 |
Check Point�s IPS update services protect customers using the IPS Software Blade for Security Gateway R70 from the following vulnerabilities:
 Adobe Acrobat and Adobe Reader JBIG2 Page Information Integer Overflow Vulnerability (APSB09-07)
Industry Reference: CVE-2009-0509.
A memory corruption vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Successful exploitation of this issue will cause the application to become non-responsive, and may allow execution of arbitrary code on an affected system. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
New Protections are available for this vulnerability. See CPAI-2009-101.
Adobe Acrobat and Adobe Reader JBIG2 Text Region Integer Overflow Vulnerability (APSB09-07)Industry Reference: CVE-2009-0509.
A memory corruption vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Successful exploitation of this issue will cause the application to become non-responsive, and may allow execution of arbitrary code on an affected system. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
New Protections are available for this vulnerability. See CPAI-2009-103.
Adobe Acrobat and Adobe Reader JBIG2 Halftone Region Integer Overflow Vulnerability (APSB09-07)Industry Reference: CVE-2009-0509.
A memory corruption vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Successful exploitation of this issue will cause the application to become non-responsive, and may allow execution of arbitrary code on an affected system. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
New Protections are available for this vulnerability. See CPAI-2009-105.
Adobe Acrobat and Adobe Reader JBIG2 Halftone Region Grid Integer Overflow Vulnerabilities (APSB09-07)Industry References: CVE-2009-0509, CVE-2009-0512.
Multiple memory corruption vulnerabilities have been discovered in Adobe Reader and Acrobat. A remote attacker can exploit these vulnerabilities to execute arbitrary code on an affected system via a specially crafted PDF file. Successful exploitation of this issue will cause the application to become non-responsive, and may allow execution of arbitrary code on an affected system. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
New Protections are available for these vulnerabilities. See CPAI-2009-107.
Adobe Acrobat and Adobe Reader JBIG2 Pattern Dictionary Memory Corruption Vulnerability (APSB09-07)Industry Reference: CVE-2009-0510, CVE-2009-0511.
Multiple memory corruption vulnerabilities have been discovered in Adobe Reader and Acrobat. A remote attacker can exploit these vulnerabilities to execute arbitrary code on an affected system via a specially crafted PDF file. Successful exploitation of this issue will cause the application to become non-responsive, and may allow execution of arbitrary code on an affected system. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
New Protections are available for these vulnerabilities. See CPAI-2009-109.
Security Best Practice: Blocking Ares GalaxyAres Galaxy is an open source peer to peer file sharing application that uses its own decentralized supernode network. The latest versions also support the BitTorrent protocol. The use of Ares Galaxy may circumvent the organizational security policy. This protection will block the access to the Ares Galaxy proprietary P2P network by identifying Ares Galaxy fingerprints.
New Protections are available for this vulnerability. See SBP-2009-03.
Check Point�s IPS update services protect customers using IPS-1 and IPS-1 NGX R65 from the following vulnerabilities:
Microsoft Active Directory Memory Leak Denial of Service Vulnerability (MS09-018) Industry Reference: CVE-2009-1139.
A denial of service vulnerability has been reported in Microsoft Active Directory. Active Directory provides central authentication and authorization services for Windows-based systems. Active Directory Application Mode (ADAM) is a Lightweight Directory Access Protocol (LDAP) directory service that runs as a user service. A remote attacker can exploit this issue to create a denial of service condition on a vulnerable system. The protection will detect and block malformed LDAP requests sent to the vulnerable server.
Protections are now available for this vulnerability. See CPAI-2009-156.
Microsoft Active Directory Invalid Free Remote Code Execution Vulnerability (MS09-018) Industry Reference: CVE-2009-1138.
A remote code execution vulnerability has been reported in Microsoft Active Directory. Active Directory provides central authentication and authorization services for Windows-based systems. Active Directory Application Mode (ADAM) is a Lightweight Directory Access Protocol (LDAP) directory service that runs as a user service. A remote attacker can exploit the vulnerability to take complete control of an affected system. The protection will detect and block malformed LDAP requests sent to the vulnerable server.
Protections are now available for this vulnerability. See CPAI-2009-152.
Microsoft IIS Anonymous HTTP Request Authentication Bypass (MS09-020) Industry Reference: CVE-2009-1122.
An elevation of privilege vulnerability has been reported in the Microsoft Windows WebDAV extension for IIS. Web Distributed Authoring and Versioning (WebDAV) is a set of extensions for HTTP that allows clients to publish, lock, and manage resources on the Web. A remote attacker may exploit this vulnerability to gain unauthorized access to protected resources. This protection will detect and block HTTP requests attempting to exploit this vulnerability.
Protections are now available for this vulnerability. See CPAI-2009-138.
Microsoft Excel SST Record Integer Overflow Vulnerability (MS09-021) Industry Reference: CVE-2009-0561.
A remote code execution vulnerability has been identified in the Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. The protection will detect and block the transferring of malformed Excel files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-148.
Microsoft Excel String Copy Stack-Based Overrun Vulnerability (MS09-021) Industry Reference: CVE-2009-0559.
A remote code execution vulnerability has been identified in the Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. The protection will detect and block the transferring of malformed Excel files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-144.
Microsoft Excel ExternSheet Record Indexing Memory Corruption Vulnerability (MS09-021) Industry Reference: CVE-2009-0558.
A remote code execution vulnerability has been identified in the Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. The protection will detect and block the transferring of malformed Excel files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-142.
Microsoft Excel Object Record Memory Corruption Vulnerability (MS09-021)Industry Reference: CVE-2009-0557.
A remote code execution vulnerability has been identified in the Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. The protection will detect and block the transferring of malformed Excel files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-140.
Microsoft Windows Print Splooer LoadLibrary Information Disclosure Vulnerability (MS09-022) Industry Reference: CVE-2009-0230.
An elevation of privilege vulnerability has been reported in Microsoft Windows Print Spooler. The Print Spooler service manages the printing process, which includes such tasks as retrieving the location of the correct printer driver, loading that driver, spooling high-level function calls into a print job, and scheduling print jobs. A remote attacker may exploit the vulnerability to run arbitrary code on a target system via a malformed RPC request. The protection will detect and block malformed RPC requests sent to the vulnerable service.
Protections are now available for this vulnerability. See CPAI-2009-168.
Microsoft Windows Print Spooler NetShareEnum Buffer Overflow Vulnerability (MS09-022)Industry Reference: CVE-2009-0228.
A buffer overflow vulnerability has been reported in Microsoft Windows Print Spooler. The Print Spooler service manages the printing process, which includes such tasks as retrieving the location of the correct printer driver, loading that driver, spooling high-level function calls into a print job, and scheduling print jobs. A remote attacker may exploit the vulnerability to execute arbitrary code on a target system or to crash the vulnerable service via a malformed RPC request. The protection will detect and block malformed NetShareEnum RPC requests sent to the vulnerable service.
Protections are now available for this vulnerability. See CPAI-2009-154.
Microsoft Works Converter Oversized Font Buffer Overflow Vulnerability (MS09-024)Industry Reference: CVE-2009-1533.
A remote code execution vulnerability has been discovered in Microsoft Works Converter. Microsoft Works is home productivity software suite with fewer features than the Microsoft Office suite. The Microsoft Works Converter allows the user to open, edit, and save files in the Microsoft Works file format. A remote attacker could exploit this vulnerability via a malformed Microsoft Works file. Successful exploitation of this issue may allow execution of arbitrary code on a target system. The protection will detect and block the transferring of malformed MS Works files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-166.
Microsoft Word Malformed SPRM Record Buffer Overflow Vulnerability (MS09-027) Industry Reference: CVE-2009-0565.
A remote code execution vulnerability has been identified in Microsoft Word. Microsoft Word is a popular word processing software. A remote attacker could exploit this issue via a malformed Word file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. The protection will detect and block the transferring of malformed Word files over HTTP.
Protections are now available for this vulnerability. See CPAI-2009-164.
| June 17, 2009
 | You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|