Microsoft Security Bulletin Coverage (Feb 12, 2013)
Dell SonicWALL has analysed and addressed Microsoft’s security advisories for the month of February, 2013. A list of issues reported, along with Dell SonicWALL coverage information follows:
MS13-009 Cumulative Security Update for Internet Explorer- CVE-2013-0015 Shift JIS Character Encoding Vulnerability
IPS:9603 – Windows IE SJIS XSS - CVE-2013-0018 Internet Explorer SetCapture Use After Free Vulnerability
IPS:9606 – Windows IE setCapture Use-After-Free - CVE-2013-0019 Internet Explorer COmWindowProxy Use After Free Vulnerability
IPS:9607 – Windows IE comWindowProxy Use-After-Free - CVE-2013-0020 Internet Explorer CMarkup Use After Free Vulnerability
IPS:9608 – Windows IE CDATA Use-After-Free - CVE-2013-0021 Internet Explorer vtabl Use After Free Vulnerability
IPS:9611 – Windows IE vtable Use-After-Free - CVE-2013-0022 Internet Explorer LsGetTrailInfo Use After Free Vulnerability
IPS:9613 – Windows IE lsGetTrailInfo Use-After-Free - CVE-2013-0023 Internet Explorer CDispNode Use After Free Vulnerability
Detection of attack over the wire is not feasible. - CVE-2013-0024 Internet Explorer pasteHTML Use After Free Vulnerability
IPS:9614 – Internet Explorer pasteHTML Use After Free Vulnerability - CVE-2013-0025 Internet Explorer SLayoutRun Use After Free Vulnerability
IPS:9612 – Microsoft IE SLayoutRun Use After Free Exploit - CVE-2013-0026 Internet Explorer InsertElement Use After Free Vulnerability
IPS:9610 – Internet Explorer InsertElement Use After Free Vulnerability - CVE-2013-0027 Internet Explorer CPasteCommand Use After Free Vulnerability
IPS:9609 – HTTP Client Shellcode Exploit 76 - CVE-2013-0028 Internet Explorer CObjectElement Use After Free Vulnerability
IPS:9605 – Microsoft IE CObjectElement Use After Free Exploit - CVE-2013-0029 Internet Explorer CHTML Use After Free Vulnerability
IPS:9604 – Microsoft IE VML Memory Corruption Exploit
MS13-010 Vulnerability in Vector Markup Language Could Allow Remote Code Execution
- CVE-2013-0030 VML Memory Corruption Vulnerability
IPS:9602 – Windows IE VML Memory Corruption Exploit
MS13-011 Vulnerability in Media Decompression Could Allow Remote Code Execution
- CVE-2013-0077 Media Decompression Vulnerability
There are no known exploits in the wild.
MS13-012 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution
- CVE-2013-0393 Oracle Outside In Contains Multiple Exploitable Vulnerabilities
IPS:9555 – Oracle Outside in DB Handling DoS - CVE-2013-0418 Oracle Outside In Contains Multiple Exploitable Vulnerabilities
Malformed.cdr.TL.4
MS13-013 Vulnerabilities in FAST Search Server 2010 for SharePoint Passing Could Allow Remote Code Execution
- CVE-2013-3214 Oracle Outside In Contains Multiple Exploitable Vulnerabilities
There are no known exploits in the wild. - CVE-2013-3217 Oracle Outside In Contains Multiple Exploitable Vulnerabilities
There are no known exploits in the wild.
MS13-014 Vulnerability in NFS Server Could Allow Denial of Service
- CVE-2013-1281 NULL Dereference Vulnerability
There are no known exploits in the wild.
MS13-015 Vulnerability in .NEW Framework Could Allow Elevation of Privilege
- CVE-2013-0073 WinForms Callback Elevation Vulnerability
This is a local vulnerability. Detection of attack over the wire is not feasible.
MS13-016 Win32k Race Condition Vulnerability
- CVE-2013-1248 Win32k Race Condition Vulnerability
CVE-2013-1249 Win32k Race Condition Vulnerability
CVE-2013-1250 Win32k Race Condition Vulnerability
CVE-2013-1251 Win32k Race Condition Vulnerability
CVE-2013-1252 Win32k Race Condition Vulnerability
CVE-2013-1253 Win32k Race Condition Vulnerability
CVE-2013-1254 Win32k Race Condition Vulnerability
CVE-2013-1255 Win32k Race Condition Vulnerability
CVE-2013-1256 Win32k Race Condition Vulnerability
CVE-2013-1257 Win32k Race Condition Vulnerability
CV
E-2013-1258 Win32k Race Condition Vulnerability
CVE-2013-1259 Win32k Race Condition Vulnerability
CVE-2013-1260 Win32k Race Condition Vulnerability
CVE-2013-1261 Win32k Race Condition Vulnerability
CVE-2013-1262 Win32k Race Condition Vulnerability
CVE-2013-1263 Win32k Race Condition Vulnerability
CVE-2013-1264 Win32k Race Condition Vulnerability
CVE-2013-1265 Win32k Race Condition Vulnerability
CVE-2013-1266 Win32k Race Condition Vulnerability
CVE-2013-1267 Win32k Race Condition Vulnerability
CVE-2013-1268 Win32k Race Condition Vulnerability
CVE-2013-1269 Win32k Race Condition Vulnerability
CVE-2013-1270 Win32k Race Condition Vulnerability
CVE-2013-1271 Win32k Race Condition Vulnerability
CVE-2013-1272 Win32k Race Condition Vulnerability
CVE-2013-1273 Win32k Race Condition Vulnerability
CVE-2013-1274 Win32k Race Condition Vulnerability
CVE-2013-1275 Win32k Race Condition Vulnerability
CVE-2013-1276 Win32k Race Condition Vulnerability
CVE-2013-1277 Win32k Race Condition Vulnerability
These are local vulnerabilities. Detection of attack over the wire is not feasible.
MS13-017 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
- CVE-2013-1278 Kernel Race Condition Vulnerability
This is a local vulnerability. Detection of attack over the wire is not feasible.
- CVE-2013-1279 Kernel Race Condition Vulnerability
This is a local vulnerability. Detection of attack over the wire is not feasible.
- CVE-2013-1280 Windows Kernel Reference Count Vulnerability
This is a local vulnerability. Detection of attack over the wire is not feasible.
MS13-018 Vulnerability in Windows TCP/IP Could Allow Denial Of Service
- CVE-2013-0075 TCP FIN WAIT Vulnerability
Connection limiting settings on the SonicWall will defend against attacks targeting this vulnerability.
MS13-019 Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege
- CVE-2013-0076 Reference Count Vulnerability
This is a local vulnerability. Detection of attack over the wire is not feasible.
MS13-020 Vulnerability in OLE Automation Could Allow Remote Code Execution
- CVE-2013-1313 Common Controls Remote Code
IPS:9601 – Windows Common Controls Remote Code Execution (MS13-020)