 |
Check Point�s IPS protects customers using the IPS Software Blade for Security Gateway R70, VPN-1� NGX R65, R62, R61, R60, VSX NGX R65, and InterSpect NGX from the following vulnerabilities. No update is required to address these issues:
 Microsoft Excel Rich Text Parsing Zero-Day Remote Code Execution Vulnerability (MS09-009)
Industry Reference: CVE-2009-0238.
A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed Excel files over HTTP.
Protections are available immediately for this vulnerability. See CPAI-2009-028.
Microsoft Windows HTTP Services Certificate Name Mismatch Remote Code Execution Vulnerability (MS09-013)Industry Reference: CVE-2009-0089.
A spoofing vulnerability has been reported in Microsoft Windows HTTP Services. Windows HTTP Services (WinHTTP) provides developers with an HTTP client application programming interface (API) to send requests through the HTTP protocol to other HTTP servers. A remote attacker may exploit this issue to impersonate a secure (HTTPS) web site. This protection will block attempts to exploit the WinHTTP spoofing vulnerability.
Protections are available immediately for this vulnerability. See SBP-2009-10.
Apple Safari on Windows Platform Remote Code Execution Vulnerability (MS09-015)Industry Reference: CVE-2008-2540.
A remote code execution vulnerability exists in Safari for Windows, a web browser developed by Apple. An attacker can exploit this issue to execute arbitrary code on a target system. This protection enables the HTTP Worm Catcher to detect and block the vulnerability based on pre-defined worm signatures.
Protections are available immediately for this vulnerability. See CPAI-2008-082.
Microsoft ISA Server Cross-Site Scripting (XSS) Vulnerability (MS09-016)Industry Reference: CVE-2009-0237.
A cross-site scripting (XSS) vulnerability has been reported in the cookieauth.dll component in Microsoft Internet Security and Acceleration (ISA) Server. ISA Server, originating as Microsoft Proxy Server, is a Firewall & Security product that provides Application-Layer Firewalling, acts as a VPN endpoint, and provides Internet Access for client systems in a Business Networking environment. A remote attacker may exploit this vulnerability to run malicious scripts on an affected system. This protection will detect and block Cross-Site Scripting attacks.
Protections are available immediately for this vulnerability. See CPAI-2009-092 .
Microsoft ISA Server TCP State Limited Denial of Service Vulnerability (MS09-016)Industry Reference: CVE-2009-0077.
A denial of service vulnerability has been reported in Microsoft Internet Security and Acceleration (ISA) Server. ISA Server, originating as Microsoft Proxy Server, is a Firewall & Security product that provides Application-Layer Firewalling, acts as a VPN endpoint, and provides Internet Access for client systems in a Business Networking environment. A remote attacker may exploit this vulnerability to cause the affected Web proxy listener to become non-responsive. This protection will detect and block attempts to exploit the denial of service vulnerability.
Protections are available immediately for this vulnerability. See SBP-2009-12.
Check Point�s IPS update services protect customers using the IPS Software Blade for Security Gateway R70, VPN-1� NGX R65, R62, R61, R60, VSX NGX R65, and InterSpect NGX from the following vulnerabilities:
Microsoft Office Excel OBJ Record Parsing Memory Corruption Vulnerability (MS09-009)Industry Reference: CVE-2009-0100.
A remote code execution vulnerability has been identified in the Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed Excel files over HTTP.
Protections are available immediately for this vulnerability. See CPAI-2009-076.
Microsoft Windows HTTP Services Credential Reflection Remote Code Execution Vulnerability (MS09-013)Industry Reference: CVE-2009-0550.
A remote code execution vulnerability has been reported in the way Microsoft Windows HTTP Services handles NTLM credentials. Windows HTTP Services (WinHTTP) provides developers with an HTTP client application programming interface (API) to send requests through the HTTP protocol to other HTTP servers. The vulnerability allows a remote attacker to replay the user's credentials back to them, creating a reflection attack, and enabling execution of arbitrary code in the context of the logged-on user. This protection will detect and block reflection attacks.
Protections are available immediately for this vulnerability. See CPAI-2009-082.
Check Point�s IPS update services protect customers using the IPS Software Blade for Security Gateway R70 from the following vulnerabilities:
Microsoft WordPad and Office Text Converter Document Parsing Memory Corruption Vulnerability (MS09-010)Industry Reference: CVE-2009-0087.
A remote code execution vulnerability has been reported in WordPad and Office Text Converters. Office Text Converters are a default component of Microsoft Office that allow users to open and save files as older Office file formats. WordPad Text Converters allow users who do not have Microsoft Office Word installed to open documents in other Microsoft Windows applications. They also allow users to save documents in the Word 6.0 file format. A remote attacker can exploit this vulnerability via a specially crafted file. Successful exploitation may allow execution of arbitrary code on a vulnerable system. This protection will detect and block attempts to exploit this vulnerability.
Protections are available immediately for this vulnerability. See CPAI-2009-068.
Microsoft WordPad Word 97 Text Converter Text Location Stack Overflow Vulnerability (MS09-010)Industry Reference: CVE-2009-0235.
A remote code execution vulnerability has been reported in Microsoft WordPad. WordPad Text Converters allow users who do not have Microsoft Office Word installed to open documents in other Microsoft Windows applications. They also allow users to save documents in the Word 97 file format. A remote attacker can exploit this vulnerability via a specially crafted Word 97 document. Successful exploitation may allow execution of arbitrary code on a vulnerable system. This protection will detect and block attempts to exploit this vulnerability.
Protections are available immediately for this vulnerability. See CPAI-2009-072.
Microsoft WordPad Word 97 Text Converter XST Parsing Stack Overflow Vulnerability (MS09-010)Industry Reference: CVE-2008-4841.
A remote code execution vulnerability has been reported in Microsoft WordPad. WordPad Text Converters allow users who do not have Microsoft Office Word installed to open documents in other Microsoft Windows applications. They also allow users to save documents in the Word 97 file format. A remote attacker can exploit this vulnerability via a specially crafted Word 97 document. Successful exploitation may allow execution of arbitrary code on a vulnerable system. This protection will detect and block attempts to exploit this vulnerability.
Protections are available immediately for this vulnerability. See CPAI-2009-074.
Microsoft DirectShow MJPEG Decompression Remote Code Execution Vulnerability (MS09-011)Industry Reference: CVE-2009-0084.
A remote code execution vulnerability has been identified in the Microsoft DirectShow. Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. The DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. A remote attacker could exploit this issue via a malformed MJPEG file. An MJPEG file is a media file where a number of JPEG images are connected together to create a video stream. The MJPEG video stream can then be inserted into an AVI or other common video formatted file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of AVI files that contain a malformed JPEG over HTTP.
Protections are available immediately for this vulnerability. See CPAI-2009-080.
Microsoft Windows HTTP Services Chunked Encoding Integer Underflow Code Execution Vulnerability (MS09-013)Industry Reference: CVE-2009-0086.
A remote code execution vulnerability has been reported in Microsoft Windows HTTP Services. Windows HTTP Services (WinHTTP) provides developers with an HTTP client application programming interface (API) to send requests through the HTTP protocol to other HTTP servers. A remote attacker may exploit this issue to take complete control of an affected system. This protection will detect and block oversized chunks in the web server response.
Protections are available immediately for this vulnerability. See CPAI-2009-088.
Microsoft Internet Explorer Marquee Object Improper Handling Remote Code Execution Vulnerability (MS09-014)Industry Reference: CVE-2009-0554.
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, which will cause the browser to crash and may allow execution of arbitrary commands. This protection will detect and block attempts to exploit this vulnerability.
Protections are available immediately for this vulnerability. See CPAI-2009-078.
Microsoft Internet Explorer Page Transition Memory Corruption Vulnerability (MS09-014)Industry Reference: CVE-2009-0551.
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, which will cause the browser to crash and may allow execution of arbitrary commands. This protection will detect and block attempts to exploit this vulnerability.
Protections are available immediately for this vulnerability. See CPAI-2009-084.
Microsoft Internet Explorer history.go Improper Parameter Handling Remote Code Execution Vulnerability (MS09-014)Industry Reference: CVE-2009-0552.
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, which will cause the browser to crash and may allow execution of arbitrary commands. This protection will detect and block attempts to exploit this vulnerability.
Protections are available immediately for this vulnerability. See CPAI-2009-086.
Microsoft Internet Explorer ActiveX Object Reloading Race Condition Memory Corruption Vulnerability (MS09-014)Industry Reference: CVE-2009-0553.
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, which will cause the browser to crash and may allow execution of arbitrary commands. This protection will detect and block attempts to exploit this vulnerability.
Protections are available immediately for this vulnerability. See CPAI-2009-090.
| April 14, 2009
 | You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003�2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|