Posts

Microsoft Security Bulletin Coverage (Dec 13, 2011)

SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of December, 2011. A list of issues reported, along with SonicWALL coverage information follows:

MS11-087 Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)

  • CVE-2011-3402 TrueType Font Parsing Vulnerability
    GAV: Malformed.ttf.MP.1

MS11-088 Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2652016)

  • CVE-2011-2010 Pinyin IME Elevation Vulnerability
    This is a local vulnerability.

MS11-089 Vulnerability in Microsoft Office Could Allow Remote Code Execution (2590602)

  • CVE-2011-1983 Word Use After Free Vulnerability
    GAV: Malformed.doc.MP.4

MS11-090 Cumulative Security Update of ActiveX Kill Bits (2618451)

  • CVE-2011-3397 Microsoft Time Remote Code Execution Vulnerability
    IPS: 7224 – MS IE Time Element Remote Code Execution 1
    IPS: 7225 – MS IE Time Element Remote Code Execution 2

MS11-091 Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2607702)

  • CVE-2011-1508 Publisher Function Pointer Overwrite Vulnerability
    No details available.
  • CVE-2011-3410 Publisher Out-of-bounds Array Index Vulnerability
    IPS: 7226 – Malformed Publisher Document 3b
  • CVE-2011-3411 Publisher Invalid Pointer Vulnerability
    IPS: 7227 – Malformed Publisher Document 4b
  • CVE-2011-3412 Publisher Memory Corruption Vulnerability
    IPS: 7228 – Malformed Publisher Document 5b

MS11-092 Vulnerability in Windows Media Could Allow Remote Code Execution (2648048)

  • CVE-2011-3401 Windows Media Player DVR-MS Memory Corruption Vulnerability
    GAV: MsApp.Exp.MP.2

MS11-093 Vulnerability in OLE Could Allow Remote Code Execution (2624667)

  • CVE-2011-3400 OLE Property Vulnerability
    IPS: 7230 – Malformed Visio Document 4b

MS11-094 Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142)

  • CVE-2011-3396 PowerPoint Insecure Library Loading Vulnerability
    IPS: 5726 – Possible Binary Planting Attempt 1
    IPS: 1023 – Possible Binary Planting Attempt 2
    IPS: 6847 – Possible Binary Planting Attempt 3
  • CVE-2011-3413 OfficeArt Shape RCE Vulnerability
    GAV: Malformed.ppt.MP.2

MS11-095 Vulnerability in Active Directory Could Allow Remote Code Execution (2640045)

  • CVE-2011-3396 PowerPoint Insecure Library Loading Vulnerability
    It is not possible to distinguish attack from normal traffic.

MS11-096 Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241)

  • CVE-2011-3403 Record Memory Corruption Vulnerability
    GAV: Malformed.xls.MP.11

MS11-097 Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712)

  • CVE-2011-3408 CSRSS Local Privilege Elevation Vulnerability
    This is a local vulnerability.

MS11-098 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2633171)

  • CVE-2011-2018 Windows Kernel Exception Handler Vulnerability
    This is a local vulnerability.

MS11-099 Cumulative Security Update for Internet Explorer (2618444)

  • CVE-2011-1992 XSS Filter Information Disclosure Vulnerability
    This is a cross domain vulnerability. It is not possible to distinguish attack from normal traffic.
  • CVE-2011-2019 Internet Explorer Insecure Library Loading Vulnerability
    IPS: 5726 – Possible Binary Planting Attempt 1
    IPS: 1023 – Possible Binary Planting Attempt 2
    IPS: 6847 – Possible Binary Planting Attempt 3
  • CVE-2011-3404 Content-Disposition Information Disclosure Vulnerability
    It is not possible to distinguish attack from normal traffic.