 |
 Microsoft Web Services on Devices API Memory Corruption Vulnerability (MS09-063)
Industry Reference:CVE-2009-2512.
A remote code execution vulnerability has been reported in the Web Service on Devices API (WSDAPI) on Windows systems. The WSDAPI is an implementation of the Devices Profile for Web Services (DPWS) for Windows Vista and Windows Server 2008. The DPWS constrains Web Services specifications so that clients can easily discover devices. A remote attacker could exploit this issue to take complete control of an affected system. This protection will detect and block specially crafted MIME messages sent to the vulnerable services.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
InterSpect NGX: A new protection is now available.
CPAI-2009-280.
Microsoft License Logging Server RPC Call Heap Overflow Vulnerability (MS09-064)Industry Reference:CVE-2009-2523.
A remote code execution vulnerability has been discovered in the way that the Microsoft License Logging Server software handles specially crafted RPC packets. The License Logging service is a tool that was originally designed to help customers manage licenses for the Microsoft server products that are licensed in the Server Client Access License (CAL) model. License Logging service is one of the services used by Windows Small Business Server 2003 or earlier to manage CALs. A remote attacker could exploit this issue to execute arbitrary code on a target system via a specially crafted RPC request. This protection will detect and block malformed RPC requests to the License Logging service.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
InterSpect NGX: A new protection is now available.
CPAI-2009-286.
Microsoft Windows Kernel-Mode Drivers Win32k EOT Parsing Remote Code Execution Vulnerability (MS09-065)Industry Reference:CVE-2009-2514.
A remote code execution vulnerability has been reported in the way the Windows kernel-mode drivers are parsing Windows Embedded OpenType (EOT) font code. The Windows kernel is the core of the operating system. It provides system level services such as device management and memory management, allocates processor time to processes, and manages error handling. EOT fonts are a compact form of fonts designed for use on web pages. A remote attacker can exploit this vulnerability via a specially crafted EOT file. Successful exploitation may allow execution of arbitrary code on a vulnerable system.
IPS-1 & IPS-1 NGX R65: Preemptive protection is provided by this product.
Security Gateway R70: Preemptive protection is provided by this product.
VPN-1 NGX R65 & VSX NGX R65: Preemptive protection is provided by this product.
SBP-2009-21.
Microsoft Active Directory LSASS Recursive Stack Overflow Vulnerability (MS09-066)Industry Reference:CVE-2009-1928.
A denial of service vulnerability has been discovered in implementations of Active Directory on Microsoft Windows. Active Directory provides central authentication and authorization services for Windows-based systems. Active Directory Application Mode (ADAM) is a Lightweight Directory Access Protocol (LDAP) directory service that runs as a user service. A remote attacker can exploit the vulnerability to cause a denial of service condition on the target system. This protection will detect and block large number of LDAP abandon requests using LSASS.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-288.
Microsoft Excel Document Malformed BIFF Record Heap Overflow Vulnerability (MS09-067)Industry Reference:CVE-2009-3130.
A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed Excel files over HTTP.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-282.
Microsoft Excel Document Malformed Formula Memory Corruption Vulnerability (MS09-067)Industry Reference:CVE-2009-3131.
A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via an Excel file in legacy format. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection detects and blocks the transferring of legacy Office Excel files over HTTP.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
SBP-2009-22.
Microsoft Office Excel Index Parsing Pointer Corruption Vulnerability (MS09-067)Industry Reference:CVE-2009-3132.
A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed Excel files over HTTP.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-294.
Microsoft Office Excel Field Sanitization Remote Code Execution Vulnerability (MS09-067)Industry Reference:CVE-2009-3134.
A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed Excel files over HTTP.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-284.
Microsoft Office Excel SXDB Record Cache Memory Corruption Vulnerability (MS09-067)Industry Reference:CVE-2009-3127.
A memory corruption vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed Excel files over HTTP.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-292.
Microsoft Office Excel SxView Record Memory Corruption Vulnerability (MS09-067)Industry Reference:CVE-2009-3128.
A memory corruption vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed Excel files over HTTP.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-290.
Microsoft Office Excel Featheader Record Memory Corruption Vulnerability (MS09-067)Industry Reference:CVE-2009-3129.
A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed Excel files over HTTP.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-278.
Microsoft Office Word Legacy File Remote Code Execution Vulnerability (MS09-068)Industry Reference:CVE-2009-3135.
A remote code execution vulnerability has been identified in Microsoft Word. Microsoft Word is a popular word processing software. A remote attacker could exploit this issue via a legacy Word file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of legacy Word files over HTTP.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-276.
Microsoft .NET Framework Pointer Verification Error Vulnerability (MS09-061)Industry Reference:CVE-2009-0090.
A remote code execution vulnerability exists in the Microsoft .NET Framework. The Microsoft .NET Framework is a software framework that includes a large library of coded solutions to common programming problems and a virtual machine that manages the execution of programs written specifically for the framework. An attacker could exploit this issue by constructing a specially crafted application that when used by a user, could allow the attacker to execute arbitrary code remotely. This protection will detect and block attempts to exploit this vulnerability.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-268.
Microsoft .NET Framework Type Verification Error Vulnerability (MS09-061)Industry Reference:CVE-2009-0091.
A remote code execution vulnerability exists in the Microsoft .NET Framework. The Microsoft .NET Framework is a software framework that includes a large library of coded solutions to common programming problems and a virtual machine that manages the execution of programs written specifically for the framework. An attacker could exploit this issue by casting an object of one type into another, allowing execution of arbitrary code remotely. This protection will detect and block attempts to exploit this vulnerability.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-270.
Oracle Database Server Network Authentication AUTH_SESSKEY Buffer Overflow VulnerabilityIndustry Reference:CVE-2009-1979.
A buffer overflow vulnerability exists in the Oracle Database server, an enterprise-level relational database application suite. A remote attacker may exploit this vulnerability to execute arbitrary code on a vulnerable system. This protection will detect and block Oracle traffic with overly long AUTH_SESSKEY parameter.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
CPAI-2009-274.
Novell NetWare NFS Portmapper RPC Module Stack Overflow VulnerabilityA buffer overflow vulnerability exists in Novell NetWare NFS Portmapper daemon. Netware is a network operating system developed by Novell, providing file sharing and other services such as printing and email. The vulnerability is due to a boundary error when handling RPC calls. Unauthenticated attackers can exploit this vulnerability by sending crafted CALLIT RPC calls to a vulnerable Novell NetWare system. Successful exploitation would lead to arbitrary code injection and execution. This protection will detect and block CALLIT RPC calls with invalid argument lengths.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
CPAI-2009-243.
Novell eDirectory dhost Buffer Overflow VulnerabilityA remote code execution vulnerability has been reported in Novell eDirectory. Novell eDirectory is a Lightweight Directory Access Protocol (LDAP) server, intended for use as a part of an identity management solution. The vulnerability is due to a buffer overflow error in the dhost service when handling HTTP requests. A remote, authenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to a vulnerable system. Successful exploitation mat result in arbitrary code injection and execution. This protection will detect and block attempts to access the Novell dhost module with an invalid URL.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
CPAI-2009-241.
|
November 10, 2009
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|