CVE-2011-1237 Archives

SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of April, 2011. A list of issues reported, along with SonicWALL coverage information follows:

MS11-018 Cumulative Security Update for Internet Explorer (2497640)

CVE-2011-0094 – Layouts Handling Memory Corruption Vulnerability
IPS 6432 MS IE Memory Corruption Vulnerability
CVE-2011-0346 – MSHTML Memory Corruption Vulnerability
There is no feasable method of detection.
CVE-2011-1245 – Javascript Information Disclosure Vulnerability
IPS 6435 MS IE Javascript Information Disclosure Vulnerability
CVE-2011-1345 – Object Management Memory Corruption Vulnerability
IPS 6427 MS IE Double Release Object Vulnerability
IPS 6428 MS IE Double Release Object Vulnerability 2
GAV IExploit.A6428

MS11-019 Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455)

CVE-2011-0654 – Browser Pool Corruption Vulnerability
IPS 6248 Generic Netbios Shellcode Exploit
CVE-2011-0660 – SMB Client Response Parsing Vulnerability
IPS 6436 SMB Client Response Parsing Vulnerability Exploit

MS11-020 Vulnerability in SMB Server Could Allow Remote Code Execution (2508429)

CVE-2011-0661 – SMB Transaction Parsing Vulnerability
There is no feasable method of detection.

MS11-021 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279)

CVE-2011-0097 – Excel Integer Overrun Vulnerability
GAV MS.Xsl.E
CVE-2011-0098 – Excel Heap Overflow Vulnerability
GAV MS.Xsl.E_2
CVE-2011-0101 – Excel Record Parsing WriteAV Vulnerability
GAV MS.Xsl.E_3
CVE-2011-0103 – Excel Memory Corruption Vulnerability
GAV MS.Xsl.E_5
CVE-2011-0104 – Excel Buffer Overwrite Vulnerability
GAV Hlink.BO.A
GAV Hlink.BO.B
CVE-2011-0105 – Excel Data Initialization Vulnerability
GAV MS.Xsl.E_6
CVE-2011-0978 – Excel Array Indexing Vulnerability
GAV MS.Xsl.E_7
CVE-2011-0979 – Excel Linked List Corruption Vulnerability
GAV MS.Xsl.E_8
CVE-2011-0980 – Excel Dangling Pointer Vulnerability
GAV MS.Xsl.E_4

MS11-022 Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2489283)

CVE-2011-0685 – Floating Point Techno-color Time Bandit RCE Vulnerability
GAV MS.Ppt.E
CVE-2011-0656 – Persist Directory RCE Vulnerability
GAV MS.Ppt.E_2
CVE-2011-0976 – OfficeArt Atom RCE Vulnerability
GAV MS.Ppt.E_3

MS11-023 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489293)

CVE-2011-0107 – Office Component Insecure Library Loading Vulnerability
IPS 5726 Possible Binary Planting Attempt
CVE-2011-0977 – Microsoft Office Graphic Object Dereferencing Vulnerability
GAV MS.Xsl.E_9

MS11-024 Vulnerability in Windows Fax Cover Page Editor Could Allow Remote Code Execution (2527308)

CVE-2010-3974 – Fax Cover Page Editor Memory Corruption Vulnerability
GAV MS.cov.E

MS11-025 Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution (2500212)

CVE-2010-3190 – MFC Insecure Library Loading Vulnerability
IPS 5726 Possible Binary Planting Attempt

MS11-026 Vulnerability in MHTML Could Allow Information Disclosure (2503658)

CVE-2011-0096 – MHTML Mime-Formatted Request Vulnerability
IPS 6205 MHTML Protocol Handler XSS Attack Attempt 4

MS11-027 Cumulative Security Update of ActiveX Kill Bits (2508272)

CVE-2010-0811 – Microsoft Internet Explorer 8 Developer Tools Vulnerability
IPS 6437 MS Windows IE8 Developer Tools ActiveX Invocation Attempt
CVE-2010-3973 – Microsoft WMITools ActiveX Control Vulnerability
IPS 6434 MS Windows WMITools ActiveX Control Invocation Attempt
CVE-2011-1243 – Microsoft Windows Messenger ActiveX Control Vulnerability
IPS 6433 MS Windows Live Messenger ActiveX invocation attempt

MS11-028 Vulnera
bility in .NET Framework Could Allow Remote Code Execution (2484015)

CVE-2010-3958 – NET Framework Stack Corruption Vulnerability
This is a local vulnerability.

MS11-029 Vulnerability in GDI+ Could Allow Remote Code Execution (2489979)

CVE-2011-0041 – GDI+ Integer Overflow Vulnerability
GAV ms11-029.ms

MS11-030 Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553)

CVE-2011-0657 – DNS Query Vulnerability
There is no feasable method of detection.

MS11-031 Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution (2514666)

CVE-2011-0663 – Scripting Memory Reallocation Vulnerability
There is no feasable method of detection.

MS11-032 Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2507618)

CVE-2011-0034 – OpenType Font Stack Overflow Vulnerability
IPS 6438 MS OpenType Font Stack Overflow Exploit

MS11-033 Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2485663)

CVE-2011-0028 – WordPad Converter Parsing Vulnerability
GAV ms11-033.ms.ttextflow
GAV ms11-033.ms.tsplit

MS11-034 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223)

CVE-2011-0662 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-0665 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-0666 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-0667 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-0670 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-0671 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-0672 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-0673 – Win32k Null Pointer De-reference Vulnerability
Local authenticated vulnerability
CVE-2011-0674 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-0675 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-0676 – Win32k Null Pointer De-reference Vulnerability
Local authenticated vulnerability
CVE-2011-0677 – Win32k Null Pointer De-reference Vulnerability
Local authenticated vulnerability
CVE-2011-1225 – Win32k Null Pointer De-reference Vulnerability
Local authenticated vulnerability
CVE-2011-1226 – Win32k Null Pointer De-reference Vulnerability
Local authenticated vulnerability
CVE-2011-1227 – Win32k Null Pointer De-reference Vulnerability
Local authenticated vulnerability
CVE-2011-1228 – Win32k Null Pointer De-reference Vulnerability
Local authenticated vulnerability
CVE-2011-1229 – Win32k Null Pointer De-reference Vulnerability
Local authenticated vulnerability
CVE-2011-1230 – Win32k Null Pointer De-reference Vulnerability
Local authenticated vulnerability
CVE-2011-1231 – Win32k Null Pointer De-reference Vulnerability
Local authenticated vulnerability
CVE-2011-1232 – Win32k Null Pointer De-reference Vulnerability
Local authenticated vulnerability
CVE-2011-1233 – Win32k Null Pointer De-reference Vulnerability
Local authenticated vulnerability
CVE-2011-1234 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-1235 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-1236 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-1237 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-1238 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-1239 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-1240 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-1241 – Win32k Use After Free Vulnerability
Local authenticated vulnerability
CVE-2011-1242 – Win32k Use After Free Vulnerability
Local authenticated vulnerability

Posts

Microsoft Security Bulletins Coverage (April 12, 2011)

About SonicWall

Products

Solutions

Customers

Support

Posts

About SonicWall

Products

Solutions

Customers

Support

Pin It on Pinterest