 |
 Apple Safari Webkit Attribute Child Removal Code Execution Vulnerability
Industry Reference:CVE-2010-1119.
A remote code execution vulnerability has been discovered in Apple Safari's WebKit. Safari is a web browsing application developed by Apple. Safari browsing functionality is built around the set of components called WebKit. WebKit is a development toolkit which allows third party developers to build applications that use Internet technologies such as HTML, HTTP, and others. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML, which may allow the attacker to execute arbitrary code on the affected system. This protection will detect and block attempts to exploit this vulnerability by misusing the attribute child removal.
Security Gateway R70/R71: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-214.
Apple Safari parent.close Code Execution VulnerabilityIndustry Reference:CVE-2010-1939.
A remote code execution vulnerability has been discovered in Apple Safari. Safari is a web browsing application developed by Apple. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML, which may allow the attacker to execute arbitrary code on the affected system. This protection will detect and block attempts to exploit this vulnerability.
Security Gateway R70/R71: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-215.
PDF Files Containing Malformed JBIG2 Structure VulnerabilitiesIndustry References:CVE-2009-0658, CVE-2009-1858.
Memory corruption vulnerabilities have been discovered in the way multiple products handle specially crafted PDF files that contain malformed JBIG2 structures. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will allow execution of arbitrary code on an affected system. This protection will detect and block PDF files that contain malformed JBIG2 structure.
Security Gateway R70/R71: A new protection is now available.
SBP-2010-23.
Improvements have been made to the following protections:
GhostScript PostScript Parser Stack Overflow Vulnerability
CPAI-2010-078.
Microsoft Internet Explorer HTML Parsing Race Condition Memory Corruption Vulnerability (MS10-018)
CPAI-2010-052.
Win32.Pate.A Virus
CPAI-2010-081.
Adobe Reader CFF Heap-Based Overflow Vulnerability (APSB10-09)
CPAI-2010-071.
Adobe Reader JPEG2000 Quantization Component Buffer Overflow Vulnerability (APSB09-15)
CPAI-2009-250.
Microsoft Windows Media Runtime Voice Sampler Rate Code Execution Vulnerability (MS09-051)
CPAI-2009-230.
Microsoft XML Core Services Chunked Request Vulnerability (MS08-069)
CPAI-2008-163.
Microsoft Windows SNMP Memory Corruption Vulnerability (MS06-074)
CPAI-2007-020.
|
July 6, 2010
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|