Microsoft Security Bulletin Coverage (Dec 13, 2011)
SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of December, 2011. A list of issues reported, along with SonicWALL coverage information follows:
MS11-087 Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)
- CVE-2011-3402 TrueType Font Parsing Vulnerability
GAV: Malformed.ttf.MP.1
- CVE-2011-2010 Pinyin IME Elevation Vulnerability
This is a local vulnerability.
MS11-089 Vulnerability in Microsoft Office Could Allow Remote Code Execution (2590602)
- CVE-2011-1983 Word Use After Free Vulnerability
GAV: Malformed.doc.MP.4
MS11-090 Cumulative Security Update of ActiveX Kill Bits (2618451)
- CVE-2011-3397 Microsoft Time Remote Code Execution Vulnerability
IPS: 7224 – MS IE Time Element Remote Code Execution 1
IPS: 7225 – MS IE Time Element Remote Code Execution 2
MS11-091 Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2607702)
- CVE-2011-1508 Publisher Function Pointer Overwrite Vulnerability
No details available.
- CVE-2011-3410 Publisher Out-of-bounds Array Index Vulnerability
IPS: 7226 – Malformed Publisher Document 3b
- CVE-2011-3411 Publisher Invalid Pointer Vulnerability
IPS: 7227 – Malformed Publisher Document 4b
- CVE-2011-3412 Publisher Memory Corruption Vulnerability
IPS: 7228 – Malformed Publisher Document 5b
MS11-092 Vulnerability in Windows Media Could Allow Remote Code Execution (2648048)
- CVE-2011-3401 Windows Media Player DVR-MS Memory Corruption Vulnerability
GAV: MsApp.Exp.MP.2
MS11-093 Vulnerability in OLE Could Allow Remote Code Execution (2624667)
- CVE-2011-3400 OLE Property Vulnerability
IPS: 7230 – Malformed Visio Document 4b
MS11-094 Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142)
- CVE-2011-3396 PowerPoint Insecure Library Loading Vulnerability
IPS: 5726 – Possible Binary Planting Attempt 1
IPS: 1023 – Possible Binary Planting Attempt 2
IPS: 6847 – Possible Binary Planting Attempt 3
- CVE-2011-3413 OfficeArt Shape RCE Vulnerability
GAV: Malformed.ppt.MP.2
MS11-095 Vulnerability in Active Directory Could Allow Remote Code Execution (2640045)
- CVE-2011-3396 PowerPoint Insecure Library Loading Vulnerability
It is not possible to distinguish attack from normal traffic.
MS11-096 Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241)
- CVE-2011-3403 Record Memory Corruption Vulnerability
GAV: Malformed.xls.MP.11
- CVE-2011-3408 CSRSS Local Privilege Elevation Vulnerability
This is a local vulnerability.
MS11-098 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2633171)
- CVE-2011-2018 Windows Kernel Exception Handler Vulnerability
This is a local vulnerability.
MS11-099 Cumulative Security Update for Internet Explorer (2618444)
- CVE-2011-1992 XSS Filter Information Disclosure Vulnerability
This is a cross domain vulnerability. It is not possible to distinguish attack from normal traffic.
- CVE-2011-2019 Internet Explorer Insecure Library Loading Vulnerability
IPS: 5726 – Possible Binary Planting Attempt 1
IPS: 1023 – Possible Binary Planting Attempt 2
IPS: 6847 – Possible Binary Planting Attempt 3
- CVE-2011-3404 Content-Disposition Information Disclosure Vulnerability
It is not possible to distinguish attack from normal traffic.