Threat intelligence
Microsoft Security Bulletin Coverage (Oct 11, 2011)
SonicWALL has analyzed and addressed Microsoft's security advisories for the month of October, 2011. A list of issues reported, along with SonicWALL coverage information follows:
MS11-075 Vulnerability in Microsoft Active Accessibility Could Allow Remote Code Execution (2623699)
- CVE-2011-1247 Active Accessibility Insecure Library Loading Vulnerability
IPS: 5726 - Possible Binary Planting Attempt
MS11-076 Vulnerability in Windows Media Center Could Allow Remote Code Execution (2604926)
- CVE-2011-2009 Media Center Insecure Library Loading Vulnerability
IPS: 5726 - Possible Binary Planting Attempt
MS11-077 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2567053)
- CVE-2011-1985 Win32k Null Pointer De-reference Vulnerability
This is a local vulnerability. - CVE-2011-2002 Win32k TrueType Font Type Translation Vulnerability
There is no feasible method of detection. - CVE-2011-2003 Font Library File Buffer Overrun Vulnerability
IPS: 2252 - Malformed OpenType Font 10b - CVE-2011-2011 Win32k Use After Free Vulnerability
There is no feasible method of detection.
- CVE-2011-1253 Class Inheritance Vulnerability
GAV: MsApp.Exp.MP.1
- CVE-2011-1895 ExcelTable Response Splitting XSS Vulnerability
IPS: 2418 - ExcelTable Code Injection 1 - CVE-2011-1896 ExcelTable Reflected XSS Vulnerability
IPS: 2419 - ExcelTable Code Injection 2 - CVE-2011-1897 Default Reflected XSS Vulnerability
IPS: 2300 - Generic Cross-Site Scripting (XSS) Attempt 24 - CVE-2011-1969 Poisoned Cup of Code Execution Vulnerability
IPS: 2420 - Generic Java Applet Exploit 3 - CVE-2011-2012 Null Session Cookie Crash
IPS: 2258 - Suspicious HTTP Cookie Header 3
MS11-080 Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2592799)
- CVE-2011-2005 Ancillary Function Driver Elevation of Privilege Vulnerability
This is a local vulnerability.
MS11-081 Cumulative Security Update for Internet Explorer (2586448)
- CVE-2011-1993 Scroll Event Remote Code Execution Vulnerability
IPS: 7029 - MS IE Scroll Event Remote Code Execution Exploit - CVE-2011-1995 OLEAuto32.dll Remote Code Execution Vulnerability
IPS: 7028 - MS IE OLEAuto32.dll Remote Code Execution Exploit - CVE-2011-1996 Option Element Remote Code Execution Vulnerability
IPS: 7027 - MS IE Option Element Remote Code Execution Exploit - CVE-2011-1997 OnLoad Event Remote Code Execution Vulnerability
IPS: 7026 - MS IE OnLoad Event Remote Code Execution Exploit - CVE-2011-1998 Jscript9.dll Remote Code Execution Vulnerability
IPS: 7025 - MS IE Jscript9.dll Remote Code Execution Exploit - CVE-2011-1999 Select Element Remote Code Execution Vulnerability
IPS: 7024 - MS IE Select Element Remote Code Execution Exploit - CVE-2011-2000 Body Element Remote Code Execution Vulnerability
IPS: 7022 - MS IE Body Element Remote Code Execution Exploit - CVE-2011-2001 Virtual Function Table Corruption Remote Code Execution Vulnerability
IPS: 7021 - MS IE Virtual Function Table Corruption Exploit
MS11-082 Vulnerabilities in Host Integration Server Could Allow Denial of Service (2607670)
- CVE-2011-2007 Endless Loop DoS in snabase.exe Vulnerability
IPS: 5012 - Generic UDP Shellcode Exploit 2 - CVE-2011-2008 Access of Unallocated Memory DoS Vulnerability
IPS: 4896 - Generic Server Application Shellcode Exploit 9
IPS: 5512 - Generic Server Application Shellcode Exploit 28
IPS: 6701 - MS Host Integration Server DoS
Share This Article
An Article By
An Article By
Security News
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.