferINTERIMACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDDavid RothenbergINTERIMACCEPTEDACCEPTEDMicrosoft Windows 2000 SP4 or later is installedMicrosoft Windows 2000The operating system installed on the system is Microsoft Windows 2000 SP4 or later.Robert L. HollisDRAFTINTERIMACCEPTEDJonathan BakerINTERIMACCEPTEDTim HarrisonINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDACCEPTEDMSN Messenger 6.2 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows VistaMSN MessengerMSN Messenger 6.2 is installedRobert L. HollisDRAFTINTERIMACCEPTEDDavid RothenbergINTERIMACCEPTEDACCEPTEDMicrosoft Windows Server 2003 (x86) Gold is installedMicrosoft Windows Server 2003A version of Microsoft Windows Server 2003 (x86) Gold is installed.Robert L. HollisDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDShane ShafferINTERIMACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDDavid RothenbergINTERIMACCEPTEDACCEPTEDMicrosoft Windows XP SP1 (32-bit) is installedMicrosoft Windows XPThe operating system installed on the system is Microsoft Windows XP SP1 (32-bit).Robert L. HollisDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDSudhir GandheINTERIMShane ShafferACCEPTEDACCEPTEDMicrosoft Windows XP is installedMicrosoft Windows XPThe operating system installed on the system is Microsoft Windows XP.Andrew ButtnerACCEPTEDJonathan BakerINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDTim HarrisonINTERIMTim HarrisonTim HarrisonACCEPTEDACCEPTEDMicrosoft Data Access Components 2.7 Broadcast Response Buffer OverflowMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Data Access Components 2.7Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.Christine WalzerINTERIMACCEPTEDJeff ChengINTERIMACCEPTEDACCEPTEDIE v5.5,SP2 Similar Method Name Redirection Cross Domain VulnerabilityMicrosoft Windows 98Microsoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Internet ExplorerMicrosoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability."Harvey RubinovitzDRAFTINTERIMACCEPTEDChristine WalzerINTERIMACCEPTEDAndrew SimmonsINTERIMACCEPTEDTodd DolinskyINTERIMACCEPTEDACCEPTEDMS Excel 2002 Malicious Macro Security Bypass VulnerabilityMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Excel 2002Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.Andrew ButtnerINTERIMACCEPTEDIngrid SkoogINTERIMACCEPTEDMatthew WojcikINTERIMJohn HoylandACCEPTEDACCEPTEDMS Excel 97 Malicious Macro Security Bypass VulnerabilityMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Excel 97Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.Andrew ButtnerINTERIMACCEPTEDIngrid SkoogINTERIMMatthew WojcikINTERIMMS Word 2002 Macro Names Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Word 2002Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.Andrew ButtnerDRAFTINTERIMACCEPTEDIngrid SkoogINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDACCEPTEDMS Excel 2000 Malicious Macro Security Bypass VulnerabilityMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Excel 2000Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.Christine WalzerACCEPTEDIngrid SkoogINTERIMACCEPTEDRobert L. HollisINTERIMJohn HoylandACCEPTEDACCEPTEDMS Word 98 Macro Names Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Word 98Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.Andrew ButtnerINTERIMACCEPTEDHarvey RubinovitzINTERIMINTERIMMS Word 97 Macro Names Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Word 97Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.Andrew ButtnerINTERIMACCEPTEDIngrid SkoogINTERIMIngrid SkoogDragos PrisacaINTERIMMSJava Applet CODEBASE File Access VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Virtual Machine (VM)Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error.Tiffany BergeronINTERIMACCEPTEDACCEPTEDMicrosoft Data Access Components 2.6 Broadcast Response Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Data Access Components 2.6Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.Christine WalzerINTERIMACCEPTEDJeff ChengINTERIMACCEPTEDACCEPTEDMicrosoft Data Access Components 2.5 Broadcast Response Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Data Access Components 2.5Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.Christine WalzerINTERIMACCEPTEDJeff ChengINTERIMACCEPTEDACCEPTEDAdobe Acrobat Reader libpng Buffer OverflowMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPAdobe Acrobat ReaderMultiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.Matthew WojcikDRAFTINTERIMACCEPTEDDEPRECATEDDEPRECATEDWord 2003 Malicious .doc Buffer Overflow IIMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003SambaBuffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document.Matthew BurtonDRAFTINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDACCEPTEDExcel 2002 File Handler Code Execution VulnerabilityMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Excel 2002Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated.Matthew BurtonDRAFTJohn HoylandINTERIMWord 2003 (wordview) Malicious .doc Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Word 2003Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.Matthew BurtonDRAFTINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDChris WoodINTERIMACCEPTEDSharath SINTERIMACCEPTEDACCEPTEDOffice XP URL Buffer OverflowMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Office XP SP3Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.Ingrid SkoogIngrid SkoogIngrid SkoogAnna MinDRAFTINTERIMACCEPTEDINTERIMACCEPTEDACCEPTEDMicrosoft Data Access Components 2.1 Remote Data Services Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows NTMicrosoft Data Access Components 2.1Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub.Ingrid SkoogDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDRobert L. HollisINTERIMACCEPTEDJeff ChengINTERIMACCEPTEDClifford FarrugiaINTERIMACCEPTEDACCEPTEDMS Word 2000 Macro Names Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Word 2000Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.Christine WalzerACCEPTEDIngrid SkoogINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDACCEPTEDMicrosoft Data Access Components 2.6 Remote Data Services Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Data Access Components 2.6Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub.Ingrid SkoogDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDRobert L. HollisINTERIMACCEPTEDJeff ChengINTERIMACCEPTEDClifford FarrugiaINTERIMACCEPTEDACCEPTEDAdobe Acrobat Reader .ETD Document Code Execution VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPAdobe Acrobat ReaderFormat string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD document containing format string specifiers in (1) title or (2) baseurl fields.Matthew WojcikDRAFTINTERIMACCEPTEDJonathan BakerINTERIMACCEPTEDACCEPTEDiDEFENSE reports that deleting eBook.api from the plug_ins directory is a workaround. See http://www.idefense.com/application/poi/display?id=163&type=vulnerabilitiesMicrosoft Office Visio Professional URL Buffer OverflowMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Office Visio Professional 2002Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.Ingrid SkoogDRAFTINTERIMACCEPTEDACCEPTEDMicrosoft Data Access Components 2.5 Remote Data Services Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Data Access Components 2.5Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub.Ingrid SkoogDRAFTINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDRobert L. HollisINTERIMACCEPTEDJeff ChengINTERIMACCEPTEDClifford FarrugiaINTERIMACCEPTEDACCEPTEDWord 2000 Malicious .doc Buffer Overflow IIMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Word 2000Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document.Matthew BurtonDRAFTINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDACCEPTEDExcel 2000 File Handler Code Execution VulnerabilityMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Excel 2000Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated.Matthew BurtonDRAFTINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDACCEPTEDWindows 98 Long Share Names VulnerabilityMicrosoft Windows 98Windows ShellBuffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba.Andrew ButtnerDRAFTINTERIMACCEPTEDACCEPTEDWord 2002 Malicious .doc Buffer Overflow IIMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Word 2002Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document.Matthew BurtonDRAFTINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDACCEPTEDWindows Project Professional URL Buffer OverflowMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Project Professional 2002Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.Ingrid SkoogDRAFTINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDACCEPTEDWord 2000 Malicious .doc Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Word 2000Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.Matthew BurtonDRAFTINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDACCEPTEDWord 2002 Malicious .doc Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Word 2002Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.Matthew BurtonDRAFTINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDACCEPTEDDEPRECATED: Windows Script Engine Heap Overflow (Test 1)Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPWindows Script Engine for JScript v5.6Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.Tiffany BergeronDavid ProulxDavid ProulxACCEPTEDChristine WalzerChristine WalzerINTERIMACCEPTEDMatthew WojcikINTERIMACCEPTEDAnna MinINTERIMACCEPTEDNate PrzybyszewskiDEPRECATEDSudhir GandheShane ShafferDEPRECATEDWord 2003 Malicious .doc Buffer OverflowMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003SambaBuffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.Matthew BurtonDRAFTINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDACCEPTEDMicrosoft Java Virtual Machine Security BypassMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Virtual Machine (VM)The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise."Tiffany BergeronINTERIMACCEPTEDACCEPTEDIE5.01,SP4 Java Proxy COM Object Instantiation Memory Corruption VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Internet ExplorerInternet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). NOTE: the researcher says that the vendor could not reproduce this problem.Harvey RubinovitzDRAFTJonathan BakerINTERIMACCEPTEDRobert L. HollisACCEPTEDRobert L. HollisINTERIMACCEPTEDACCEPTEDIFRAME VulnerabilityMicrosoft Windows 98Microsoft Windows 2000Microsoft Windows XPMicrosoft Internet ExplorerHeap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."Ingrid SkoogDRAFTINTERIMACCEPTEDIngrid SkoogINTERIMACCEPTEDChristine WalzerINTERIMACCEPTEDMatthew WojcikINTERIMACCEPTEDRobert L. HollisINTERIMRobert L. HollisACCEPTEDACCEPTEDWindows 98 Program Group Converter Buffer OverflowMicrosoft Windows 98Program Group ConverterBuffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to execute arbitrary code via a shell: URL with a long filename and a .grp extension, which is not properly handled when the shell capability launches grpconv.exe.Andrew ButtnerDRAFTINTERIMACCEPTEDACCEPTEDWord 2003 (wordview) Malicious .doc Buffer Overflow IIMicrosoft Windows 95Microsoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Word 2003Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document.Matthew BurtonDRAFTINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDChris WoodINTERIMACCEPTEDSharath SINTERIMACCEPTEDACCEPTEDStep-by-Step Interactive Training Buffer OverflowMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Interactive TrainingBuffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.Ingrid SkoogDRAFTINTERIMACCEPTEDJohn HoylandINTERIMACCEPTEDACCEPTEDDirectX 9 DirectShow Malicious MIDI File VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003DirectXMultiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buffer overflow.Robert L. HollisDRAFTINTERIMACCEPTEDMatthew WojcikINTERIMACCEPTEDJeff ItoINTERIMACCEPTEDACCEPTEDIE Web Page Spoofing VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Internet ExplorerInternet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability."Tiffany BergeronINTERIMACCEPTEDACCEPTEDDirectX 8 DirectShow Malicious MIDI File VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003DirectXMultiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buffer overflow.Robert L. HollisDRAFTINTERIMACCEPTEDMatthew WojcikINTERIMACCEPTEDRobert L. HollisINTERIMACCEPTEDJeff ItoINTERIMACCEPTEDACCEPTEDIE plugin.ocx Heap OverflowMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Internet ExplorerHeap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115.Tiffany BergeronINTERIMACCEPTEDINTERIMHarvey RubinovitzACCEPTEDACCEPTEDIE File Download Dialog Deception VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Internet ExplorerInternet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download.Tiffany BergeronINTERIMACCEPTEDINTERIMHarvey RubinovitzACCEPTEDChristine WalzerINTERIMACCEPTEDACCEPTEDMicrosoft Outlook Express v6.0,SP1 MHTML URL Processing VulnerabilityMicrosoft Windows 98Microsoft Windows MEMicrosoft Windows NTMicrosoft Windows 2000Microsoft Windows XPMicrosoft Outlook ExpressThe MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."Andrew ButtnerINTERIMACCEPTEDACCEPTEDWord 97 is installed.Service Pack 2 or less for Windows Office XP needs regex involving strings and less thanAs stated in the iDefense security advisory, if this key exists and contains a value, then the system has Interactive Training installed, and it will process .cbo files.HKEY_LOCAL_MACHINE^Software\\Microsoft\\Office\\10\.0\\Registration\\.*$ProductIDHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\SetupVersionHKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Microsoft SQL Server\\.*\\MSSQLServer\\CurrentVersion$CurrentVersionpptview.exeHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Office\11.0\Common\InstallRootPathHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Office\12.0\Common\InstallRootInstallCountHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\SetupSPOgl.dllGdiplus.dllsqlservr.exeHKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Microsoft SQL Server\\.*\\Setup$SQLPathsqlwb.exeHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EtherealDisplayNameHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WiresharkDisplayNameHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WiresharkDisplayVersionvserver.vxdHKEY_LOCAL_MACHINESYSTEM\CurrentControlSet\Services\UtilMan{5c773859-bb96- 48fa-875b-6a58aae072f4}IsInstalledmsjet40.dllwmsjet40.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB837001InstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Updates\DataAccess\Q823718IsInstalledHKEY_LOCAL_MACHINESoftware\Microsoft\Active Setup\Installed Components\{A954CDD5-A95F-414F-B3FE-FBEF9D2AECEA}IsInstalledmsgsc.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB832483InstalledHKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\.*DisplayNameHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}VersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersionCurrentVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ABEB838C-A1A7-4C5D-B7E1-8B4314600208}HKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersionProductNameHKEY_LOCAL_MACHINESYSTEM\CurrentControlSet\Control\Session Manager\EnvironmentPROCESSOR_ARCHITECTUREHKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\.*DisplayVersionmsmsgs.exeHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersionProgramFilesDirHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{ 3e7bb08a-a7a3-4692-8eac-ac5e7895755b}IsInstalledexcel.exeHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Excel.exePathodbcbcp.dllsqlsrv32.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Updates\DataAccess\Q832483IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Office\10.0\Excel\InstallRootHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90280409-6000-11D3-8CFE-0050048383C9}DisplayVersionHKEY_LOCAL_MACHINESOFTWARE\Adobe\Acrobat Reader\6.0\InstallerVersionMaxHKEY_LOCAL_MACHINESOFTWARE\Adobe\Acrobat Reader\6.0\InstallerVersionMineBook.apiHKEY_LOCAL_MACHINESOFTWARE\Adobe\Acrobat Reader\6.0\InstallerPathHKEY_LOCAL_MACHINESoftware\Microsoft\Windows\CurrentVersion\Uninstall\{90510409-6D54-11D4-BEE3-00C04F990354}DisplayVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90510409-6D54-11D4-BEE3-00C04F990354}WindowsInstallermsadco.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\Q329414InstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\DataAccessFullInstallVerHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{00010409-78E1-11D2-B60F-006097C998E7}DisplayVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Office\9.0\Excel\InstallRootMSO.DLLHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersionCommonFilesDirHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{903B0409-6000-11D3-8CFE-0050048383C9}DisplayVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Office\9.0\Word\InstallRootHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Office\10.0\Word\InstallRootHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersionCurrentVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersionCSDVersionjscript.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}Versionwinword.exeHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Winword.exePathmsjava.dllHKEY_CURRENT_USER^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\[0-4]$1200HKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\[0-4]$1200HKEY_CURRENT_USER^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\[0-4]$1400HKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\[0-4]$1400HKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{839117ee-2132-4bae-a56a-42b50204c9b9}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB889293IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersionVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Office\11.0\Word\InstallRootwordview.exeHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wordview.exePathHKEY_CLASSES_ROOTMITrain.Document\shell\open\commandOrun32.exeHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Updates\Step by Step Interactive Training\SP2\KB898458\FilelistHKEY_LOCAL_MACHINESoftware\Microsoft\Active Setup\Installed Components\{754D29C1-0C97-405F-98D0-21B212CA7FF1}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\DirectXVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\Q819696InstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{D7B44F3E-77D3-44C5-8E03-4222D9A18B7B}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{61E6EAE5-7821-4AC1-9BBD-AED032A8E273}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{FF4DD9CD-F25E-425a-8B5C-A2D062781FBB}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{2757B1D6-0367-4663-877C-93ECC5C01BF6}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{C34F4917-ED43-439f-9023-97B0024A2B3B}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{F9C174E3-3E87-40bc-AA94-B8974F2B9222}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{f5de1b93-9d38-416b-b09e-aa85a8e84309}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{377483c2-e4b4-4ee8-b577-9aed264c8735}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{96543d59-497a-4801-a1f3-5936aacaf7b1}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{057997dd-71e4-43cc-b161-3f8180691a9e}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Internet ExplorerVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{eddbec60-89cb-44ef-8291-0850fd28ff6a}IsInstalledmshtml.dllHKEY_LOCAL_MACHINESoftware\Microsoft\Active Setup\Installed Components\{716E024F-7F74-47F3-B93B-9FF7F3CBF94C}IsInstalledHKEY_LOCAL_MACHINESoftware\Microsoft\Active Setup\Installed Components\{E81659DF-28E1-4C60-B4B9-00A4BC5FA76D}IsInstalledHKEY_LOCAL_MACHINESoftware\Microsoft\Active Setup\Installed Components\{2D5974C5-5185-4f5b-80B6-28015ACDD74C}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet SettingsSecurity_HKLM_onlyHKEY_LOCAL_MACHINE^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\[0-4]$1803HKEY_LOCAL_MACHINESOFTWARE\Microsoft\Active Setup\Installed Components\{2cc9d512-6db6-4f1c-8979-9a41fae88de0}IsInstalledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Outlook Express\Version InfoCurrentinetcomm.dllHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersionSystemRoot9.00.3042.00.[0-9]+-.[0-9]+-.[0-9]+-.[0-9]+$^.*-OEM-.*$9.0.0.0^11\..+$0210.0.6844.012.0.6325.500011.0.8230.02005.90.3073.02005.90.3282.0^Ethereal.*$^Wireshark.*$^(1\.2\.[0-9])$5.1.0.125125.5.0.05.6.0.88314.10.2001.016,0,2600,00006.0.2739.3004.0.8618.04.0.8618.013.70.11.4015.50.4927.21006.0.2713.110036.0.2716.22005.50.4613.170015,50,4807,17005.50.4939.3006.0.0.06.1.0.2115.5.0.85135,5,0,85135.1.0.85135,1,0,8513x86^2\.8.*$2000.85.1025.02000.85.1025.01MSN Messenger 6.1Service Pack 2amd64^4,7^[Ss][Ee][Rr][Vv][Ii][Cc][Ee] [Pp][Aa][Cc][Kk] ([4-9]|([1-9][0-9]+))$5.0x86^[a-zA-Z0-9\(\)\s]*2003[a-zA-Z0-9\(\)\s]*$windows^[a-zA-Z0-9\(\)\s]*[Ww][Ii][Nn][Dd][Oo][Ww][Ss] [Xx][Pp][a-zA-Z0-9\(\)\s]*$Service Pack 1ia645.1.0.639^6\.2\.020[5-9]4.7.0.30014.7.0.20105.0.0.0^2\.70.*$2000.81.9002.02000.81.9002.0^2\.71.*$2000.81.9042.02000.81.9042.015.50.4945.280010.0.5815.08.0.1.990410.0.5815.09.0.0.82168.0.0.97168.0.0.93155.0.3809.02000.80.747.02000.80.747.03.70.11.463.70.11.46110.0.6626.0^2\.1.*$2.12.5118.09.0.0.8216^2\.6.*$2.62.9119.16310.2.511012.53.6202.01^2\.5.*$9.00.932710.0.8326.010.0.6735.010.0.8326.09.0.0.892910.0.6754.05.0^Service Pack ([4-9]|\d{2,})$5.6.0.85135,6,0,851311.0.6502.05.0.3810.0133335.00.3700.10005.0.3831.18006.00.2800.110611Windows 9811.0.6506.03.5.0.117^4\.[0]*9\.[0]+\.[0]*900^4\.[0]*9\.[0]+\.[0]*9015.50.4134.01005.50.4134.06005.50.4522.180015.50.4616.2005.50.4701.2400^4\.[0]*8\..*15.50.4807.23005.50.4926.25001111111111^6\.0+\.2600\.0+$16.0.2712.3001111316,0,2800,11066.0.2800.1409\Microsoft Office\PowerPoint Viewer\Microsoft Shared\OFFICE12\Microsoft Office\Office11\Binn\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\MSN Messenger\MessengerReader\plug_ins\System\msadc\Microsoft Shared\OFFICE10\Help\SBSI\Training\System32