 |
 Microsoft SMB Client Memory Allocation Memory Corruption Vulnerability (MS10-020)
Industry Reference:CVE-2010-0269.
A elevation of privilege vulnerability has been reported in the Microsoft Windows Server Message Block (SMB) client implementation. The SMB Protocol is a network file sharing protocol that is implemented in Microsoft Windows. A remote attacker may exploit this vulnerability to take complete control of an affected system. This protection will detect and block malformed SMB responses.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-064.
Microsoft SMB Client Transaction Memory Corruption Vulnerability (MS10-020)Industry Reference:CVE-2010-0270.
A remote code execution vulnerability has been reported in the Microsoft Windows Server Message Block (SMB) client implementation. The SMB Protocol is a network file sharing protocol that is implemented in Microsoft Windows. A remote attacker may exploit this vulnerability to take complete control of an affected system. This protection will detect and block malformed SMB transaction packets.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-065.
Microsoft SMB Client Response Parsing Memory Corruption Vulnerability (MS10-020)Industry Reference:CVE-2010-0476.
A remote code execution vulnerability has been reported in the Microsoft Windows Server Message Block (SMB) client implementation. The SMB Protocol is a network file sharing protocol that is implemented in Microsoft Windows. A remote attacker may exploit this vulnerability to take complete control of an affected system. This protection will detect and block malformed SMB transaction packets.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-061.
Microsoft SMB Client Message Size Remote Code Execution Vulnerability (MS10-020)Industry Reference:CVE-2010-0477.
A remote code execution vulnerability has been reported in the Microsoft Windows Server Message Block (SMB) client implementation. The SMB Protocol is a network file sharing protocol that is implemented in Microsoft Windows. A remote attacker may exploit this vulnerability to take complete control of an affected system. This protection will detect and block malformed SMB responses.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-063.
Microsoft SMB Endless Loop Denial of Service Vulnerability (MS10-020)Industry Reference:CVE-2009-3676.
A denial of service vulnerability has been reported in the way that Microsoft Server Message Block (SMB) protocol software handles specially crafted SMB packets. The SMB Protocol is a network file sharing protocol that is implemented in Microsoft Windows. A remote attacker may exploit this vulnerability to cause the affected system to stop responding until manually restarted. This protection will detect and block malformed SMB packets.
IPS-1 & IPS-1 NGX R65: A protection was released in a previous update.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
CPAI-2009-296.
Microsoft VBScript MsgBox Call with Malicious HLP File Vulnerability (MS10-022)Industry Reference:CVE-2010-0483.
A remote code execution vulnerability has been discovered in the way that VBScript interacts with Windows Help files when using Internet Explorer. A remote attacker can exploit this vulnerability by convincing a user to visit a specially crafted Web page. Successful exploitation could result in execution of arbitrary code on the affected system. This protection will detect and block attempts to exploit this vulnerability.
IPS-1 & IPS-1 NGX R65: A protection was released in a previous update.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
CPAI-2010-049.
Microsoft Office Publisher File Conversion TextBox Buffer Overflow Vulnerability (MS10-023)Industry Reference:CVE-2010-0479.
A buffer overflow vulnerability has been reported in Microsoft Publisher. Microsoft Publisher is a desktop publishing application for creating marketing materials, managing customer lists and more. A remote attacker can exploit this issue via a specially crafted Publisher file. Successful exploitation may allow execution of arbitrary code on the vulnerable system. This protection detects and blocks the transferring of malformed Office Publisher files over HTTP
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-059.
Microsoft Media Services Stack-based Buffer Overflow Vulnerability (MS10-025)Industry Reference:CVE-2010-0478.
A buffer overflow vulnerability has been reported in Microsoft Windows Media Services. Microsoft Windows Media Services is an industrial-strength platform for streaming live or on-demand audio and video content over the Internet or an intranet. A remote attacker may exploit this vulnerability to take complete control of an affected system. This protection will detect and block attempts to exploit this vulnerability
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-062.
Microsoft MPEG Layer-3 Audio Decoder AVI File Stack Overflow Vulnerability (MS10-026)Industry Reference:CVE-2010-0480.
A stack overflow vulnerability has been reported in the way that Microsoft MPEG Layer-3 codecs handle AVI media files. The vulnerable MPEG Layer-3 audio codecs are the MPEG Layer-3 Audio Codec for Microsoft DirectShow (l3codecx.ax) and the Fraunhofer IIS MPEG Layer-3 ACM codecs (L3codeca.acm and L3codecp.acm). These MPEG Layer-3 audio codecs are provided along with Windows Media files on affected versions of Microsoft Windows. A remote attacker can exploit this issue via a specially crafted AVI file containing an MPEG Layer-3 audio stream. Successful exploitation may allow execution of arbitrary code on the vulnerable system. This protection detects and blocks the transferring of malformed AVI files over HTTP.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-060.
Microsoft Windows Media Player ActiveX Codec Retrieval Vulnerability (MS10-027)Industry Reference:CVE-2010-0268.
A remote code execution vulnerability has been reported in the Windows Media Player's ActiveX control. Windows Media Player is a feature of the Windows operating system for personal computers. It is used for playing audio and video. A remote attacker may exploit this vulnerability to execut arbitrary code on a vulnerable system. This protection will detect and block the Microsoft Windows Media Player ActiveX control.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
SBP-2010-15.
Multiple Microsoft Visio Memory Corruption Vulnerabilities (MS10-028)Industry References:CVE-2010-0254, CVE-2010-0256.
Multiple remote code execution vulnerabilities have been identified in Microsoft Visio. Microsoft Visio is a diagram creation software for Microsoft Windows. A remote attacker can exploit these vulnerabilities via a specially crafted Visio file. Successful exploitation may allow execution of arbitrary code on a vulnerable system. This protection detects and blocks the transferring of legacy Office Visio files over HTTP.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
SBP-2010-14.
Security Best Practice: Blocking Null Prefix in DNS MX RecordsIndustry Reference:CVE-2010-0024.
A denial of service vulnerability has been reported in the way that Microsoft Windows Simple Mail Transfer Protocol (SMTP) component handles specially crafted DNS Mail Exchanger (MX) resource records. The mail exchange (MX) resource record specifies a mail exchange server for a DNS domain name. A remote attacker may trigger this vulnerability via a specially crafted DNS request with a null prefix in the MX record. Successful exploitation of this issue could cause the affected system to stop accepting requests. This protection detects and blocks null prefix of DNS MX records.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
SBP-2010-16.
|
April 13, 2010
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|