Microsoft Security Bulletin Coverage (Nov 13, 2012)
Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of November, 2012. A list of issues reported, along with Dell SonicWALL coverage information follows:
MS12-071 Cumulative Security Update for Internet Explorer
- CVE-2012-1538 CFormElement Use After Free Vulnerability
IPS:9238 – Windows IE CFormElement Use After Free Exploit - CVE-2012-1539 CTreePos Use After Free Vulnerability
IPS:9237 – Windows IE CTreePos Use After Free Exploit - CVE-2012-4775 CTreeNode Use After Free Vulnerability
IPS:9236 – Windows IE CTreeNode Use After Free Exploit
MS12-072 Vulnerabilities in Windows Shell Could Allow Remote Code Execution
- CVE-2012-1527 Windows Briefcase Integer Underflow Vulnerability
IPS:5512 – Server Application Shellcode Exploit 28 IPS:5945 – Client Application Shellcode Exploit 18
CVE-2012-1528 Windows Briefcase Integer Overflow Vulnerability
GAV:Malformed.bfc.MP.1
MS12-073 Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Information Disclosure
- CVE-2012-2531 Password Disclosure Vulnerability
Exploitation requires valid logon credentials. - CVE-2012-2532 FTP Command Injection Vulnerability
No available method of attack detection.
MS12-074 Vulnerabilities in .NET Framework Could Allow Remote Code Execution
- CVE-2012-1895 Reflection Bypass Vulnerability
This is a local vulnerability. Detection of attacks on the wire is not possible. - CVE-2012-1896 Code Access Security Info Disclosure Vulnerability
This is a local vulnerability. Detection of attacks on the wire is not possible. - CVE-2012-2519 .NET Framework Insecure Library Loading Vulnerability
IPS:1023 – Binary Planting Attack 1
IPS:5726 – Binary Planting Attack 2
IPS:6847 – Binary Planting Attack 3
IPS:8538 – Binary Planting Attack 4
IPS:8546 – Binary Planting Attack 5 - CVE-2012-4776 Web Proxy Auto-Discovery Vulnerability
IPS:9243 – Malformed PAC File - CVE-2012-4777 WPF Reflection Optimization Vulnerability
This is a local vulnerability. Detection of attacks on the wire is not possible.
MS12-075 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution
- CVE-2012-2530 Win32k Use After Free Vulnerability
This is a local vulnerability. Detection of attacks on the wire is not possible. - CVE-2012-2553 Win32k Use After Free Vulnerability
This is a local vulnerability. Detection of attacks on the wire is not possible. - CVE-2012-2897 Windows Font Parsing Vulnerability
This is a local vulnerability. Detection of attacks on the wire is not possible.
MS12-076 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
- CVE-2012-1885 Excel SerAuxErrBar Heap Overflow Vulnerability
IPS:9239 – Malformed Excel Document 21 - CVE-2012-1886 Excel Memory Corruption Vulnerability
IPS:9240 – Malformed Excel Document 22 - CVE-2012-1887 Excel SST Invalid Length Use After Free Vulnerability
IPS:9241 – Malformed Excel Document 23 - CVE-2012-2543 Excel Stack Overflow Vulnerability
IPS:9242 – Malformed Excel Document 24
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
