 |
 Microsoft Windows ASF File Media Header Parsing Remote Code Execution Vulnerability (MS09-047)
Industry Reference:CVE-2009-2498.
A remote code execution vulnerability has been reported in the way Microsoft Windows handles specially crafted ASF format files. ASF (Advanced Systems Format) is a file format that stores audio and video information and is specially designed to run over networks like the Internet. It is a compressed format that contains streaming audio, video, slide shows, and synchronized events. ASF enables content to be delivered as a continuous flow of data. ASF files may have the file extensions ASF, WMV, or WMA. A remote attacker could exploit this issue to take complete control of an affected system remotely. This protection will detect and block the transferring of malformed ASF files over HTTP.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
CPAI-2009-173.
Symantec Mail Security KeyView Excel File SST Parsing Integer Overflow VulnerabilityIndustry Reference:CVE-2009-3037.
An integer overflow vulnerability exists in multiple products using Autonomy KeyView SDK (File Viewer for Excel). A remote attacker could exploit this vulnerability by enticing the target user to open or view a malicious Excel file with the vulnerable version of the product. Successful exploitation could result in execution of arbitrary code. This protection will detect and block the transferring of malformed Excel files over HTTP.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
CPAI-2009-233.
Oracle Secure Backup Administration Server Command Injection VulnerabilityIndustry Reference:CVE-2009-1977.
An authentication bypass vulnerability exists in Oracle Secure Backup server. Oracle Secure Backup is a backup solution allowing for centralized tape backup management. The vulnerability is due to a flaw in the logic used to authenticate a user to the administration server. Successful exploitation of this vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup by sending a specially crafted user name variable. This protection will detect and block attempts to bypass authentication by embedding meta characters into parameters to the login CGI script.
IPS-1 & IPS-1 NGX R65: A protection was released in a previous update.
Security Gateway R70: A new protection is now available.
CPAI-2009-229.
Apple Safari Webkit Floating Point Remote Code Execution VulnerabilityIndustry Reference:CVE-2009-2195.
A vulnerability has been reported in Apple Safari's Webkit, a development toolkit which allows third party developers to build applications that use Internet technologies such as HTML, HTTP, and others. The vulnerability is due to an error in parsing of floating point numbers. Remote attackers could exploit this vulnerability by convincing the target user to open a maliciously crafted web page using a vulnerable version of Apple Safari. Successful exploitation would result in code execution with the privileges of the target user. This protection will detect and block web pages containing potentially malicious floating point numbers.
Security Gateway R70: A new protection is now available.
CPAI-2009-197.
Novell GroupWise Internet Agent Email Address Processing Buffer Overflow VulnerabilityIndustry Reference:CVE-2009-1636.
A buffer overflow vulnerability has been reported in Novell GroupWise, a client-server collaborative software and email system provided by Novell. The vulnerability is due to an error while processing specially crafted SMTP requests. Remote attackers can exploit this vulnerability to execute arbitrary code on the target server. This protection will detect and block malformed E-mail addresses.
IPS-1 & IPS-1 NGX R65: Preemptive protection is provided by this product.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-097.
|
September 24, 2009
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|