 |
 Microsoft DirectShow Pointer Validation Remote Code Execution Vulnerability (MS09-028)
Industry Reference:CVE-2009-1538.
A remote code execution vulnerability has been discovered in Microsoft DirectShow. Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. A remote attacker could exploit this issue via a malformed QuickTime file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed QuickTime files over HTTP.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
CPAI-2009-123.
Microsoft DirectShow Size Validation Remote Code Execution Vulnerability (MS09-028)
Industry Reference:CVE-2009-1539.
A remote code execution vulnerability has been discovered in Microsoft DirectShow. Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. A remote attacker could exploit this issue via a malformed QuickTime file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed QuickTime files over HTTP.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
CPAI-2009-125.
Microsoft DirectShow QuickTime Movie Parser Filter Code Execution Vulnerability (MS09-028)
Industry Reference:CVE-2009-1537.
A remote code execution vulnerability has been discovered in Microsoft DirectShow QuickTime Movie Parser filter. Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. The QuickTime Movie Parser filter splits Apple QuickTime data into audio and video streams. A remote attacker could exploit this issue via a malformed QuickTime file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed QuickTime files over HTTP.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
CPAI-2009-136.
Microsoft Windows Embedded OpenType (EOT) Font Engine Remote Code Execution Vulnerabilities (MS09-029)
Industry References:CVE-2009-0231, CVE-2009-0232.
Multiple remote code execution vulnerabilities have been reported in the way Microsoft Windows Embedded OpenType (EOT) font technology parses data records and name tables in specially crafted embedded fonts. Embedded OpenType (EOT) fonts are a compact form of fonts designed for use on web pages. A remote attacker can exploit these vulnerabilities via a specially crafted EOT file. Successful exploitation may allow execution of arbitrary code on a vulnerable system. This protection detects and blocks the transferring of EOT files over HTTP.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: Preemptive protection is provided by this product.
VPN-1 NGX R65 & VSX NGX R65: Preemptive protection is provided by this product.
SBP-2009-05.
Security Best Practice: Protect Yourself from HTTP Server Parameter Pollution
HTTP Parameter Pollution (HPP) is a hacking technique. HPP attacks allow the attacker to override or add HTTP GET/POST parameters by injecting query string delimiters. This protection will detect and block HTTP requests attempting to exploit this vulnerability.
Security Gateway R70: A new protection is now available.
SBP-2009-07.
Security Best Practice: Blocking ASPX Spy
ASPX Spy, is an ASPX program that allows easy control over a compromised web server. Using this program, an attacker can upload files through the web browser and execute them. This protection will detect and block the ASPX Spy tool.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
SBP-2009-13.
Recent Malware Threats (21-Jul-2009)
Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network access to intrude upon organizations, destroying or stealing data. IPS will detect and block the malware based on predefined signatures. The update includes 21 new protections against recent malware threats.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-135.
Recent Malware Threats (21-Jul-2009)
Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network access to intrude upon organizations, destroying or stealing data. IPS will detect and block the malware based on predefined signatures. The update includes 8 new protections against recent malware threats.
Security Gateway R70: A new protection is now available.
CPAI-2009-137.
|
July 21, 2009
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|