Multiple Browser Vulnerabilities
 |
 |
 |
 |
 |
Exploitation of browser vulnerabilities is a favorite attack vector and browser vendors have been trying to keep up with security updates.
Internet Explorer Vulnerabilities
The 0-day vulnerability announced by Microsoft on March 9 was the first in a series of Internet Explorer vulnerabilities. On March 30 Microsoft released a cumulative bulletin for Internet Explorer featuring 10 Critical vulnerabilities, including a patch for the March 9 iepeers vulnerability. Check Point has provided protections against all 10 vulnerabilities (see the advisory index page). Here are the protections for the vulnerabilities that are most likely to be exploited:
| Threat | Industry Reference | Protection |
|---|---|---|
| iepeers.dll Remote Code Execution* | CVE-2010-0806 | CPAI-2010-044 |
| DOM Operation HTML Object Memory Corruption | CVE-2010-0491 | CPAI-2010-054 |
| CSS HTML Object Memory Corruption | CVE-2010-0492 | CPAI-2010-055 |
| Element Cross-Domain Information Disclosure | CVE-2010-0494 | CPAI-2010-056 |
| HTML CSS Tag Rendering Memory Corruption | CVE-2010-0807 | CPAI-2010-058 |
*This vulnerability is currently being exploited in the wild.
Mozilla Firefox Vulnerabilities
Mozilla Firefox was also found to be affected with multiple vulnerabilities. IPS-1 provides protection for various Mozilla vulnerabilities, the most exploitable of which are the following. The Mozilla Foundation has provided patches for all vulnerabilities.
| Threat | Industry Reference | Protection |
|---|---|---|
| PKCS11 Module Installation Code Execution | CVE-2009-3076 | CPAI-2010-116 |
| Top-level Script Object Offset Calculation Memory Corruption | CVE-2009-3073 | CPAI-2010-117 |
| Browser Engine Memory Corruption | CVE-2009-3382 | CPAI-2010-113 |
Vulnerability in Apple Safari
Apple iPhone is vulnerable to a denial of service, caused by an error in the Safari Web browser when handling tel: URIs. A remote attacker could exploit this vulnerability to cause the device to crash. The vendor has not yet released a patch. IPS-1 provides immediate protection for this vulnerability by detecting and blocking HTML documents containing 'tel:'-style URIs which are over a threshold length.
| Threat | Industry Reference | Protection |
|---|---|---|
| Apple iPhone Safari 'tel:' URI Handling Remote DoS | CVE-2009-3271 | CPAI-2010-120 |