Microsoft XML Core Servers Might Allow Execution of Arbitrary Code

A severe vulnerability in Microsoft XML Core Services might allow execution of arbitrary code, which could lead to an attacker gaining the same rights as the user whose system is attacked.

The vulnerability is being actively exploited, and Microsoft is aware of the problem, however no fix is available at this time. In a related advisory, "Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution" (see URL below), the company said that Windows Server 2003 and Windows 2003 Service Pack 1 (SP1) with Enhanced Security turned on aren't affected. The company also suggests several workarounds that can help protect against attack.

http://www.microsoft.com/technet/security/advisory/927892.mspx

PHP Vulnerable to DoS and Execution of Arbitrary Code

The HardenedPHP Project reported that the hugely popular script language PHP contains vulnerabilities in the htmlentities() and htmlspecialchars() functions that could allow an intruder to supply input that can cause Denial of Service (DoS) or the execution of arbitrary code due to heap overflow problems. A successful exploit could lead to a system compromise. The developers of PHP have released PHP 5.2.0, which addresses these problems. Users of PHP are advised to carefully filter user-supplied input and to upgrade to the latest version as soon as possible.

http://www.php.net/downloads.php

Microsoft Visual Studio Might Allow Execution of Arbitrary Code

A vulnerability in Microsoft Visual Studio 2005, which might allow the execution of arbitrary code, could allow a remote intruder to gain the same rights at the user whose system is attacked.

The vulnerability is in the WMI Object Broker ActiveX control, which is part of the WmiScriptUtils.dll file. Microsoft is aware of the problem and published an advisory, "Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution" (at the URL below) which includes suggested workarounds, however no patch is available at this time.

http://www.microsoft.com/technet/security/advisory/927709.mspx