Posts

Microsoft Security Bulletins Coverage (Aug 10, 2010)

SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of August, 2010. A list of issues reported, along with SonicWALL coverage information follows:

MS10-047 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege

  • CVE-2010-1888Windows Kernel Data Initialization Vulnerability
    Local elevation of privilege
  • CVE-2010-1889Windows Kernel Double Free Vulnerability
    Local elevation of privilege
  • CVE-2010-1890Windows Kernel Improper Validation Vulnerability
    Local denial of service

MS10-048 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege

  • CVE-2010-1887Win32k Bounds Checking Vulnerability
    Local denial of service
  • CVE-2010-1894Win32k Exception Handling Vulnerability
    Local elevation of privilege
  • CVE-2010-1895Win32k Pool Overflow Vulnerability
    Local elevation of privilege
  • CVE-2010-1896Win32k User Input Validation Vulnerability
    Local elevation of privilege
  • CVE-2010-1897Win32k Window Creation Vulnerability
    Local elevation of privilege

MS10-049 Vulnerabilities in SChannel Could Allow Remote Code Execution

  • CVE-2009-3555TLS/SSL Renegotiation Vulnerability
    This vulnerability allows an attacker to spoof an authenticated SSL client.
    There is no feasible method to discern malicious traffic from normal.
  • CVE-2010-2566SChannel Malformed Certificate Request Remote Code Execution Vulnerability
    Attacks occur over an encrypted channel.

MS10-050 Vulnerability in Windows Movie Maker Could Allow Remote Code Execution

  • CVE-2010-2564Movie Maker Memory Corruption Vulnerability
    There are no known public exploits targeting this vulnerability.

MS10-051 Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

  • CVE-2010-2561MSxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability
    Unexpected HTTP responses may trigger a bug in Microsoft XML Core Services which may result in process flow diversion.

MS10-052 Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution

  • CVE-2010-1882MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
    There are no known public exploits targeting this vulnerability.

MS10-053 Cumulative Security Update for Internet Explorer

  • CVE-2010-1258Event Handler Cross-Domain Vulnerability
    IPS 5184 – document.execCommand Method Invocation
  • CVE-2010-2556Uninitialized Memory Corruption Vulnerability
  • IPS 5157 – location.protocol Attribute Setting

  • CVE-2010-2557Uninitialized Memory Corruption Vulnerability
    This is a logical flaw. Attacks targeting this vulnerability cannot be detected by IPS.
  • CVE-2010-2558Race Condition Memory Corruption Vulnerability
    This is a logical flaw. Attacks targeting this vulnerability cannot be detected by IPS.
  • CVE-2010-2559Uninitialized Memory Corruption Vulnerability
    This is a logical flaw. Attacks targeting this vulnerability cannot be detected by IPS.
  • CVE-2010-2560HTML Layout Memory Corruption Vulnerability
    This is a logical flaw. Attacks targeting this vulnerability cannot be detected by IPS.

MS10-054 Vulnerabilities in SMB Server Could Allow Remote Code Execution

  • CVE-2010-2550SMB Pool Overflow Vulnerability
    IPS 5235 – MS SMB Pool Overflow Attack Attempt
  • CVE-2010-2551SMB Variable Validation Vulnerability
    A denial of service vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets.
  • CVE-2010-2552SMB Stack Exhaustion Vulnerability
    A denial of service vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB compounded requests.

MS10-055 Vulnerability in Cinepak Codec Could Allow Remote Code Execution

  • CVE-2010-2553Cinepak Codec Decompression Vulnerability
    There are no known public exploits targeting this vulnerability.

MS10-056 Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution

  • CVE-2010-1900Word Record Parsing Vulnerability
    There are no known public exploits targeting this vulnerability.
  • CVE-2010-1901Word RTF Parsing Engine Memory Corruption Vulnerability
    GAV Agent.EXP_5
    GAV Agent.EXP_6
    GAV Agent.EXP_7
  • CVE-2010-1902MS Word RTF Parsing Buffer Overflow Attempt
    IPS 5127 – MS Word RTF Parsing Buffer Overflow Attempt
  • CVE-2010-1903Word HTML Linked Objects Memory Corruption Vulnerability
    There are no known public exploits targeting this vulnerability.

MS10-057 Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution

  • CVE-2010-2562
    Excel Memory Corruption Vulnerability
    There are no known public exploits targeting this vulnerability.

MS10-058 Vulnerabilities in TCP/IP Could Allow Elevation of Privilege

  • CVE-2010-1892IPv6 Memory Corruption Vulnerability
    A denial of service vulnerability exists in TCP/IP processing in Microsoft Windows due to an error in the processing of specially crafted IPv6 packets with a malformed extension header.
  • CVE-2010-1893Integer Overflow in Windows Networking Vulnerability
    Local elevation of privilege

MS10-059 Vulnerabilities in the Tracing Feature for Services Could Allow an Elevation of Privilege

  • CVE-2010-2554Tracing Registry Key ACL Vulnerability
    Local elevation of privilege
  • CVE-2010-2555Tracing Memory Corruption Vulnerability
    Local elevation of privilege

MS10-060 Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution

  • CVE-2010-0019Microsoft Silverlight Memory Corruption Vulnerability
    IPS 5115 – MS Silverlight Memory Corruption S1
  • CVE-2010-1898Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability
    A remote code execution vulnerability exists in the Microsoft .NET Framework that can allow a specially crafted Microsoft .NET application or a specially crafted Silverlight application to access memory, leading to arbitrary unmanaged code execution.