 |
 Microsoft Internet Explorer Access ActiveX Controls Remote Code Execution Vulnerability (MS10-044)
Industry Reference:CVE-2010-0814.
A remote code execution vulnerability exists in Access ActiveX controls due to the way that multiple ActiveX controls are loaded by Internet Explorer. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, which may allow the attacker to execute arbitrary code on the affected system. This protection will detect and block attempts to exploit this vulnerability.
Security Gateway R70/R71: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-217.
Microsoft Office Access ACCWIZ.dll Uninitialized Variable Remote Code Execution Vulnerability (MS10-044)Industry Reference:CVE-2010-1881.
A remote code execution vulnerability has been reported in the way that the AccWizObjects ActiveX control is instantiated by Microsoft Office and Internet Explorer. ACCWIZ.dll (Microsoft Access Wizard Controls) is a component of Microsoft Office that provides a library of Access ActiveX controls. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, which may allow the attacker to execute arbitrary code on the affected system. This protection will detect and block attempts to exploit this vulnerability.
Security Gateway R70/R71: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-219.
Microsoft Outlook AttachMethods Remote Code Execution Vulnerability (MS10-045)Industry Reference:CVE-2010-0266.
A remote code execution vulnerability has been reported in the way that Microsoft Office Outlook tries to verify attachments in a specially crafted e-mail message. Microsoft Outlook is an e-mail application and a personal information manager. A remote attacker may exploit this vulnerability to take complete control of the affected system. This protection will detect and block attempts to bypass the Outlook attachment filter.
Security Gateway R70/R71: A new protection is now available.
CPAI-2010-218.
Apple Safari for Windows and Internet Explorer Combined Code Execution VulnerabilityIndustry Reference:CVE-2008-2540.
A cross application vulnerability has been discovered in Apple Safari on Windows when residing on a system with Microsoft Internet Explorer installed. Safari is a web browsing application developed by Apple. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML, which may allow the attacker to execute arbitrary code on the affected system. This protection will detect and block attempts to exploit this vulnerability.
Security Gateway R70/R71: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-216.
Improvements have been made to the following protections:
Adobe Reader and Acrobat Launch Action Command Code Execution Vulnerability (APSB10-15)
CPAI-2010-211.
Microsoft DirectShow Size Validation Remote Code Execution Vulnerability (MS09-028)
CPAI-2009-125.
Apple Safari on Windows Platform Remote Code Execution Vulnerability (MS09-015)
CPAI-2008-082.
HP Operations Manager Server Unauthorized File Upload Vulnerability
CPAI-2009-312.
|
July 13, 2010
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|