 |
 Adobe Shockwave Player DIR Files PAMI Chunk Code Execution Vulnerability (APSB10-12)
Industry Reference:CVE-2010-1292.
A remote code execution vulnerability has been identified in Adobe Shockwave Player. Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. An attacker can exploit this issue via a specially crafted DIR file. A remote attacker may exploit this vulnerability to take complete control of an affected system. This protection detects and blocks the transferring of Adobe DIR files over HTTP.
Security Gateway R70/R71: A new protection is now available.
CPAI-2010-084 .
Trojan.SasfisA Trojan horse is a program that installs malicious software while under the guise of doing something else. Trojans are known for installing backdoor programs which allow unauthorized non permissible remote access to the victim's machine by unwanted parties with malicious intentions. Trojan.Sasfis is a Trojan Dropper that is being distributed via spam E-mail. This protection is able to detect and block the malware based on pre-defined header names.
Security Gateway R70/R71: A new protection is now available.
CPAI-2010-085.
Security Best Practice: SMB Remote Disk Scanning for Executable Files Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network access to intrude upon organizations, destroying or stealing data. Some Trojans, such as Virus: Win32.Pate.A, send SMB requests for list of executable files on SMB shared disk in order to infect the files consequently. This protection will detect and block aggressive attempts to retrieve the list of executable files on remote SMB drives.
Security Gateway R70/R71: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
SBP-2010-20.
Improvements have been made to the following protections:
Microsoft Office MSODataSourceControl ActiveX Control Denial of Service Vulnerability
CPAI-2007-075.
Adobe Reader FlateDecode Parameters Integer Overflow Vulnerability (APSB09-07)
CPAI-2009-186.
AOL Radio AmpX ActiveX Control Buffer Overflow Vulnerability
CPAI-2008-002.
HP Software Update HPeDiag ActiveX Control Buffer Overflow Vulnerability
CPAI-2008-086.
Microsoft Active Template Library (ATL) Multiple ActiveX Remote Code Execution Vulnerabilities (MS09-037)
CPAI-2009-179.
Symantec Backup Exec ActiveX Control Buffer Overflow Vulnerability
CPAI-2008-057.
Microsoft DirectShow QuickTime Movie Parser Filter Code Execution Vulnerability (MS09-028)
CPAI-2009-136.
Trend Micro OfficeScan ActiveX Buffer Overflow Vulnerability
CPAI-2007-051.
Multiple Microsoft Works Remote Code Execution Vulnerabilities (MS08-011)
CPAI-2008-029.
Microsoft Internet Explorer history.go Improper Parameter Handling Remote Code Execution Vulnerability (MS09-014)
CPAI-2009-086.
SAP GUI EAI WebViewer3D ActiveX Stack Buffer Overflow Vulnerability
CPAI-2009-061.
Microsoft Internet Explorer Multiple Events Improper Reference Counting Vulnerability (MS09-019)
CPAI-2009-178.
Microsoft Internet Explorer DHTML Table Row Object Memory Corruption Vulnerability (MS09-019)
CPAI-2009-174.
CA Multiple Products ActiveX Control ListCtrl AddColumn Buffer Overflow Vulnerability
CPAI-2008-087.
Sun Microsystems JRE Memory Exception Vulnerability
CPAI-2007-127.
Microsoft Visual FoxPro ActiveX Object Memory Corruption Vulnerability (MS08-010)
CPAI-2008-022.
PGM Invalid Length Vulnerability (MS08-036)
CPAI-2008-079.
JavaScript Obfuscation Techniques
SBP-2009-17.
TIFF Image Improper Dimensions Vulnerability
CPAI-2009-252.
Virus: Win32.Pate.A
CPAI-2010-081.
Apple Safari Webkit Floating Point Remote Code Execution Vulnerability
CPAI-2009-197.
|
May 26, 2010
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|