Microsoft Security Bulletins Coverage (Aug 10, 2010)
SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of August, 2010. A list of issues reported, along with SonicWALL coverage information follows:
MS10-047 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
- CVE-2010-1888 – Windows Kernel Data Initialization Vulnerability
Local elevation of privilege - CVE-2010-1889 – Windows Kernel Double Free Vulnerability
Local elevation of privilege - CVE-2010-1890 – Windows Kernel Improper Validation Vulnerability
Local denial of service
MS10-048 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
- CVE-2010-1887 – Win32k Bounds Checking Vulnerability
Local denial of service - CVE-2010-1894 – Win32k Exception Handling Vulnerability
Local elevation of privilege - CVE-2010-1895 – Win32k Pool Overflow Vulnerability
Local elevation of privilege - CVE-2010-1896 – Win32k User Input Validation Vulnerability
Local elevation of privilege - CVE-2010-1897 – Win32k Window Creation Vulnerability
Local elevation of privilege
MS10-049 Vulnerabilities in SChannel Could Allow Remote Code Execution
- CVE-2009-3555 – TLS/SSL Renegotiation Vulnerability
This vulnerability allows an attacker to spoof an authenticated SSL client.
There is no feasible method to discern malicious traffic from normal. - CVE-2010-2566 – SChannel Malformed Certificate Request Remote Code Execution Vulnerability
Attacks occur over an encrypted channel.
MS10-050 Vulnerability in Windows Movie Maker Could Allow Remote Code Execution
- CVE-2010-2564 – Movie Maker Memory Corruption Vulnerability
There are no known public exploits targeting this vulnerability.
MS10-051 Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution
- CVE-2010-2561 – MSxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability
Unexpected HTTP responses may trigger a bug in Microsoft XML Core Services which may result in process flow diversion.
MS10-052 Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution
- CVE-2010-1882 – MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
There are no known public exploits targeting this vulnerability.
MS10-053 Cumulative Security Update for Internet Explorer
- CVE-2010-1258 – Event Handler Cross-Domain Vulnerability
IPS 5184 – document.execCommand Method Invocation - CVE-2010-2556 – Uninitialized Memory Corruption Vulnerability
- CVE-2010-2557 – Uninitialized Memory Corruption Vulnerability
This is a logical flaw. Attacks targeting this vulnerability cannot be detected by IPS. - CVE-2010-2558 – Race Condition Memory Corruption Vulnerability
This is a logical flaw. Attacks targeting this vulnerability cannot be detected by IPS. - CVE-2010-2559 – Uninitialized Memory Corruption Vulnerability
This is a logical flaw. Attacks targeting this vulnerability cannot be detected by IPS. - CVE-2010-2560 – HTML Layout Memory Corruption Vulnerability
This is a logical flaw. Attacks targeting this vulnerability cannot be detected by IPS.
IPS 5157 – location.protocol Attribute Setting
MS10-054 Vulnerabilities in SMB Server Could Allow Remote Code Execution
- CVE-2010-2550 – SMB Pool Overflow Vulnerability
IPS 5235 – MS SMB Pool Overflow Attack Attempt - CVE-2010-2551 – SMB Variable Validation Vulnerability
A denial of service vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets. - CVE-2010-2552 – SMB Stack Exhaustion Vulnerability
A denial of service vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB compounded requests.
MS10-055 Vulnerability in Cinepak Codec Could Allow Remote Code Execution
- CVE-2010-2553 – Cinepak Codec Decompression Vulnerability
There are no known public exploits targeting this vulnerability.
MS10-056 Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution
- CVE-2010-1900 – Word Record Parsing Vulnerability
There are no known public exploits targeting this vulnerability. - CVE-2010-1901 – Word RTF Parsing Engine Memory Corruption Vulnerability
GAV Agent.EXP_5
GAV Agent.EXP_6
GAV Agent.EXP_7 - CVE-2010-1902 – MS Word RTF Parsing Buffer Overflow Attempt
IPS 5127 – MS Word RTF Parsing Buffer Overflow Attempt - CVE-2010-1903 – Word HTML Linked Objects Memory Corruption Vulnerability
There are no known public exploits targeting this vulnerability.
MS10-057 Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution
- CVE-2010-2562
– Excel Memory Corruption Vulnerability
There are no known public exploits targeting this vulnerability.
MS10-058 Vulnerabilities in TCP/IP Could Allow Elevation of Privilege
- CVE-2010-1892 – IPv6 Memory Corruption Vulnerability
A denial of service vulnerability exists in TCP/IP processing in Microsoft Windows due to an error in the processing of specially crafted IPv6 packets with a malformed extension header. - CVE-2010-1893 – Integer Overflow in Windows Networking Vulnerability
Local elevation of privilege
MS10-059 Vulnerabilities in the Tracing Feature for Services Could Allow an Elevation of Privilege
- CVE-2010-2554 – Tracing Registry Key ACL Vulnerability
Local elevation of privilege - CVE-2010-2555 – Tracing Memory Corruption Vulnerability
Local elevation of privilege
- CVE-2010-0019 – Microsoft Silverlight Memory Corruption Vulnerability
IPS 5115 – MS Silverlight Memory Corruption S1 - CVE-2010-1898 – Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability
A remote code execution vulnerability exists in the Microsoft .NET Framework that can allow a specially crafted Microsoft .NET application or a specially crafted Silverlight application to access memory, leading to arbitrary unmanaged code execution.