Microsoft Security Bulletin Coverage (Jun 9, 2015)
Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of June, 2015. A list of issues reported, along with Dell SonicWALL coverage information are as follows:
MS15-056 Cumulative Security Update for Internet Explorer (3058515)
- CVE-2015-1765 Internet Explorer Information Disclosure Vulnerability
There are no known exploits in the wild. - CVE-2015-1739 Internet Explorer Elevation of Privilege Vulnerability
This is a local vulnerability. - CVE-2015-1743 Internet Explorer Elevation of Privilege Vulnerability
This is a local vulnerability. - CVE-2015-1748 Internet Explorer Elevation of Privilege Vulnerability
IPS: 10988 “Internet Explorer Elevation of Privilege Vulnerability (MS15-056) 1” - CVE-2015-1687 Internet Explorer Memory Corruption Vulnerability
IPS: 10977 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 1” - CVE-2015-1730 Internet Explorer Memory Corruption Vulnerability
IPS: 10978 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 2” - CVE-2015-1731 Internet Explorer Memory Corruption Vulnerability
IPS: 10979 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 3” - CVE-2015-1732 Internet Explorer Memory Corruption Vulnerability
IPS: 10980 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 7” - CVE-2015-1735 Internet Explorer Memory Corruption Vulnerability
IPS: 10981 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 10” - CVE-2015-1736 Internet Explorer Memory Corruption Vulnerability
IPS: 10982 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 8” - CVE-2015-1737 Internet Explorer Memory Corruption Vulnerability
IPS: 10983 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 9” - CVE-2015-1740 Internet Explorer Memory Corruption Vulnerability
IPS: 10984 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 12” - CVE-2015-1741 Internet Explorer Memory Corruption Vulnerability
IPS: 10985 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 14” - CVE-2015-1742 Internet Explorer Memory Corruption Vulnerability
IPS: 10986 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 15” - CVE-2015-1744 Internet Explorer Memory Corruption Vulnerability
IPS: 10987 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 19” - CVE-2015-1745 Internet Explorer Memory Corruption Vulnerability
IPS: 2144 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 4” - CVE-2015-1747 Internet Explorer Memory Corruption Vulnerability
IPS: 2145 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 6” - CVE-2015-1750 Internet Explorer Memory Corruption Vulnerability
IPS: 2147 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 11” - CVE-2015-1751 Internet Explorer Memory Corruption Vulnerability
IPS: 2151 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 13” - CVE-2015-1752 Internet Explorer Memory Corruption Vulnerability
IPS: 2153 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 18” - CVE-2015-1753 Internet Explorer Memory Corruption Vulnerability
IPS: 2168 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 22” - CVE-2015-1754 Internet Explorer Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2015-1755 Internet Explorer Memory Corruption Vulnerability
IPS: 2156 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 20” - CVE-2015-1766 Internet Explorer Memory Corruption Vulnerability
IPS: 2167 “Internet Explorer Memory Corruption Vulnerability (MS15-056) 21”
MS15-057 Vulnerability in Windows Media Player Could Allow Remote Code Execution (3033890)
- CVE-2015-1728 Windows Media Player RCE via DataObject Vulnerability
This is a local vulnerability.
MS15-059 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3064949)
- CVE-2015-1759 Microsoft Office Memory Corruption Vulnerability
ASPY: 1021 “Malformed-File doc.MP.21” - CVE-2015-1760 Microsoft Office Memory Corruption Vulnerability
ASPY: 1037 “Malformed-File doc.MP.22” - CVE-2015-1770 Microsoft Office Uninitialized Memory Use Vulnerability
ASPY: 1038 “Malformed-File docx.MP.6”
MS15-060 Vulnerability in Microsoft Common Controls Could Allow Remote Code Execution (3059317)
- CVE-2015-1756 Microsoft Common Control Use After Free Vulnerability
There are no known exploits in the wild.
MS15-061 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (3057839)
- CVE-2015-1719 Microsoft Windows Kernel Information Disclosure Vulnerability
This is a local vulnerability. - CVE-2015-1720 Microsoft Windows Kernel Use After Free Vulnerability
This is a local vulnerability. - CVE-2015-1721 Win32k Null Pointer Dereference Vulnerability
This is a local vulnerability. - CVE-2015-1722 Microsoft Windows Kernel Bitmap Handling Use After Free Vulnerability
This is a local vulnerability. - CVE-2015-1723 Microsoft Windows Station Use After Free Vulnerability
This is a local vulnerability. - CVE-2015-1724 Microsoft Windows Kernel Object Use After Free Vulnerability
This is a local vulnerability. - CVE-2015-1725 Win32k Buffer Overflow Vulnerability
This is a local vulnerability. - CVE-2015-1726 Microsoft Windows Kernel Brush Object Use After Free Vulnerability
This is a local vulnerability. - CVE-2015-1727 Win32k Pool Buffer Overflow Vulnerability
This is a local vulnerability. - CVE-2015-1768 Win32k Memory Corruption Elevation of Privilege Vulnerability
This is a local vulnerability. - CVE-2015-2360 Win32k Elevation of Privilege Vulnerability
This is a local vulnerability.
MS15-062 Vulnerability in Active Directory Federation Services Could Allow Elevation of Privilege (3062577)
- CVE-2015-1757 ADFS XSS Elevation of Privilege Vulnerability
IPS: 10892 “Cross-Site Scripting (XSS) Attack 49”
MS15-063 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (3063858)
- CVE-2015-1758 Windows LoadLibrary EoP Vulnerability
This is a local vulnerability.
MS15-064 Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3062157)
- CVE-2015-1764 Exchange Server-Side Request Forgery Vulnerability
There are no known exploits in the wild. - CVE-2015-1771 Exchange Cross-Site Request Forgery Vulnerability
There are no known exploits in the wild. - CVE-2015-2359 Exchange HTML Injection Vulnerability
There are no known exploits in the wild.