CVE-2012-1879 Archives | SonicWall

Posts

Microsoft Security Bulletin Coverage (Jun 12, 2012)

June 13, 2012/in Threat intelligence /by Security News

SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of June, 2012. A list of issues reported, along with SonicWALL coverage information follows:

MS12-036 Vulnerability in Remote Desktop Could Allow Remote Code Execution (2685939)

CVE-2012-0173 Remote Desktop Protocol Vulnerability
There is no feasible method of detection at gateway level.

MS12-037 Cumulative Security Update for Internet Explorer (2699988)

CVE-2012-1523 Center Element Remote Code Execution Vulnerability
IPS: 7959 – Microsoft IE Center Element Exploit

CVE-2012-1858 HTML Sanitization Vulnerability
IPS: 7960 – Cross-Site Scripting (XSS) Attempt 32

CVE-2012-1872 EUC-JP Character Encoding Vulnerability
There is no feasible method of detection.

CVE-2012-1873 Null Byte Information Disclosure Vulnerability
IPS: 7961 – Microsoft IE Null Byte Information Disclosure Exploit

CVE-2012-1874 Developer Toolbar Remote Code Execution Vulnerability
IPS: 7962 – Microsoft IE Developer Toolbar Memory Corruption

CVE-2012-1875 Same ID Property Remote Code Execution Vulnerability
IPS: 7963 – Microsoft IE Same ID Property Exploit

CVE-2012-1876 Col Element Remote Code Execution Vulnerability
IPS: 7454 – HTTP Client Shellcode Exploit 35a

CVE-2012-1877 Title Element Change Remote Code Execution Vulnerability
GAV: 20231 – Malformed-File html.MP.5

CVE-2012-1878 OnBeforeDeactivate Event Remote Code Execution Vulnerability
GAV: 20228 – Malformed-File html.MP.4

CVE-2012-1879 insertAdjacentText Remote Code Execution Vulnerability
IPS: 4665 – HTTP Client Shellcode Exploit 13a

CVE-2012-1880 insertRow Remote Code Execution Vulnerability
GAV: 20227 – Malformed-File html.MP.3

CVE-2012-1881 OnRowsInserted Event Remote Code Execution Vulnerability
GAV: 20225 – Malformed-File html.MP.2

CVE-2012-1882 Scrolling Events Information Disclosure Vulnerability
There is no feasible method of detection.

MS12-038 Vulnerability in .NET Framework Could Allow Remote Code Execution (2706726)

CVE-2012-1855 .NET Framework Memory Access Vulnerability
IPS: 7964 – Malformed ZIP File 12

MS12-039 Vulnerabilities in Lync Could Allow Remote Code Execution (2707956)

CVE-2011-3402 TrueType Font Parsing Vulnerability
GAV: 19421 – Malformed.ttf.MP.1

CVE-2012-0159 TrueType Font Parsing Vulnerability
GAV: 18601 – Malformed-File ttf.MP.2

CVE-2012-1849 Lync Insecure Library Loading Vulnerability
IPS: 1023 – Binary Planting Attempt 1
IPS: 5726 – Binary Planting Attempt 2
IPS: 6847 – Binary Planting Attempt 3

CVE-2012-1858 HTML Sanitization Vulnerability
IPS: 7960 – Cross-Site Scripting (XSS) Attempt 32

MS12-040 Vulnerability in Microsoft Dynamics AX Enterprise Portal Could Allow Elevation of Privilege (2709100)

CVE-2012-1857 Dynamics AX Enterprise Portal XSS Vulnerability
IPS: 1369 – Cross-Site Scripting (XSS) Attempt 1

MS12-041 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2709162)

CVE-2012-1864 String Atom Class Name Handling Vulnerability
This is a local elevation of privilege vulnerability.

CVE-2012-1865 String Atom Class Name Handling Vulnerability
This is a local elevation of privilege vulnerability.

CVE-2012-1866 Clipboard Format Atom Name Handling Vulnerability
This is a local elevation of privilege vulnerability.

CVE-2012-1867 Font Resource Refcount Integer Overflow Vulnerability
This is a local elevation of privilege vulnerability.

CVE-2012-1868 Win32k.sys Race Condition Vulnerability
This is a local elevation of privilege vulnerability.

MS12-042 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2711167)

CVE-2012-0217 User Mode Scheduler Memory Corruption Vulnerability
This
is a local elevation of privilege vulnerability.

CVE-2012-1515 BIOS ROM Corruption Vulnerability
This is a local elevation of privilege vulnerability.

Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2719615)

CVE-2012-1889 MSXML Uninitialized Memory Corruption Vulnerability
IPS: 7967 – ACTIVEX Suspicious ActiveX Method 7
IPS: 7968 – ACTIVEX Suspicious ActiveX Method 8
IPS: 7969 – ACTIVEX Suspicious ActiveX Method 9
IPS: 7970 – ACTIVEX Suspicious ActiveX Method 10
IPS: 7971 – ACTIVEX Suspicious ActiveX Method 11

Pin It on Pinterest