Microsoft Security Bulletin Coverage (Oct 9, 2012)

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of October, 2012. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS12-064 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319)

• CVE-2012-0182 Word PAPX Section Corruption Vulnerability
  File based vulnerability. No known exploits exist in the wild.
• CVE-2012-2528 RTF File listid Use-After-Free Vulnerability
  IPS:8931 – Malformed RTF File 1

MS12-065 Vulnerability in Microsoft Works Could Allow Remote Code Execution (KB2754670)

• CVE-2012-2550 Works Heap Vulnerability
  IPS:8932 – Malformed Word Document 11

MS12-066 Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2741517)

• CVE-2012-2520 HTML Sanitization Vulnerability
  IPS:8932 – Malformed Word Document 11

MS12-067 Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2742321)

• CVE-2012-1766 Oracle Outside In contains multiple exploitable vulnerabilities
  No known exploits exist.
• CVE-2012-1767 Oracle Outside In contains multiple exploitable vulnerabilities
  No known exploits exist.
• CVE-2012-1768 Oracle Outside In contains multiple exploitable vulnerabilities
  No known exploits exist.
• CVE-2012-1769 Oracle Outside In contains multiple exploitable vulnerabilities
  GAV:Malformed.jpg.TL.3
  GAV:Malformed.jpg.TL.4
• CVE-2012-1770 Oracle Outside In contains multiple exploitable vulnerabilities
  No known exploits exist.
• CVE-2012-1771 Oracle Outside In contains multiple exploitable vulnerabilities
  No known exploits exist.
• CVE-2012-1772 Oracle Outside In contains multiple exploitable vulnerabilities
  No known exploits exist.
• CVE-2012-1773 Oracle Outside In contains multiple exploitable vulnerabilities
  No known exploits exist.
• CVE-2012-3106 Oracle Outside In contains multiple exploitable vulnerabilities
  No known exploits exist.
• CVE-2012-3107 Oracle Outside In contains multiple exploitable vulnerabilities
  No known exploits exist.
• CVE-2012-3108 Oracle Outside In contains multiple exploitable vulnerabilities
  No known exploits exist.
• CVE-2012-3109 Oracle Outside In contains multiple exploitable vulnerabilities
  No known exploits exist.
• CVE-2012-3110 Oracle Outside In contains multiple exploitable vulnerabilities
  No known exploits exist.

MS12-068 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2724197)

• CVE-2012-2529 Windows Kernel Integer Overflow Vulnerability
  This is a local EoP vulnerability. Detection on the wire is not possible.

MS12-069 Vulnerability in Kerberos Could Allow Denial of Service (2743555)

• CVE-2012-2551 Kerberos NULL Dereference Vulnerability
  Detection on the wire is not practical.

MS12-070 Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849)

• CVE-2012-2552 Reflected XSS Vulnerability
  IPS: 1369 – Cross-Site Scripting (XSS) Attempt 1

Security News

The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.