Posts

Microsoft Security Bulletin Coverage (May 14, 2013)

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of May, 2013. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS13-037 Cumulative Security Update for Internet Explorer (2829530)

  • CVE-2013-2551 Internet Explorer Use After Free Vulnerability
    IPS: 9897 “Windows IE VML shape object Memory Corruption”
  • CVE-2013-1313 Internet Explorer Use After Free Vulnerability
    IPS: 9601 “Windows OLE Automation Remote Code Execution 2 (MS13-020)”
    IPS: 9635 “Windows OLE Automation Remote Code Execution 3 (MS13-020)”
    IPS: 9636 “Windows OLE Automation Remote Code Execution 4 (MS13-020)”
  • CVE-2013-1312 Internet Explorer Use After Free Vulnerability
    IPS: 9899 “Windows IE DOM Object Use-After-Free 5”
  • CVE-2013-1311 Internet Explorer Use After Free Vulnerability
    IPS: 9896 “Windows IE DOM Object Use-After-Free 4”
  • CVE-2013-1310 Internet Explorer Use After Free Vulnerability
    IPS: 9895 “Windows IE DOM Object Use-After-Free 3”
  • CVE-2013-1309 Internet Explorer Use After Free Vulnerability
    IPS: 9894 “Windows IE CDispNode Use-After-Free”
  • CVE-2013-1308 Internet Explorer Use After Free Vulnerability
    IPS: 9609 “DOM Object Use-After-Free Attack 3”
  • CVE-2013-1307 Internet Explorer Use After Free Vulnerability
    IPS: 7454 “HTTP Client Shellcode Exploit 35a”
  • CVE-2013-1306 Internet Explorer Use After Free Vulnerability
    IPS: 9900 “Windows IE DOM Object Use-After-Free 6”
  • CVE-2013-1297 JSON Array Information Disclosure Vulnerability
    IPS: 9891 “Windows IE JSON Information Disclosure”
  • CVE-2013-0811 Internet Explorer Use After Free Vulnerability
    Not feasible to detect the vulnerability.

MS13-038 Security Update for Internet Explorer (2847204)

  • CVE-2013-1347 Security Update for Internet Explorer
    IPS: 9470 “DOM Object Use-After-Free Attack 2”
    IPS: 9871 “Obfuscated HTML Code 3a”
    IPS: 9872 “Windows IE DOM Object Use-After-Free 1”
    IPS: 9873 “Windows IE DOM Object Use-After-Free 2”

MS13-039 Vulnerability in HTTP.sys Could Allow Denial of Service (2829254)

  • CVE-2013-1305 HTTP.sys Denial of Service Vulnerability
    IPS: 9893 “Suspicious HTTP Accept-Encoding Header 1”

MS13-040 Vulnerabilities in .NET Framework Could Allow Spoofing (2836440)

  • CVE-2013-1337 Authentication Bypass Vulnerability
    Cannot distinguish between normal and attack traffic.
  • CVE-2013-1336 XML Digital Signature Spoofing Vulnerability
    Cannot distinguish between normal and attack traffic.

MS13-041 Vulnerability in Lync Could Allow Remote Code Execution (2834695)

  • CVE-2013-1302 Lync RCE Vulnerability
    There are no known exploits in the wild.

MS13-42 Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2830397)

  • CVE-2013-1329 Publisher Buffer Underflow Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-1328 Publisher Pointer Handling Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-1327 Publisher Signed Integer Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-1323 Publisher Incorrect NULL Value Handling Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-1322 Publisher Invalid Range Check Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-1321 Publisher Return Value Validation Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-1320 Publisher Buffer Overflow Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-1319 Publisher Return Value Handling Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-1318 Publisher Corrupt Interface Pointer Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-1317 Publisher Integer Overflow Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-1316 Publisher Negative Value Allocation Vulnerability
    There are no known exploits in the wild.

MS13-043 Vulnerability in Microsoft Word Could Allow Remote Code Execution (2830399)

  • CVE-2013-1335 Word Shape Corruption Vulnerability
    There are no known exploits in the wild.

MS13-044 Vulnerability in Microsoft Visio Could Allow Information Disclosure (2834692)

  • CVE-2013-1301 XML External Entities Resolution Vulnerability
    IPS: 9892 “Microsoft Visio Information Disclosure”

MS13-045 Vulnerability in Windows Essentials Could Allow Information Disclosure (2813707)

  • CVE-2013-0096 Windows Essentials Improper URI Handling Vulnerability
    There are no known exploits in the wild.

MS13-046 Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2840221)

  • CVE-2013-1334 Win32k Window Handle Vulnerability
    It’s elevation of privilege, not feasible to detect.
  • CVE-2013-1333 Win32k Buffer Overflow Vulnerability
    It’s elevation of privilege, not feasible to detect.
  • CVE-2013-1332 DirectX Graphics Kernel Subsystem Double Fetch Vulnerability
    It’s elevation of privilege, not feasible to detect.