Posts

Microsoft Security Bulletin Coverage (May 12, 2015)

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of May, 2015. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS15-043 Cumulative Security Update for Internet Explorer (3049563)

  • CVE-2015-1658 Internet Explorer Memory Corruption Vulnerability
    IPS: 10927 Internet Explorer Memory Corruption Vulnerability (MS15-043) 3
  • CVE-2015-1684 VBScript ASLR Bypass
    There are no known exploits in the wild.
  • CVE-2015-1685 Internet Explorer ASLR Bypass
    This is a local vulnerability.
  • CVE-2015-1686 VBScript and JScript ASLR Bypass
    IPS: 10926 Internet Explorer ASLR Bypass Vulnerability (MS15-053)
  • CVE-2015-1688 Internet Explorer Elevation of Privilege Vulnerability
    This is a local vulnerability.
  • CVE-2015-1689 Internet Explorer Memory Corruption Vulnerability
    IPS: 10929 Internet Explorer Memory Corruption Vulnerability (MS15-043) 4
  • CVE-2015-1691 Internet Explorer Memory Corruption Vulnerability
    IPS: 10930 Internet Explorer Memory Corruption Vulnerability (MS15-043) 5
  • CVE-2015-1692 Internet Explorer Clipboard Information Disclosure Vulnerability
    IPS: 10931 Internet Explorer Clipboard Information Disclosure Vulnerability (MS15-043) 1
  • CVE-2015-1694 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1703 Internet Explorer Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1704 Internet Explorer Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1705 Internet Explorer Memory Corruption Vulnerability
    IPS: 10932 Internet Explorer Memory Corruption Vulnerability (MS15-043) 6
  • CVE-2015-1706 Internet Explorer Memory Corruption Vulnerability
    IPS: 10933 Internet Explorer Memory Corruption Vulnerability (MS15-043) 10
  • CVE-2015-1708 Internet Explorer Memory Corruption Vulnerability
    IPS: 10934 Internet Explorer Memory Corruption Vulnerability (MS15-043) 8
  • CVE-2015-1709 Internet Explorer Memory Corruption Vulnerability
    IPS: 10937 Internet Explorer Memory Corruption Vulnerability (MS15-043) 10
  • CVE-2015-1710 Internet Explorer Memory Corruption Vulnerability
    IPS: 10935 Internet Explorer Memory Corruption Vulnerability (MS15-043) 12
  • CVE-2015-1711 Internet Explorer Memory Corruption Vulnerability
    IPS: 2121 Internet Explorer Memory Corruption Vulnerability (MS15-043) 1
  • CVE-2015-1712 Internet Explorer Memory Corruption Vulnerability
    IPS: 2122 Internet Explorer Memory Corruption Vulnerability (MS15-043) 2
  • CVE-2015-1713 Internet Explorer Memory Corruption Vulnerability
    This is a local vulnerability.
  • CVE-2015-1714 Internet Explorer Memory Corruption Vulnerability
    IPS: 2123 Internet Explorer Memory Corruption Vulnerability (MS15-043) 7
  • CVE-2015-1717 Internet Explorer Memory Corruption Vulnerability
    IPS: 2125 Internet Explorer Memory Corruption Vulnerability (MS15-043) 11
  • CVE-2015-1718 Internet Explorer Memory Corruption Vulnerability
    IPS: 2143 Internet Explorer Memory Corruption Vulnerability (MS15-043) 13

MS15-044 Vulnerabilities in Microsoft Font Drivers Could Allow Remote Code Execution (3057110)

  • CVE-2015-1670 OpenType Font Parsing Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1671 TrueType Font Parsing Vulnerability
    There are no known exploits in the wild.

MS15-045 Vulnerability in Windows Journal Could Allow Remote Code Execution (3046002)

  • CVE-2015-1675 Windows Journal Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1695 Windows Journal Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1696 Windows Journal Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1697 Windows Journal Remote
    Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1698 Windows Journal Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1699 Windows Journal Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS15-046 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3057181)

  • CVE-2015-1682 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1683 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.

MS15-047 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (3058083)

  • CVE-2015-1700 Microsoft SharePoint Page Content Vulnerabilities
    There are no known exploits in the wild.

MS15-048 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3057134)

  • CVE-2015-1672 .NET XML Decryption Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1673 Windows Forms Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS15-049 Vulnerability in Silverlight Could Allow Elevation of Privilege (3058985)

  • CVE-2015-1715 Microsoft Silverlight Out of Browser Application Vulnerability
    There are no known exploits in the wild.

MS15-050 Vulnerability in Service Control Manager Could Allow Elevation of Privilege (3055642)

  • CVE-2015-1702 Service Control Manager Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS15-051 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (3057191)

  • CVE-2015-1776 Microsoft Windows Kernel Memory Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1777 Microsoft Windows Kernel Memory Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1778 Microsoft Windows Kernel Memory Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1779 Microsoft Windows Kernel Memory Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1780 Microsoft Windows Kernel Memory Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-1701 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS15-052 Vulnerability in Windows Kernel Could Allow Security Feature Bypass (3050514)

  • CVE-2015-1774 Windows Kernel Security Feature Bypass Vulnerability
    There are no known exploits in the wild.

MS15-053 Vulnerabilities in JScript and VBScript Scripting Engines Could Allow Security Feature Bypass (3057263)

  • CVE-2015-1784 VBScript ASLR Bypass
    There are no known exploits in the wild.
  • CVE-2015-1786 VBScript and JScript ASLR Bypass
    IPS: 10926 Internet Explorer ASLR Bypass Vulnerability (MS15-053)

MS15-054 Vulnerability in Microsoft Management Console File Format Could Allow Denial of Service (3051768)

  • CVE-2015-1781 Microsoft Management Console File Format Denial of Service Vulnerability
    SPY: 4880 Malformed-File msc.MP.1

MS15-055 Vulnerability in Schannel Could Allow Information Disclosure (3061518)

  • CVE-2015-1716 Schannel Information Disclosure Vulnerability
    There are no known exploits in the wild.