[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: VulnerabilitiestoWindowsSystems
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Thu Nov 5 05:20:05 PST 2009
Fixlet Site - VulnerabilitiestoWindowsSystems
Current Version: 191 Published: Thu, 05 Nov 2009 01:44:18 GMT
New Fixlets:
============
***************************************************************
Title: Adobe Reader and Acrobat cause denial of service or possibly execute arbitrary code via unknown vectors
Severity: High
Fixlet ID: 552301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5523.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2984
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x before 9.2.0, and possibly 7.x through 7.1.4 and 8.x through 8.1.7, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
***************************************************************
Title: Adobe Reader and Acrobat might allow remote attackers to execute arbitrary code via unknown vectors.
Severity: High
Fixlet ID: 555701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5557.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2991
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2.0, might allow remote attackers to execute arbitrary code via unknown vectors.
***************************************************************
Title: Adobe Reader and Acrobat memory corruption or possibly execute arbitrary code via unspecified vectors
Severity: High
Fixlet ID: 556001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5560.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2996
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2985.
***************************************************************
Title: SMBv2 Infinite Loop Vulnerability
Severity: High
Fixlet ID: 559501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5595.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2526
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted packet to the Server service, aka "SMBv2 Infinite Loop Vulnerability."
***************************************************************
Title: Adobe Reader and Acrobat cause DoS (memory corruption) or execute arbitrary code via unspecified vectors.
Severity: High
Fixlet ID: 563601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5636.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2983
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Reader and Acrobat 9.x before 9.2.0, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
***************************************************************
Title: Microsoft .NET Framework Pointer Verification Vulnerability
Severity: High
Fixlet ID: 571601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5716.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0090
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Pointer Verification Vulnerability."
***************************************************************
Title: Adobe Reader and Acrobat getPlus_HelperSvc.exe) local elevation of privileges
Severity: High
Fixlet ID: 571901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5719.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2564
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: NOS Microsystems getPlus Download Manager for Adobe 1.6.2.36, and possibly other versions, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot.
***************************************************************
Title: Uninitialized Memory Corruption Vulnerability (CVE-2009-2531)
Severity: High
Fixlet ID: 576601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5766.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2531
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530.
***************************************************************
Title: Adobe Reader and Acrobat cause Multiple Vulnerabilities
Severity: High
Fixlet ID: 582201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5822.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2993
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information.
***************************************************************
Title: Null Truncation in X.509 Common Name Vulnerability
Severity: High
Fixlet ID: 584201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5842.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2510
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, as used by Internet Explorer and other applications, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, aka "Null Truncation in X.509 Common Name Vulnerability," a related issue to CVE-2009-2408.
***************************************************************
Title: Adobe Reader and Acrobat cause arbitrary code execution via unspecified vectors
Severity: High
Fixlet ID: 588801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5888.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2986
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 might allow attackers to execute arbitrary code via unspecified vectors.
***************************************************************
Title: Opera integer value denial of service
Severity: Medium
Fixlet ID: 595701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5957.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2540
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Opera, possibly 9.64 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
***************************************************************
Title: Adobe Reader and Acrobat DoS or possibly execute arbitrary code via unspecified vectors
Severity: High
Fixlet ID: 596401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5964.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2980
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.
***************************************************************
Title: Memory Corruption in Indexing Service Vulnerability
Severity: High
Fixlet ID: 604201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6042.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2507
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary" to load and run, aka "Memory Corruption in Indexing Service Vulnerability."
***************************************************************
Title: Adobe Reader and Acrobat allows attackers to cause a denial of service via unknown vectors
Severity: Medium
Fixlet ID: 605401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6054.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2992
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2.0, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors.
***************************************************************
Title: IIS FTP Service RCE and DoS Vulnerability
Severity: High
Fixlet ID: 608001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6080.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3023
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
***************************************************************
Title: Adobe Reader and Acrobat cause DoS and Arbitrary Execution
Severity: High
Fixlet ID: 614501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6145.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2985
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
***************************************************************
Title: Adobe Reader and Acrobat allow attackers to execute arbitrary code via unspecified vectors
Severity: High
Fixlet ID: 615601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6156.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2994
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 might allow attackers to execute arbitrary code via unspecified vectors.
***************************************************************
Title: WMP Heap Overflow Vulnerability
Severity: High
Fixlet ID: 618401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6184.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2527
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Heap-based buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via (1) a crafted ASF file or (2) crafted streaming content, aka "WMP Heap Overflow Vulnerability."
***************************************************************
Title: Integer Overflow in X.509 Object Identifiers Vulnerability
Severity: High
Fixlet ID: 618601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6186.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2511
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Integer overflow in the CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows man-in-the-middle attackers to spoof arbitrary SSL servers and other entities via an X.509 certificate that has a malformed ASN.1 Object Identifier (OID) and was issued by a legitimate Certification Authority, aka "Integer Overflow in X.509 Object Identifiers Vulnerability."
***************************************************************
Title: Uninitialized Memory Corruption Vulnerability (CVE-2009-2530)
Severity: High
Fixlet ID: 619001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6190.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2530
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2531.
***************************************************************
Title: Local Security Authority Subsystem Service Integer Overflow Vulnerability
Severity: High
Fixlet ID: 626301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6263.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2524
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Integer underflow in the NTLM authentication feature in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to cause a denial of service (reboot) via a malformed packet, aka "Local Security Authority Subsystem Service Integer Overflow Vulnerability."
***************************************************************
Title: Windows Kernel NULL Pointer Dereference Vulnerability
Severity: Medium
Fixlet ID: 626401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6264.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2516
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly validate data sent from user mode, which allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka "Windows Kernel NULL Pointer Dereference Vulnerability.
***************************************************************
Title: Adobe Reader and Acrobat cause denial of service via unknown vectors
Severity: Medium
Fixlet ID: 627401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6274.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2987
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in an ActiveX control in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 on Windows allows remote attackers to cause a denial of service via unknown vectors.
***************************************************************
Title: Adobe Reader and Acrobat denial of service via a crafted document
Severity: Medium
Fixlet ID: 628001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6280.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2979
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Reader and Acrobat 9.x before 9.2.0, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document.
***************************************************************
Title: Adobe Reader and Acrobat bypass intended Trust Manager restrictions via unspecified vectors
Severity: High
Fixlet ID: 628401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6284.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2981
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors.
***************************************************************
Title: Adobe Reader and Acrobat cause execution of arbitrary code vulnerability
Severity: High
Fixlet ID: 629701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6297.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2989
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Integer overflow in Adobe Acrobat 9.x before 9.2.0, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.
***************************************************************
Title: SMBv2 Command Value Vulnerability
Severity: High
Fixlet ID: 633601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6336.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2532
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a crafted SMBv2 packet to the Server service, aka "SMBv2 Command Value Vulnerability.
***************************************************************
Title: Adobe Reader and Acrobat DoS via long sequence of # (hash) characters
Severity: Medium
Fixlet ID: 634801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6348.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0048
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a cross-site scripting issue.
***************************************************************
Title: Adobe Reader and Acrobat social engineering attack via unknown vectors
Severity: High
Fixlet ID: 636501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6365.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2982
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2.0, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow remote attackers to conduct a "social engineering attack" via unknown vectors.
***************************************************************
Title: Adobe Reader and Acrobat allow attackers to execute arbitrary code via unspecified vectors
Severity: High
Fixlet ID: 637101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6371.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2990
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Array index error in Adobe Reader and Acrobat 9.x before 9.2.0, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.
***************************************************************
Title: ATL Uninitialized Object Vulnerability
Severity: High
Fixlet ID: 637301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6373.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0901
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
***************************************************************
Title: Windows Media Runtime Voice Sample Rate Vulnerability
Severity: High
Fixlet ID: 640701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6407.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0555
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability."
***************************************************************
Title: Adobe Reader and Acrobat allow arbitrary code execution and DoS
Severity: High
Fixlet ID: 641801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6418.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2998
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors.
***************************************************************
Title: HTML Component Handling Vulnerability
Severity: High
Fixlet ID: 641901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6419.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2529
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability."
***************************************************************
Title: ATL COM Initialization Vulnerability
Severity: High
Fixlet ID: 642101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6421.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2493
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
***************************************************************
Title: Memory Corruption Vulnerability
Severity: High
Fixlet ID: 642601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6426.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2528
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."
***************************************************************
Title: Adobe Reader and Acrobat 'format bug' remote arbitrary code execution
Severity: Medium
Fixlet ID: 642901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6429.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3462
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a format bug.
***************************************************************
Title: Office BMP Integer Overflow Vulnerability
Severity: High
Fixlet ID: 643001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6430.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2518
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote attackers to execute arbitrary code via an Office document with a bitmap (aka BMP) image that triggers memory corruption, aka "Office BMP Integer Overflow Vulnerability."
***************************************************************
Title: Microsoft .NET Framework Type Verification Vulnerability
Severity: High
Fixlet ID: 645101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6451.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0091
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Type Verification Vulnerability."
***************************************************************
Title: Data Stream Header Corruption Vulnerability
Severity: High
Fixlet ID: 645401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6454.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1547
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability."
***************************************************************
Title: Adobe Reader and Acrobat allows attackers to bypass intended file-extension
Severity: High
Fixlet ID: 646601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6466.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3461
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Acrobat 9.x before 9.2.0 allows attackers to bypass intended file-extension restrictions via unknown vectors.
***************************************************************
Title: ATL COM Initialization Vulnerability
Severity: High
Fixlet ID: 647301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6473.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2493
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
***************************************************************
Title: ATL Null String Vulnerability
Severity: High
Fixlet ID: 647801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6478.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2495
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability."
***************************************************************
Title: Adobe Reader and Acrobat cause arbitrary code execution via unspecified vectors
Severity: High
Fixlet ID: 648101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6481.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2997
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 might allow attackers to execute arbitrary code via unspecified vectors.
***************************************************************
Title: Adobe Reader and Acrobat cause Denial of Service Vulnerability
Severity: Medium
Fixlet ID: 648301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6483.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2988
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 do not properly validate input, which allows attackers to cause a denial of service via unspecified vectors.
***************************************************************
Title: Windows Media Runtime Heap Corruption Vulnerability
Severity: High
Fixlet ID: 648401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6484.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2525
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted media file or (2) crafted streaming content, aka "Windows Media Runtime Heap Corruption Vulnerability."
***************************************************************
Title: Adobe Reader and Acrobat Multiple Vulnerabilities
Severity: Medium
Fixlet ID: 648701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6487.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0045
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka Universal XSS (UXSS).
***************************************************************
Title: SMBv2 Negotiation Vulnerability
Severity: High
Fixlet ID: 648901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6489.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3103
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Array index error in the SMB2 protocol implementation in srv2.sys in Microsoft Windows 7, Server 2008, and Vista Gold, SP1, and SP2 allows remote attackers to cause a denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location. NOTE: some of these details are obtained from third party information.
***************************************************************
Title: Adobe Reader and Acrobat allow arbitrary code execution
Severity: High
Fixlet ID: 649901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6499.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3458
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors.
***************************************************************
Title: Windows Kernel Integer Underflow Vulnerability
Severity: Medium
Fixlet ID: 650601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6506.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2515
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncation of a 64-bit integer to a 32-bit integer, aka "Windows Kernel Integer Underflow Vulnerability."
***************************************************************
Title: IIS FTP Service DoS Vulnerability
Severity: Medium
Fixlet ID: 650801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6508.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2521
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdirectory, followed by a .. (dot dot), aka "IIS FTP Service DoS Vulnerability."
***************************************************************
Title: Microsoft Silverlight and Microsoft .NET Framework CLR Vulnerability
Severity: High
Fixlet ID: 651001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6510.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2497
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted Silverlight application, (3) a crafted ASP.NET application, or (4) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Vulnerability."
***************************************************************
Title: Windows Kernel Exception Handler Vulnerability
Severity: Medium
Fixlet ID: 651201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6512.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2517
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The kernel in Microsoft Windows Server 2003 SP2 does not properly handle unspecified exceptions when an error condition occurs, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability."
***************************************************************
Title: Adobe Reader and Acrobat denial of service (application crash) via a PDF
Severity: Medium
Fixlet ID: 653201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6532.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3431
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the alert method. NOTE: some of these details are obtained from third party information.
***************************************************************
Title: Adobe Reader and Acrobat allow to execute arbitrary code via a crafted PDF file
Severity: High
Fixlet ID: 653401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6534.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3459
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.
***************************************************************
Title: Adobe Reader and Acrobat allow memory corruption
Severity: High
Fixlet ID: 655001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6550.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3460
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat 9.x before 9.2.0, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
***************************************************************
Title: Adobe Reader and Acrobat allows attackers to cause a DoS via unspecified vectors.
Severity: Medium
Fixlet ID: 655401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6554.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2995
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Integer overflow in Adobe Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2.0 allows attackers to cause a denial of service via unspecified vectors.
More information about the WinVulns-Announcements
mailing list