Microsoft Security Bulletin Coverage

November 14, 2012

Dell SonicWALL has analyzed and addressed Microsoft's security advisories for the month of November, 2012. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS12-071 Cumulative Security Update for Internet Explorer

  • CVE-2012-1538 CFormElement Use After Free Vulnerability
    IPS:9238 - Windows IE CFormElement Use After Free Exploit
  • CVE-2012-1539 CTreePos Use After Free Vulnerability
    IPS:9237 - Windows IE CTreePos Use After Free Exploit
  • CVE-2012-4775 CTreeNode Use After Free Vulnerability
    IPS:9236 - Windows IE CTreeNode Use After Free Exploit

MS12-072 Vulnerabilities in Windows Shell Could Allow Remote Code Execution

  • CVE-2012-1527 Windows Briefcase Integer Underflow Vulnerability
    IPS:5512 - Server Application Shellcode Exploit 28 IPS:5945 - Client Application Shellcode Exploit 18

    • CVE-2012-1528 Windows Briefcase Integer Overflow Vulnerability
    GAV:Malformed.bfc.MP.1

MS12-073 Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Information Disclosure

  • CVE-2012-2531 Password Disclosure Vulnerability
    Exploitation requires valid logon credentials.
  • CVE-2012-2532 FTP Command Injection Vulnerability
    No available method of attack detection.

MS12-074 Vulnerabilities in .NET Framework Could Allow Remote Code Execution

  • CVE-2012-1895 Reflection Bypass Vulnerability
    This is a local vulnerability. Detection of attacks on the wire is not possible.
  • CVE-2012-1896 Code Access Security Info Disclosure Vulnerability
    This is a local vulnerability. Detection of attacks on the wire is not possible.
  • CVE-2012-2519 .NET Framework Insecure Library Loading Vulnerability
    IPS:1023 - Binary Planting Attack 1
    IPS:5726 - Binary Planting Attack 2
    IPS:6847 - Binary Planting Attack 3
    IPS:8538 - Binary Planting Attack 4
    IPS:8546 - Binary Planting Attack 5
  • CVE-2012-4776 Web Proxy Auto-Discovery Vulnerability
    IPS:9243 - Malformed PAC File
  • CVE-2012-4777 WPF Reflection Optimization Vulnerability
    This is a local vulnerability. Detection of attacks on the wire is not possible.

MS12-075 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution

  • CVE-2012-2530 Win32k Use After Free Vulnerability
    This is a local vulnerability. Detection of attacks on the wire is not possible.
  • CVE-2012-2553 Win32k Use After Free Vulnerability
    This is a local vulnerability. Detection of attacks on the wire is not possible.
  • CVE-2012-2897 Windows Font Parsing Vulnerability
    This is a local vulnerability. Detection of attacks on the wire is not possible.

MS12-076 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution

  • CVE-2012-1885 Excel SerAuxErrBar Heap Overflow Vulnerability
    IPS:9239 - Malformed Excel Document 21
  • CVE-2012-1886 Excel Memory Corruption Vulnerability
    IPS:9240 - Malformed Excel Document 22
  • CVE-2012-1887 Excel SST Invalid Length Use After Free Vulnerability
    IPS:9241 - Malformed Excel Document 23
  • CVE-2012-2543 Excel Stack Overflow Vulnerability
    IPS:9242 - Malformed Excel Document 24