Microsoft Security Bulletin Coverage

August 14, 2012

Dell SonicWALL has analyzed and addressed Microsoft's security advisories for the month of August, 2012. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS12-052 Cumulative Security Update for Internet Explorer (2722913)

  • CVE-2012-1526 LayoutMemory Corruption Vulnerability
    IPS:8439 - Windows IE Layout Memory Corruption 4
  • CVE-2012-2521 Asynchronous NULL Object Access Remote Code Execution Vulnerability
    IPS:8442 - Suspicious HTML Style Tag 4
  • CVE-2012-2522 Virtual Function Table Corruption Remote Code Execution Vulnerability
    GAV: Malformed.html.MP.6
  • CVE-2012-2523 JavaScript Integer Overflow Remote Code Execution Vulnerability
    IPS:7645 - HTTP Client Shellcode Exploit 11a

MS12-053 Vulnerability in Remote Desktop Could Allow Remote Code Execution (2723135)

  • CVE-2012-2526 Remote Desktop Protocol Vulnerability
    IPS:4198 - Suspicious RDP Traffic 8

MS12-054 Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution (2733594)

  • CVE-2012-1850 Remote Administration Protocol Denial of Service Vulnerability
    IPS:8447 - Microsoft SMB Response Parsing Remote Code Execution (MS12-054) 3
  • CVE-2012-1851 Print Spooler Service Format String Vulnerability
    IPS:8446 - Windows Print Spooler Format String Exploit
    CVE-2012-1852 Remote Administration Protocol Heap Overflow Vulnerability
    IPS:8444 - Microsoft SMB Response Parsing Remote Code Execution (MS12-054) 2
  • CVE-2012-1853 Remote Administration Protocol Stack Overflow Vulnerability
    IPS:8443 - Microsoft SMB Response Parsing Remote Code Execution (MS12-054)

MS12-055 Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2731847)

  • CVE-2012-2527 Win32k Use After Free Vulnerability
    Local EoP vulnerability, not covered

MS12-056 Vulnerability in JScript and VBScript Engines Could Allow Remote Code Execution (2706045)

  • CVE-2012-2523 JavaScript Integer Overflow Remote Code Execution Vulnerability
    Please refer to MS12-052 above

MS12-057 Vulnerability inMicrosoft Office Could Allow for Remote Code Execution (2731879)

  • CVE-2012-2524 CGM File FormatMemory Corruption Vulnerability
    There is no public exploit available

MS12-058 Vulnerability inMicrosoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution (2740358)

  • CVE-2012-2525 Oracle Outside In Libraries Remote Code Execution Vulnerability
    There is no details about this vulnerability

MS12-059 Vulnerability inMicrosoft Visio Could Allow Remote Code Execution (2733918)

  • CVE-2012-1888 Visio DXF File Format Buffer Overflow Vulnerability
    GAV: Malformed.dxf.MP.1

MS12-060 Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2720573)

  • CVE-2012-1856 MSCOMCTL.OCX RCE Vulnerability
    GAV: Malformed.rtf.MP.2