Microsoft Security Bulletin Coverage

December 11, 2012

Dell SonicWALL has analyzed and addressed Microsoft's security advisories for the month of December, 2012. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS12-077 Cumulative Security Update for Internet Explorer

  • CVE-2012-4781 InjectHTMLStream Use After Free Vulnerability
    Attack cannot be detected on the wire.
  • CVE-2012-4782 CMarkup Use After Free Vulnerability
    Attack cannot be detected on the wire.
  • CVE-2012-4787 Improper Ref Counting Use After Free Vulnerability
    IPS:9341 - Windows IE Improper Ref Counting Use After Free Exploit

MS12-078 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution

  • CVE-2012-2556 OpenType Font Parsing Vulnerability
    GAV:Malformed.otf.MP.8
  • CVE-2012-4786 TrueType Font Parsing Vulnerability
    No known exploits exist in the wild.

MS12-079 Vulnerability in Microsoft Word Could Allow Remote Code Execution

  • CVE-2012-2539 Word RTF 'listoverridecount' Remote Code Execution Vulnerability
    IPS:9342 - MS Word RTF listoverridecount Memory Corruption Exploit

MS12-080 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution

  • CVE-2012-3214 Oracle Outside In Technology Vulnerability
    Local vulnerability.
  • CVE-2012-3217 Oracle Outside In Technology Vulnerability
    Local vulnerability.
  • CVE-2012-4791 RSS Feed May Cause Exchange DoS Vulnerability
    Attack cannot be detected on the wire.

MS12-081 Vulnerability in Windows File Handling Component Could Allow Remote Code Execution

  • CVE-2012-4774 Windows Filename Parsing Vulnerability
    IPS:9346 - MS Windows Filename Parsing Exploit

MS12-082 Vulnerability in DirectPlay Could Allow Remote Code Execution

  • CVE-2012-1537 DirectPlay Heap Overflow Vulnerability
    IPS:9347 - Suspicious Office Document 1 IPS:9348 - Suspicious Office Document 2 IPS:9349 - Suspicious Office Document 3 IPS:9350 - Suspicious Office Document 4 IPS:9351 - Suspicious Office Document 5 IPS:9352 - Suspicious Office Document 6 IPS:9353 - Suspicious Office Document 7

MS12-083 Vulnerability in IP-HTTPS Component Could Allow Security Feature Bypass

  • CVE-2012-2549 Revoked Certificate Bypass Vulnerability
    Attack cannot be detected on the wire.