 |
Check Point�s IPS protects customers using the IPS Software Blade for Security Gateway R70, VPN-1� NGX R65, R62, VSX NGX R65, InterSpect NGX, IPS-1, and IPS-1 NGX R65 from the following vulnerabilities:
 Microsoft Office Word WordPerfect Converter Buffer Overflow Vulnerability (MS09-010)
Industry Reference: CVE-2009-0088.
A remote code execution vulnerability has been reported in Microsoft Word 2000 WordPerfect convertor. The Microsoft Office WordPerfect Converter assists users to convert documents from Corel WordPerfect file formats to Microsoft Word file formats. The Microsoft Office Converter Pack allows Office to use additional document formats that were not natively supported. A remote attacker can exploit this vulnerability via a specially crafted WordPerfect document. Successful exploitation may allow execution of arbitrary code on a vulnerable system. This protection will detect and block the transferring of malformed WordPerfect files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-073.
IBM Tivoli Storage Manager Agent Client Buffer Overflow VulnerabilityIndustry Reference: CVE-2008-4828.
A buffer overflow vulnerability exists in IBM Tivoli Storage Manager (TSM), a backup solution designed to protect data from failures and other errors by storing backups and archiving data. The vulnerability is due to a boundary error when parsing strings from request packets within the Remote Client Agent Service. A remote unauthenticated attacker may exploit the vulnerability by sending a crafted request to the target service, potentially allowing for execution of arbitrary code or a denial of service. This protection will detect and block certain malformed TSM client messages.
Protections are now available for this vulnerability. See CPAI-2009-085.
Symantec Alert Management System Intel File Transfer Service Arbitrary Program Execution VulnerabilityIndustry Reference: CVE-2009-1431.
A design error was reported in Symantec Alert Management System Console component shipped with Symantec software. The vulnerability is due to a design error in the Intel File Transfer service (XFR.EXE), a service used to aid communication between the core server and managed clients. The vulnerability can be exploited by remote unauthenticated attackers to execute arbitrary code on the target host. This protection will detect and block unauthenticated commands to the Intel File Transfer service.
Protections are now available for this vulnerability. See CPAI-2009-087.
Symantec Alert Management System Intel Alert Originator Service Buffer Overflow VulnerabilityIndustry Reference: CVE-2009-1430.
A buffer overflow vulnerability was reported in Symantec Alert Management System 2 (AMS2), specifically in its Alert Originator (IAO) service component. The vulnerability is due to a boundary error in the IAO service when processing crafted BIND messages. The vulnerability can be exploited by remote unauthenticated attackers to inject and execute arbitrary code on the target host. This protection will detect and block invalid BIND requests to the IAO Service.
Protections are now available for this vulnerability. See CPAI-2009-089.
Recent Malware Threats (20-May-09)Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network access to intrude upon organizations, destroying or stealing data. IPS will detect and block the malware based on predefined signatures. The update includes 8 new protections against recent malware threats: Rogue-Software: ThreatNuker, Keylogger: Trojan.Spy.Zeus.1.Gen, Trojan: Trojan-PSW.Win32.Papras.dm, Trojan: Trojan.PSW.Win32.QQPass.amx, Worm: W32.Autorun.worm.dq, Worm: Worm.Win32.Koobface.dq, Worm: Worm.Win32.AutoRun.qgg, Worm: Worm.Win32.Oneraw.I.Trojan.
New Protections are available for these Malware. See CPAI-2009-128.
Check Point�s IPS update services protect customers using IPS-1 and IPS-1 NGX R65 from the following vulnerabilities:
Microsoft Office PowerPoint Invalid Object Reference Zero-Day Vulnerability (MS09-017)Industry Reference: CVE-2009-0556.
A memory corruption vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections were previously released for this vulnerability. See CPAI-2009-066.
Microsoft PowerPoint Data Out of Bounds Stack Buffer Overflow Vulnerability (MS09-017)Industry Reference: CVE-2009-1131.
A stack buffer overflow vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-106.
Microsoft PowerPoint LinkedSlide Record Integer Overflow Vulnerability (MS09-017)Industry Reference: CVE-2009-0221.
A remote code execution vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-112.
Microsoft PowerPoint Invalid Build Object Casting Memory Corruption Vulnerability (MS09-017)Industry Reference: CVE-2009-0224.
A memory corruption vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-114.
Microsoft PowerPoint Notes Record Parsing Heap Corruption Vulnerability (MS09-017)Industry Reference: CVE-2009-1130.
A heap corruption vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system.
Protections are now available for this vulnerability. See CPAI-2009-116.
Microsoft PowerPoint Legacy File Format Memory Corruption Vulnerability (MS09-017)Industry Reference: CVE-2009-0225.
A memory corruption vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-102.
Microsoft PowerPoint Legacy File Format Stack Buffer Overrun Vulnerability (MS09-017)Industry Reference: CVE-2009-0227.
A stack buffer overrun vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-104.
Microsoft PowerPoint Converter SoundEntity Record Stack Corruption Vulnerability (MS09-017)Industry Reference: CVE-2009-1128.
A stack corruption vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-108.
Microsoft PowerPoint Converter ExEmbed Record Stack Corruption Vulnerability (MS09-017)Industry Reference: CVE-2009-1129.
A stack corruption vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-110.
Microsoft PowerPoint Converter CoCollection Record Handling Error Vulnerability (MS09-017)Industry Reference: CVE-2009-0226.
A remote code execution vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow the attacker to take complete control of a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-118.
Microsoft PowerPoint Converter ExObject Record Remote Code Execution Vulnerability (MS09-017)Industry Reference: CVE-2009-0223.
A remote code execution vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow the attacker to take complete control of a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-120.
Microsoft PowerPoint Converter NoteSlide Record Memory Corruption Vulnerability (MS09-017)Industry Reference: CVE-2009-0220.
A remote code execution vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow the attacker to take complete control of a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-122.
Microsoft PowerPoint Converter SlideRec Record Remote Code Execution Vulnerability (MS09-017)Industry Reference: CVE-2009-0222.
A remote code execution vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow the attacker to take complete control of a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-124.
Microsoft PowerPoint MasterPagePackedText Record Remote Code Execution Vulnerability (MS09-017)Industry Reference: CVE-2009-1137.
A remote code execution vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability may allow the attacker to take complete control of a target system. This protection will detect and block the transferring of malformed PowerPoint files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-126.
| May 20, 2009
 | You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003�2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|