Security News

Microsoft Security Bulletin Coverage (Feb 12, 2013)

By

Dell SonicWALL has analysed and addressed Microsoft’s security advisories for the month of February, 2013. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS13-009 Cumulative Security Update for Internet Explorer

  • CVE-2013-0015 Shift JIS Character Encoding Vulnerability
    IPS:9603 – Windows IE SJIS XSS
  • CVE-2013-0018 Internet Explorer SetCapture Use After Free Vulnerability
    IPS:9606 – Windows IE setCapture Use-After-Free
  • CVE-2013-0019 Internet Explorer COmWindowProxy Use After Free Vulnerability
    IPS:9607 – Windows IE comWindowProxy Use-After-Free
  • CVE-2013-0020 Internet Explorer CMarkup Use After Free Vulnerability
    IPS:9608 – Windows IE CDATA Use-After-Free
  • CVE-2013-0021 Internet Explorer vtabl Use After Free Vulnerability
    IPS:9611 – Windows IE vtable Use-After-Free
  • CVE-2013-0022 Internet Explorer LsGetTrailInfo Use After Free Vulnerability
    IPS:9613 – Windows IE lsGetTrailInfo Use-After-Free
  • CVE-2013-0023 Internet Explorer CDispNode Use After Free Vulnerability
    Detection of attack over the wire is not feasible.
  • CVE-2013-0024 Internet Explorer pasteHTML Use After Free Vulnerability
    IPS:9614 – Internet Explorer pasteHTML Use After Free Vulnerability
  • CVE-2013-0025 Internet Explorer SLayoutRun Use After Free Vulnerability
    IPS:9612 – Microsoft IE SLayoutRun Use After Free Exploit
  • CVE-2013-0026 Internet Explorer InsertElement Use After Free Vulnerability
    IPS:9610 – Internet Explorer InsertElement Use After Free Vulnerability
  • CVE-2013-0027 Internet Explorer CPasteCommand Use After Free Vulnerability
    IPS:9609 – HTTP Client Shellcode Exploit 76
  • CVE-2013-0028 Internet Explorer CObjectElement Use After Free Vulnerability
    IPS:9605 – Microsoft IE CObjectElement Use After Free Exploit
  • CVE-2013-0029 Internet Explorer CHTML Use After Free Vulnerability
    IPS:9604 – Microsoft IE VML Memory Corruption Exploit

MS13-010 Vulnerability in Vector Markup Language Could Allow Remote Code Execution

  • CVE-2013-0030 VML Memory Corruption Vulnerability
    IPS:9602 – Windows IE VML Memory Corruption Exploit

MS13-011 Vulnerability in Media Decompression Could Allow Remote Code Execution

  • CVE-2013-0077 Media Decompression Vulnerability
    There are no known exploits in the wild.

MS13-012 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution

  • CVE-2013-0393 Oracle Outside In Contains Multiple Exploitable Vulnerabilities
    IPS:9555 – Oracle Outside in DB Handling DoS
  • CVE-2013-0418 Oracle Outside In Contains Multiple Exploitable Vulnerabilities
    Malformed.cdr.TL.4

MS13-013 Vulnerabilities in FAST Search Server 2010 for SharePoint Passing Could Allow Remote Code Execution

  • CVE-2013-3214 Oracle Outside In Contains Multiple Exploitable Vulnerabilities
    There are no known exploits in the wild.
  • CVE-2013-3217 Oracle Outside In Contains Multiple Exploitable Vulnerabilities
    There are no known exploits in the wild.

MS13-014 Vulnerability in NFS Server Could Allow Denial of Service

  • CVE-2013-1281 NULL Dereference Vulnerability
    There are no known exploits in the wild.

MS13-015 Vulnerability in .NEW Framework Could Allow Elevation of Privilege

  • CVE-2013-0073 WinForms Callback Elevation Vulnerability
    This is a local vulnerability. Detection of attack over the wire is not feasible.

MS13-016 Win32k Race Condition Vulnerability

MS13-017 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege

  • CVE-2013-1278 Kernel Race Condition Vulnerability
    This is a local vulnerability. Detection of attack over the wire is not feasible.
  • CVE-2013-1279 Kernel Race Condition Vulnerability
    This is a local vulnerability. Detection of attack over the wire is not feasible.
  • CVE-2013-1280 Windows Kernel Reference Count Vulnerability
    This is a local vulnerability. Detection of attack over the wire is not feasible.

MS13-018 Vulnerability in Windows TCP/IP Could Allow Denial Of Service

  • CVE-2013-0075 TCP FIN WAIT Vulnerability
    Connection limiting settings on the SonicWall will defend against attacks targeting this vulnerability.

MS13-019 Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege

  • CVE-2013-0076 Reference Count Vulnerability
    This is a local vulnerability. Detection of attack over the wire is not feasible.

MS13-020 Vulnerability in OLE Automation Could Allow Remote Code Execution

  • CVE-2013-1313 Common Controls Remote Code
    IPS:9601 – Windows Common Controls Remote Code Execution (MS13-020)
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
Spam campaign roundup: The Memorial Day Edition (May 23, 2014)
Yet another Linux malware spotted in the wild (Feb 26, 2016)
Windows IE Button Element Use-After-Free (Dec 31, 2012)
The Covid-19 Hoax Scareware
Cybersecurity News & Trends - 06-19-20
Microsoft Security Bulletin Coverage for September 2023
The Unseen Layers: Exploring the Tactics of Multistage .NET Malware Packers
Novell GroupWise Internet Agent Content-Type BO (Nov 18, 2010)