Microsoft Security Bulletin Coverage (May 8, 2012)
SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of May, 2012. A list of issues reported, along with SonicWALL coverage information follows:
MS12-029 Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352)
- CVE-2012-0183 RTF Mismatch Vulnerability
GAV: 18584 – Malformed-File rtf.MP.2
MS12-030 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830)
- CVE-2012-0141 Excel File Format Memory Corruption Vulnerability
GAV: 18668 – Malformed-File xls.MP.9
- CVE-2012-0142 Excel File Format Memory Corruption in OBJECTLINK Record Vulnerability
GAV: 18672 – Malformed-File xls.MP.10
- CVE-2012-0143 Excel Memory Corruption Using Various Modified Bytes Vulnerability
GAV: 18675 – Malformed-File xls.MP.11
- CVE-2012-0184 Excel SXLI Record Memory Corruption Vulnerability
GAV: 18676 – Malformed-File xls.MP.12
- CVE-2012-0185 Excel MergeCells Record Heap Overflow Vulnerability
GAV: 18677 – Malformed-File xls.MP.13
- CVE-2012-1847 Excel Series Record Parsing Type Mismatch Could Result in Remote Code Execution Vulnerability
GAV: 18678 – Malformed-File xls.MP.14
GAV: 18679 – Malformed-File xls.MP.15
MS12-031 Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981)
- CVE-2012-0018 VSD File Format Memory Corruption Vulnerability
GAV: 18603 – Malformed-File vsd.MP.1
MS12-032 Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338)
- CVE-2012-0174 Windows Firewall Bypass Vulnerability
There is no feasible method of detection at gateway level.
- CVE-2012-0179 TCP/IP Double Free Vulnerability
This is a local vulnerability.
MS12-033 Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533)
- CVE-2012-0178 Plug and Play (PnP) Configuration Manager Vulnerability
This is a local vulnerability.
- CVE-2011-3402 TrueType Font Parsing Vulnerability
GAV: 18600 – Malformed-File ttf.MP.1
- CVE-2011-0159 TrueType Font Parsing Vulnerability
GAV: 18601 – Malformed-File ttf.MP.2
- CVE-2012-0162 .NET Framework Buffer Allocation Vulnerability
GAV: 18521 – Malformed-File exe.MP.3
- CVE-2012-0164 .NET Framework Index Comparison Vulnerability
There is no feasible method of detection.
- CVE-2012-0165 GDI+ Record Type Vulnerability
GAV: 18516 – Malformed-File emf.MP.3
GAV: 18680 – Malformed-File xls.MP.16
- CVE-2012-0167 GDI+ Heap Overflow Vulnerability
GAV: 18510 – Malformed-File emf.MP.1
GAV: 18514 – Malformed-File emf.MP.2
- CVE-2012-0176 Silverlight Double-Free Vulnerability
There is no feasible method of detection.
- CVE-2012-0180 Windows and Messages Vulnerability
This is a local vulnerability.
- CVE-2012-0181 Keyboard Layout File Vulnerability
This is a local vulnerability.
- CVE-2012-1848 Scrollbar Calculation Vulnerability
This is a local vulnerability.
MS12-035 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777)
- CVE-2012-0160 .NET Framework Serialization Vulnerability
This is a local vulnerability.
- CVE-2012-0161 .NET Framework Serialization Vulnerability
GAV: 18522 – Malformed-File exe.MP.4
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
