 |
 Microsoft WinVerifyTrust Signature Validation Security Bypass Vulnerability (MS10-019)
Industry Reference:CVE-2010-0486.
A remote code execution vulnerability has been discovered in the Windows Authenticode Signature Verification function used for portable executable (PE) and cabinet file formats. A cabinet is a single file, usually suffixed with .CAB, that stores compressed files in a file library. A compressed file can be spread over several cabinet files. During installation, the setup application decompresses the files stored in a cabinet and copies them to the user's system. A remote attacker could exploit this vulnerability via a specially crafted signed PE or cabinet file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of executable files, signed with weak legacy digital signature, over HTTP.
Security Gateway R70: A new protection is now available.
CPAI-2010-073.
Microsoft WinVerifyTrust Cabview Corruption Security Bypass Vulnerability (MS10-019)Industry Reference:CVE-2010-0487.
A remote code execution vulnerability has been discovered in the Windows Authenticode Signature verification for cabinet (.cab) file formats. A cabinet is a single file, usually suffixed with .CAB, that stores compressed files in a file library. A compressed file can be spread over several cabinet files. During installation, the setup application decompresses the files stored in a cabinet and copies them to the user's system. A remote attacker could exploit this vulnerability via a malformed CAB file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed CAB files over HTTP.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-072.
Microsoft SharePoint Server 2007 Cross-Site Scripting (XSS) VulnerabilityIndustry Reference:CVE-2010-0817.
A cross-site scripting (XSS) vulnerability has been discovered in Microsoft SharePoint Server 2007. Windows SharePoint Services provide a platform for collaboration applications and document management. Office SharePoint Server is an integrated suite of server capabilities built on top of Windows SharePoint Services. A remote attacker may exploit this vulnerability to run malicious scripts on an affected system. This protection will detect and block the cross-site scripting attack.
Security Gateway R70: A new protection is now available.
CPAI-2010-074.
Security Best Practice: Protect Yourself from Cross-Site Scripting AttacksA cross-site scripting (XSS) attack occurs when a Web-based application fails to validate user input before returning it to the client's browser. This enables attackers to inject malicious content into Web pages to be executed in the context of the user's browser. An attacker can take a variety of malicious actions including cookie theft, account hijacking, spreading of Web-based email worms, etc. This protection will detect and block cross site scripting attacks.
Security Gateway R70: Preemptive protection is provided by this product.
VPN-1 NGX R65 & VSX NGX R65: Preemptive protection is provided by this product.
InterSpect NGX: Preemptive protection is provided by this product.
SBP-2010-18.
Improvements have been made to the following protections:
Microsoft WINS Buffer Allocation Integer Overflow Vulnerability (MS09-039)
CPAI-2009-147.
Yahoo! Toolbar URL Shortcut ActiveX Control Buffer Overflow Vulnerability
CPAI-2008-008.
HP OpenView Network Node Manager ovsessionmgr.exe Buffer Overflow Vulnerability
CPAI-2009-333.
HP Power Manager formExportDataLogs Buffer Overflow Vulnerability
CPAI-2010-111.
Microsoft Word Global Array Memory Corruption Vulnerability (MS08-072)
CPAI-2008-185.
Microsoft Active Directory Invalid Free Remote Code Execution Vulnerability (MS09-018)
CPAI-2009-152.
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow Vulnerability
CPAI-2009-303.
Invalid IIS ASP.Net URI Character Requests
SBP-2009-15.
Security Best Practice: Protect Yourself from PDF Containing Obfuscated Name Objects and Obfuscated JavaScript Filter Name Exploits
SBP-2009-28.
|
May 4, 2010
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|