 |
 Adobe Reader and Acrobat Launch Action Command Code Execution Vulnerability (APSB10-15)
Industry Reference:CVE-2010-1240.
A vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will allow execution of arbitrary code on an affected system. This protection detects and blocks the transferring of specially crafted PDF files over HTTP.
Security Gateway R70/R71: A new protection is now available.
CPAI-2010-211.
PDF Files Containing Embedded Adobe Flash Movies Vulnerabilities (APSB10-15)Industry References:CVE-2010-1297, CVE-2010-2168, CVE-2010-2201.
A memory corruption vulnerability has been discovered in the way Adobe Reader and Acrobat, Adobe AIR and Adobe Flash Player handle specially crafted PDF files that contain embedded Adobe Flash movies. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will allow execution of arbitrary code on an affected system. This protection will detect and block PDF files that contain embedded Adobe Flash movies.
Security Gateway R70/R71: A new protection is now available.
SBP-2010-22.
HP OpenView NNM getnnmdata.exe CGI VulnerabilityIndustry Reference:CVE-2010-1555.
A buffer overflow vulnerability exists in HP OpenView Network Node Manager (NNM). The vulnerability is due to a boundary error in getnnmdata.exe when processing the Hostname variable sent in a crafted HTTP request. A remote attacker can exploit this vulnerability by sending a crafted HTTP request to a target server, potentially causing execution of arbitrary code. IPS-1 will detect and block attempts to access the HP OpenView CGI server with invalid Hostname parameters.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
CPAI-2010-135.
HP OpenView NNM getnnmdata.exe CGI ICount Parameter Buffer Overflow VulnerabilityIndustry Reference:CVE-2010-1554.
A buffer overflow vulnerability exists in HP OpenView Network Node Manager (NNM). The vulnerability is due to a boundary error in getnnmdata.exe when processing the ICount parameter sent in a crafted HTTP request. A remote attacker can exploit this vulnerability by sending a crafted HTTP request to a target server, potentially causing arbitrary code execution. IPS-1 will detect and block attempts to access the HP OpenView CGI server with invalid Icount parameters.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
CPAI-2010-136.
HP OpenView NNM getnnmdata.exe CGI MaxAge Parameter Buffer Overflow VulnerabilityIndustry Reference:CVE-2010-1553.
A buffer overflow vulnerability exists in HP OpenView Network Node Manager (NNM). The vulnerability is due to a boundary error in getnnmdata.exe when processing the MaxAge parameter sent in a crafted HTTP request. A remote attacker can exploit this vulnerability by sending a crafted HTTP request to a target server, potentially causing execution of arbitrary code. IPS-1 will detect and block attempts to access the HP OpenView CGI server with malformed maxAge parameters.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
CPAI-2010-137.
HP OpenView Network Node Manager netmon.exe Stack Buffer Overflow VulnerabilityIndustry Reference:CVE-2010-1551.
A stack buffer overflow vulnerability exists in HP OpenView Network Node Manager (NNM). The vulnerability is due to a boundary error in the _OVParseLLA function when processing a crafted HTTP POST request. A remote attacker can exploit this vulnerability by sending a crafted HTTP POST request, potentially causing arbitrary code execution. IPS-1 will detect and block attempts to access the HP OpenView Node Manager with malformed arguments in a POST request.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
CPAI-2010-138.
HP Performance Manager Apache Tomcat Policy Bypass VulnerabilityIndustry Reference:CVE-2009-3548.
A vulnerability exists in HP Performance Manager, a web-based analysis and visualization tool that analyzes performance trends of applications, systems, and services. HP Performance Manager incorporates Apache Tomcat 5 to help serve custom web applications. The vulnerability is due to insufficient access control within the Apache Tomcat Manager component. A remote attacker can leverage this vulnerability by sending a crafted HTTP request using a set of default credentials. Once authenticated, the attacker can upload a malicious web application to a vulnerable system. IPS-1 has been preemptive against this vulnerability since February of 2002. IPS-1 detects and blocks attempts to authentication using any of a number of user-configurable bad usernames.
IPS-1 & IPS-1 NGX R65: Preemptive protection is provided by this product.
CPAI-2010-134.
Improvements have been made to the following protections:
Mercury Mail Transport System Data Buffer Overflow Vulnerability
CPAI-2007-060.
|
June 30, 2010
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|