Thanks ahodes1
Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise (Q321599)
Summary
Who should read this bulletin: Customers hosting web servers using Microsoft® Windows NT® 4.0 or Windows® 2000.
Impact of vulnerability: Run code of an attacker's choice on the system
Maximum Severity Rating: Moderate
Affected Software:
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
Download: For all versions of IIS
Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (Q318138)
Summary
Who should read this bulletin: Customers using Microsoft® Windows NT®, Windows® 2000 and Windows XP.
Impact of vulnerability: Local privilege elevation.
Maximum Severity Rating: Critical
Download: Patch for WinNT/2000/XP
Unchecked Buffer in SQLXML Could Lead to Code Execution (Q321911)
Summary
Impact of vulnerability: Two vulnerabilities, the most serious of which could run code of attacker's choice.
Maximum Severity Rating: Moderate
Recommendation: System administrators who have enabled SQLXML and enabled data queries over HTTP should install the patch immediately.
Download: For all versions of SQLXML
