Posts

Microsoft Security Bulletin Coverage (May 13, 2014)

/in /by

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of May, 2014. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS14-021 Security Update for Internet Explorer (2965111)

  • CVE-2014-1776 Internet Explorer Memory Corruption Vulnerability
    IPS: 3787 “Internet Explorer Memory Corruption Vulnerability (CVE-2014-1776)”
    SPY: 3371 “Malformed-File html.MP.6”
    SPY: 3372 “Malformed-File html.MP.7”
    SPY: 3367 “Malformed-File swf.OT.9”
    SPY: 2290 “Malformed-File swf.OT.8”
    GAV: 23155 “CVE-2014-1776”

MS14-029 Security Update for Internet Explorer (2962482)

  • CVE-2014-1815 Internet Explorer Memory Corruption Vulnerability
    IPS: 3869 “Windows IE Memory Corruption Vulnerability (MS14-029) 2”
    CVE-2014-0310 Internet Explorer Memory Corruption Vulnerability
    IPS: 3867 “Windows IE Memory Corruption Vulnerability (MS14-029) 1”

MS14-022 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2952166)

  • CVE-2014-0251 SharePoint Page Content Vulnerability
    There are no known exploits in the wild.
  • CVE-2014-1754 SharePoint XSS Vulnerability
    IPS: 3868 “Microsoft SharePoint Server XSS 11 (MS14-022)”
    IPS: 1369 “Cross-Site Scripting (XSS) Attack 1”
    IPS: 6753 “Cross-Site Scripting (XSS) Attack 8”
  • CVE-2014-1813 Web Applications Page Content Vulnerability
    There are no known exploits in the wild.

MS14-023 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2961037)

  • CVE-2014-1756 Microsoft Office Chinese Grammar Checking Vulnerability
    There are no known exploits in the wild.
  • CVE-2014-1808 Token Reuse Vulnerability
    There are no known exploits in the wild.

MS14-025 Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege (2962486)

  • CVE-2014-1812 Group Policy Preferences Password Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS14-026 Vulnerability in .NET Framework Could Allow Elevation of Privilege (2958732)

  • CVE-2014-1806 TypeFilterLevel Vulnerability
    There are no known exploits in the wild.

MS14-027 Vulnerability in Windows Shell Handler Could Allow Elevation of Privilege (2962488)

  • CVE-2014-1807 Windows Shell File Association Vulnerability
    There are no known exploits in the wild.

MS14-028 Vulnerabilities in iSCSI Could Allow Denial of Service (2962485)

  • CVE-2014-0255 iSCSI Target Remote Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2014-0256 iSCSI Target Remote Denial of Service Vulnerability
    There are no known exploits in the wild.

MS14-024 Vulnerability in a Microsoft Common Control Could Allow Security Feature Bypass (2961033)

  • CVE-2014-1809 MSCOMCTL ASLR Vulnerability
    There are no known exploits in the wild.