Microsoft Security Bulletins Coverage
SonicWALL has analyzed and addressed Microsoft's security advisories for the month of August, 2010. A list of issues reported, along with SonicWALL coverage information follows:
MS10-047 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
- CVE-2010-1888 - Windows Kernel Data Initialization Vulnerability
Local elevation of privilege - CVE-2010-1889 - Windows Kernel Double Free Vulnerability
Local elevation of privilege - CVE-2010-1890 - Windows Kernel Improper Validation Vulnerability
Local denial of service
MS10-048 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
- CVE-2010-1887 - Win32k Bounds Checking Vulnerability
Local denial of service - CVE-2010-1894 - Win32k Exception Handling Vulnerability
Local elevation of privilege - CVE-2010-1895 - Win32k Pool Overflow Vulnerability
Local elevation of privilege - CVE-2010-1896 - Win32k User Input Validation Vulnerability
Local elevation of privilege - CVE-2010-1897 - Win32k Window Creation Vulnerability
Local elevation of privilege
MS10-049 Vulnerabilities in SChannel Could Allow Remote Code Execution
- CVE-2009-3555 - TLS/SSL Renegotiation Vulnerability
This vulnerability allows an attacker to spoof an authenticated SSL client.
There is no feasible method to discern malicious traffic from normal. - CVE-2010-2566 - SChannel Malformed Certificate Request Remote Code Execution Vulnerability
Attacks occur over an encrypted channel.
MS10-050 Vulnerability in Windows Movie Maker Could Allow Remote Code Execution
- CVE-2010-2564 - Movie Maker Memory Corruption Vulnerability
There are no known public exploits targeting this vulnerability.
MS10-051 Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution
- CVE-2010-2561 - MSxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability
Unexpected HTTP responses may trigger a bug in Microsoft XML Core Services which may result in process flow diversion.
MS10-052 Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution
- CVE-2010-1882 - MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
There are no known public exploits targeting this vulnerability.
MS10-053 Cumulative Security Update for Internet Explorer
- CVE-2010-1258 - Event Handler Cross-Domain Vulnerability
IPS 5184 - document.execCommand Method Invocation - CVE-2010-2556 - Uninitialized Memory Corruption Vulnerability
- CVE-2010-2557 - Uninitialized Memory Corruption Vulnerability
This is a logical flaw. Attacks targeting this vulnerability cannot be detected by IPS. - CVE-2010-2558 - Race Condition Memory Corruption Vulnerability
This is a logical flaw. Attacks targeting this vulnerability cannot be detected by IPS. - CVE-2010-2559 - Uninitialized Memory Corruption Vulnerability
This is a logical flaw. Attacks targeting this vulnerability cannot be detected by IPS. - CVE-2010-2560 - HTML Layout Memory Corruption Vulnerability
This is a logical flaw. Attacks targeting this vulnerability cannot be detected by IPS.
IPS 5157 - location.protocol Attribute Setting
MS10-054 Vulnerabilities in SMB Server Could Allow Remote Code Execution
- CVE-2010-2550 - SMB Pool Overflow Vulnerability
IPS 5235 - MS SMB Pool Overflow Attack Attempt - CVE-2010-2551 - SMB Variable Validation Vulnerability
A denial of service vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets. - CVE-2010-2552 - SMB Stack Exhaustion Vulnerability
A denial of service vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB compounded requests.
MS10-055 Vulnerability in Cinepak Codec Could Allow Remote Code Execution
- CVE-2010-2553 - Cinepak Codec Decompression Vulnerability
There are no known public exploits targeting this vulnerability.
MS10-056 Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution
- CVE-2010-1900 - Word Record Parsing Vulnerability
There are no known public exploits targeting this vulnerability. - CVE-2010-1901 - Word RTF Parsing Engine Memory Corruption Vulnerability
GAV Agent.EXP_5
GAV Agent.EXP_6
GAV Agent.EXP_7 - CVE-2010-1902 - MS Word RTF Parsing Buffer Overflow Attempt
IPS 5127 - MS Word RTF Parsing Buffer Overflow Attempt - CVE-2010-1903 - Word HTML Linked Objects Memory Corruption Vulnerability
There are no known public exploits targeting this vulnerability.
MS10-057 Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution
- CVE-2010-2562
- Excel Memory Corruption Vulnerability
There are no known public exploits targeting this vulnerability.
MS10-058 Vulnerabilities in TCP/IP Could Allow Elevation of Privilege
- CVE-2010-1892 - IPv6 Memory Corruption Vulnerability
A denial of service vulnerability exists in TCP/IP processing in Microsoft Windows due to an error in the processing of specially crafted IPv6 packets with a malformed extension header. - CVE-2010-1893 - Integer Overflow in Windows Networking Vulnerability
Local elevation of privilege
MS10-059 Vulnerabilities in the Tracing Feature for Services Could Allow an Elevation of Privilege
- CVE-2010-2554 - Tracing Registry Key ACL Vulnerability
Local elevation of privilege - CVE-2010-2555 - Tracing Memory Corruption Vulnerability
Local elevation of privilege
- CVE-2010-0019 - Microsoft Silverlight Memory Corruption Vulnerability
IPS 5115 - MS Silverlight Memory Corruption S1 - CVE-2010-1898 - Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability
A remote code execution vulnerability exists in the Microsoft .NET Framework that can allow a specially crafted Microsoft .NET application or a specially crafted Silverlight application to access memory, leading to arbitrary unmanaged code execution.