Microsoft Security Bulletins Coverage (Oct 12, 2010)
SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of October, 2010. A list of issues reported, along with SonicWALL coverage information follows:
MS10-071 Cumulative Security Update for Internet Explorer (2360131)- CVE-2010-0808 – AutoComplete Information Disclosure Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3243 – HTML Sanitization Vulnerability
IPS 5844 MS IE XSS Vulnerability Exploit - CVE-2010-3324 – HTML Sanitization Vulnerability
IPS 4149 MS IE toStaticHTML Method Invocation - CVE-2010-3325 – CSS Special Character Information Disclosure Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3326– Uninitialized Memory Corruption Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3327 – Anchor Element Information Disclosure Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3328– Uninitialized Memory Corruption Vulnerability
Note: Detection would require a logical analysis or traversal of a file. It is not feasible. - CVE-2010-3329– Uninitialized Memory Corruption Vulnerability
IPS 5836MS IE Uninitialized Memory Corruption Vulnerability 2 (MS10-071) - CVE-2010-3330– Cross-Domain Information Disclosure Vulnerability
Note: Detection would require a logical analysis or traversal of a file. It is not feasible. - CVE-2010-3331– Uninitialized Memory Corruption Vulnerability
IPS 5835MS IE Uninitialized Memory Corruption Vulnerability (MS10-071)
MS10-072 Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)
- CVE-2010-3243– HTML Sanitization Vulnerability
Note: Please refer to MS10-071 - CVE-2010-3324– HTML Sanitization Vulnerability
Note: Please refer to MS10-071
MS10-073 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)
- CVE-2010-2549– Win32K Reference Count Vulnerability
Note: Local elevation of privilege - CVE-2010-2743– Win32K Keyboard Layout Vulnerability
Note: Local elevation of privilege - CVE-2010-2744– Win32k Window Class Vulnerability
Note: Local elevation of privilege
MS10-074 Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149)
- CVE-2010-3227– Windows MFC Document Title Updating Buffer Overflow Vulnerability
Note: There are no known public exploits targeting this vulnerability.
- CVE-2010-3225– RTSP Use After Free Vulnerability
IPS 5845 Microsoft Windows Media Player Code Execution Exploit
- CVE-2010-1883– Embedded OpenType Font Integer Overflow Vulnerability
IPS 5837 Malicious Font File Download 5b
MS10-077Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841)
- CVE-2010-3228– .NET Framework x64 JIT Compiler Vulnerability
Note: There is no way to differentiate malformed and legitimate traffic.
- CVE-2010-2740– OpenType Font Parsing Vulnerability
IPS 5831 Malicious Font File Download 3b - CVE-2010-2741– OpenType Font Validation Vulnerability
IPS 5832 Malicious Font File Download 4b
MS10-079Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)
- CVE-2010-2747– Word Uninitialized Pointer Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-2748– Word Boundary Check Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-2750– Word Index Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3214– Word Stack Overflow Vulnerability
IPS 5833Malicious Word Document 3b - CVE-2010-3215– Word Return Value Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3216– Word Bookmarks Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3217– Word Pointer Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3218– Word Heap Overflow Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3219– Word Index Parsing Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3220– Word Parsing Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3221– Word Parsing Vulnerability
Note: There are no known public exploits targeting this vulnerability.
MS10-080 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)
- CVE-2010-3230– Excel Record Parsing Integer Overflow Vulnerability
IPS 5840Malicious Excel Document 6b - CVE-2010-3231– Excel Record Parsing Memory Corruption Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3232– Excel File Format Parsing Vulnerability
IPS 5839Malicious Excel Document 5b - CVE-2010-3233– Lotus 1-2-3 Workbook Parsing Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3234– Formula Substream Memory Corruption Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3235– Formula Biff Record Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3236– Out Of Bounds Array Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3237– Merge Cell Record Pointer Vulnerability
IPS 5834Malicious Excel Document 3b - CVE-2010-3238– Negative Future Function Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3239– Extra Out of Boundary Record Parsing Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3240– Real Time Data Array Record Vulnerability
IPS 5838Malicious Excel Document 4b - CVE-2010-3241– Out-of-Bounds Memory Write in Parsing Vulnerability
Note: There are no known public exploits targeting this vulnerability. - CVE-2010-3242– Ghost Record Type Parsing Vulnerability
Note: There are no known public exploits targeting this vulnerability.
MS10-081 Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011)
- CVE-2010-2746– Comctl32 Heap Overflow Vulnerability
Note: There are no known public exploits targeting this vulnerability.
MS10-082 Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111)
- CVE-2010-2745– Windows Media Player Memory Corruption Vulnerability
Note: There are no known public exploits targeting this vulnerability.
- CVE-2010-1263– COM Validation Vulnerability
Note: This is a platform design-level issue. The detection logic varies in different ActiveX control.
MS10-084 Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937)
- CVE-2010-3222– LPC Message Buffer Overrun Vulnerability
Note: This is a Local elevation of privilege.
MS10-085 Vulnerability in SChannel Could Allow Denial of Service (2207566)
- CVE-2010-3229– TLSv1 Denial of Service Vulnerability
IPS 5846MS IIS 7.0 Denial of Service Attempt
MS10-086 Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255)
- CVE-2010-3223– Permissions on New Cluster Disks Vulnerability
Note: There is no way to differentiate malformed and legitimate traffic.