Microsoft Security Bulletin Coverage

March 12, 2013

Dell SonicWALL has analysed and addressed Microsoft's security advisories for the month of March, 2013. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS13-021 Cumulative Security Update for Internet Explorer (2809289)

  • CVE-2013-0087 Internet Explorer OnResize Use After Free Vulnerability
    IPS:9708 DOM Object Use-After-Free Attack 4
  • CVE-2013-0088 Internet Explorer saveHistory Use After Free Vulnerability
    IPS:9709 Windows IE saveHistory Use-After-Free
  • CVE-2013-0089 Internet Explorer CMarkupBehaviorContext Use After Free Vulnerability
    IPS:9711 DOM Object Use-After-Free Attack 5
  • CVE-2013-0090 Internet Explorer CCaret Use After Free Vulnerability
    IPS:9712 DOM Object Use-After-Free Attack 6
  • CVE-2013-0091 Internet Explorer CElement Use After Free Vulnerability
    IPS:9715 Windows IE CElement Use-After-Free
  • CVE-2013-0092 Internet Explorer GetMarkupPtr Use After Free Vulnerability
    IPS:9716 Windows IE GetMarkupPtr Use-After-Free
  • CVE-2013-0093 Internet Explorer onBeforeCopy Use After Free Vulnerability
    IPS:9717 Windows IE onBeforeCopy Use-After-Free
  • CVE-2013-0094 Internet Explorer removeChild Use After Free Vulnerability
    IPS:9718 Windows IE removeChild Use-After-Free
  • CVE-2013-1288 Internet Explorer CTreeNode Use After Free Vulnerability
    IPS:9612 Windows IE SLayoutRun Use-After-Free (MS13-009)

MS13-022 Vulnerability in Silverlight Could Allow Remote Code Execution (2814124)

  • CVE-2013-0074 Client Silverlight Double Dereference Vulnerability
    There are no known exploits in the wild.

MS13-023 Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution

  • CVE-2013-0079 Visio Viewer Tree Object Type Confusion Vulnerability
    IPS:9726 Malformed Visio Document 10

MS13-024 Vulnerabilities in SharePoint Could Allow Elevation of Privilege

  • CVE-2013-0080 Callback Function Vulnerability
    IPS:9722 Microsoft SharePoint XSS (MS13-024)
  • CVE-2013-0083 SharePoint XSS Vulnerability
    IPS:9723 Microsoft SharePoint XSS (MS13-024) 2
  • CVE-2013-0084 SharePoint Directory Traversal Vulnerability
    IPS:1067 HTTP Server Directory Traversal Attack 7
  • CVE-2013-0085 Buffer Overflow Vulnerability
    There are no known exploits in the wild.

MS13-025 Vulnerability in Microsoft OneNote Could Allow Information Disclosure

  • CVE-2013-0086 Buffer Size Validation Vulnerability
    GAV:Malformed.one.MP.1

MS13-026 Vulnerability in Office Outlook for Mac Could Allow Information Disclosure

  • CVE-2013-0095 Unintended Content Loading Vulnerability
    There are no known exploits in the wild.

MS13-027 Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege

  • CVE-2013-1285 Windows USB Descriptor Vulnerability
    Local vulnerability
  • CVE-2013-1286 Windows USB Descriptor Vulnerability
    Local vulnerability
  • CVE-2013-1287 Windows USB Descriptor Vulnerability
    Local vulnerability