New Vulnerability Coverage - Jan 19, 2012

IPS Definition DB Versions	Coverage Release Date
3.130 - 3.136	Jan 5, 2012 - Jan 18, 2012

Severity	Number of Vulnerabilities	Active Exploitation
Critical	41	24
High	61	25
Medium	14	7
Low	41	28
Info	1	1
Total	158	85

Foreword

The FortiGuard Global Threat Research Team has released new security content to cover multiple vulnerabilities. The FortiGuard Team has observed 85 active exploitations of these vulnerabilities to date.

For more information, visit the FortiGuard Center at www.fortiguardcenter.com.

Threat Remediation

Fortinet provides coverage for the vulnerabilities described below as of the 3.136 IPS Definitions database update. A brief description of each vulnerability is provided as follows, in order of severity.

Critical ( 11 )

Vulnerability	Release Date	IPS Definition DB Version
Adobe.Acrobat.BMP.Colors.Parsing.Memory.Corruption	Jan 11, 2012	3.133
Adobe.Acrobat.BMP.Parsing.Memory.Corruption	Jan 11, 2012	3.133
Adobe.Acrobat.JPEG.Decoding.Memory.Corruption	Jan 11, 2012	3.133
Adobe.Acrobat.JavaScript.SubmitForm.Memory.Corruption	Jan 11, 2012	3.133
InduSoft.Web.Studio.Insecure.Operations.Remote.Code.Execution	Jan 10, 2012	3.132
Kiwi.CatTools.TFTP.Directory.Traversal	Jan 18, 2012	3.136
Libtelnet.Key.Remote.Buffer.Overflow	Jan 18, 2012	3.136
MS.DirectShow.L21.Remote.Code.Execution	Jan 11, 2012	3.133
MS.IE.DHTML.Script.Function.Memory.Corruption	Jan 10, 2012	3.132
MS.Publisher.Pubconv.dll.Pointer.Overwrite.Memory.Corruption	Jan 18, 2012	3.136
MS.Windows.Media.MIDI.Remote.Code.Execution	Jan 11, 2012	3.133

High ( 19 )

Vulnerability	Release Date	IPS Definition DB Version
AVID.Phonetic.Indexer.Remote.Stack.Buffer.Overflow	Jan 5, 2012	3.131
Apache.BAT.Command.Execution	Jan 11, 2012	3.133
Apache.HTTP.Server.DoS	Jan 10, 2012	3.132
CCMPlayer.M3U.File.Handling.Overflow	Jan 5, 2012	3.131
CoDeSys.SCADA.Remote.Code.Execution	Jan 18, 2012	3.136
CoDeSys.Scada.Webserver.Stack.Buffer.Overflow	Jan 5, 2012	3.130
Cyrus.IMAPD.POP3D.Remote.Buffer.Overflow	Jan 18, 2012	3.136
Family.Connections.CMS.Remote.Command.Execution	Jan 5, 2012	3.131
MS.ASP.Net.Forms.Authentication.Bypass	Jan 11, 2012	3.133
MS.Anti.XSS.Library.Bypass.Information.Disclosure	Jan 11, 2012	3.133
MS.IE.Nested.OBJECT.Tag.Handling.Memory.Corruption	Jan 5, 2012	3.130
MS.Windows.Embedded.Packager.Remote.Code.Execution	Jan 11, 2012	3.133
MS.Windows.Object.Packager.Insecure.Remote.Code.Execution	Jan 11, 2012	3.133
MS.Windows7.64bit.Memory.Corruption	Jan 11, 2012	3.133
MySQL.Remote.DoS	Jan 10, 2012	3.132
Oracle.Java.Software.Update.Weakness	Jan 18, 2012	3.136
PHPBB.Viewtopic.Highlight.Remote.Code.Execution	Jan 18, 2012	3.136
PmWiki.Remote.PHP.Code.Injection	Jan 5, 2012	3.131
Traq.Authenticate.Function.Remote.Code.Execution	Jan 11, 2012	3.133

Medium ( 3 )

Vulnerability	Release Date	IPS Definition DB Version
MS.ASP.NET.Form.Authentication.Insecure.Redirect	Jan 10, 2012	3.132
Rsyslog.Stack.Buffer.Overflow	Jan 18, 2012	3.136
Sun.Solaris.DHCP.Malformed.BOOTP.Packet.DoS	Jan 10, 2012	3.132

Low ( 1 )

Vulnerability	Release Date	IPS Definition DB Version
FTP.Bounce.Port.Scanner	Jan 18, 2012	3.136

Top of Section

Enhanced Coverage

The FortiGuard Threat Research team updates security content as new vectors of exploitation are discovered. The table below details the security content enhanced with this release.

Critical ( 48 )

Vulnerability	Revision Notes
Adobe.Acrobat.GetAnnots.Code.Execution	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
Adobe.CoolType.SING.Table.uniqueName.Buffer.Overflow	Detection Enhanced Detection Enhanced
Adobe.Flash.Player.Authplay.DLL.SWF.Handling.Code.Execution	Detection Enhanced Detection Enhanced
Adobe.Flash.Player.Authplay.Dll.SWF.File.Handle.Code.Execution	Default_action updated to 'drop'
Adobe.Flash.Player.Authplay.Remote.Code.Execution	Detection Enhanced
Adobe.Flash.Remote.Memory.Corruption	Default_action updated to 'drop'
Adobe.Illustrator.Remote.Buffer.Overflow	Detection Enhanced Default_action updated to 'pass' Detection Enhanced
Adobe.Reader.Javascript.newplayer.Method.Code.Execution	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
Adobe.Reader.Spell.CustomDictionaryOpen.Remote.Code.Execution	Default_action updated to 'drop'
Adobe.U3D.CLOD.Mesh.Declaration.Array.Buffer.Overflow	Default_action updated to 'pass' Detection Enhanced
BEA.Weblogic.Double.Dot.Buffer.Overflow	Detection Enhanced
Bredolab.Botnet.CC	Previous name: "Bredolab.Botnet" Detection Enhanced
FreeDownloadManager.Torrent.Multitags.Buffer.Overflow	Detection Enhanced Default_action updated to 'pass'
Gumblar.Botnet.CC	Previous name: "Gumblar.Botnet"
HP.OpenView.Storage.Data.Protector.Stack.Buffer.Overflow	Default_action updated to 'drop'
HP.Power.Manager.FormExportDataLogs.Buffer.Overflow	Default_action updated to 'drop'
HT.MP3Player.HT3.Buffer.Overflow	Detection Enhanced
InduSoft.Web.Studio.Insecure.Operations.Remote.Code.Execution	Detection Enhanced
LibPNG.tRNS.BufferOverflow	Default_action updated to 'drop'
MS.Excel.Obj.Record.Code.Execution	Default_action updated to 'drop' Detection Enhanced Detection Enhanced
MS.Exchange.Server.iCal.Request.DoS	Default_action updated to 'drop'
MS.GDI.WMF.META.DIB.Heap.Overflow	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
MS.GDIPlus.EMFPlusPoint.Integer.Overflow	Default_action updated to 'drop' Detection Enhanced Detection Enhanced
MS.Host.Integration.Server.RPC.Service.Code.Execution	Detection Enhanced
MS.IE.DHTML.Script.Function.Memory.Corruption	Detection Enhanced
MS.IE.Vector.Markup.Language.Remote.Code.Execution	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
MS.License.Logging.Server.RPC.Code.Execution	Default_action updated to 'drop' Detection Enhanced Detection Enhanced
MS.OpenType.Font.Index.Code.Execution	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
MS.Paint.JPEG.Integer.Overflow	Default_action updated to 'drop'
MS.SMB.Client.Transaction.Code.Execution	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
MS.VS.WMI.Object.Broker.ActiveX.Code.Execution	Detection Enhanced Default_action updated to 'drop' Detection Enhanced Detection Enhanced Default_action updated to 'pass'
MS.Visio.Compressed.Document.Packaged.Object.Code.Execution	Detection Enhanced Default_action updated to 'pass'
MS.Windows.Media.MIDI.Remote.Code.Execution	Detection Enhanced
MS.Windows.Message.Queuing.RPC.QMCOMM.Code.Execution	Default_action updated to 'drop'
MS.Windows.OLE.Remote.Code.Execution	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
MS.Windows.WINS.Memory.Corruption	Default_action updated to 'drop'
MS.Word.Document.Stream.Handling.Code.Execution	Default_action updated to 'drop'
Novell.GroupWise.iCal.RRULE.Time.Conversion.Invalid.Array.Index	Default_action updated to 'drop'
Oracle.DBMS.Cdc.Publish.SQL.Injection	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
Oracle.Secure.Backup.EXEC.QR.URI.Command.Injection	Default_action updated to 'drop'
PeaZIP.Archived.FileName.Command.Injection	Detection Enhanced Default_action updated to 'pass' Detection Enhanced
Sendmail.Header.Buffer.Overflow	Detection Enhanced
Sun.Java.System.Web.Server.WEBDAV.Stack.Buffer.Overflow	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
Sun.Java.Web.Proxy.sockd.Remote.Buffer.Overflow	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
Torpig.Mebroot.Botnet.CC	Previous name: "Torpig.Mebroot.Botnet"
TugZip.File.Parsing.Buffer.Overflow	Detection Enhanced
UltraISO.CCD.Buffer.Overflow	Detection Enhanced
Waledac.Botnet.CC	Previous name: "Waledac.Botnet" Detection Enhanced

High ( 82 )

Vulnerability	Revision Notes
ACDSee.FotoSlate.PLP.File.Overflow	Detection Enhanced
ACDSee.XPMHeaders.Buffer.Overflow	Detection Enhanced Detection Enhanced
AOL.Desktop.Rtx.File.Remote.Buffer.Overflow	Default_action updated to 'drop'
Agobot.Phatbot.Botnet.CC	Previous name: "Agobot.Phatbot.Infection"
Apache.HTTP.Server.DoS	Detection Enhanced Detection Enhanced Status updated to 'disable'
Apple.Mac.OS.X.Mail.Code.Execution	Detection Enhanced Severity updated to 'high' Detection Enhanced
Apple.QuickTime.Movie.File.Component.Name.Integer.Overflow	Default_action updated to 'drop'
Apple.Safari.Webkit.libxslt.Arbitrary.File.Creation	Default_action updated to 'pass' Detection Enhanced Detection Enhanced
Asterisk.T.38.Buffer.Overflow	Default_action updated to 'drop'
Asterisk.T38.Fax.Buffer.Overflow
BOOTP.Boot.File.Name.Buffer.Overflow	Detection Enhanced
Bajie.HTTP.JServer.CGI.Remote.Command.Execution	Severity updated to 'high'
BrightStor.ARCserve.Probe.Buffer.Overflow	Detection Enhanced Severity updated to 'high' Detection Enhanced
Cisco.WebEx.Player.ATDL2006.DLL.Heap.Memory.Corruption	Detection Enhanced Severity updated to 'high' Detection Enhanced
CoDeSys.Scada.Webserver.Stack.Buffer.Overflow	Detection Enhanced
Eudora.URL.Handling.Buffer.Overflow	Default_action updated to 'drop'
FeedDemon.OPML.Outline.Tag.Buffer.Overflow	Detection Enhanced
Flexera.InstallShield.ISGrid2.DLL.DoFindReplace.Buffer.Overflow	Detection Enhanced
Foxit.PDF.Reader.Javascript.File.Write	Detection Enhanced
Foxit.Reader.Title.Parsing.Overflow	Detection Enhanced
GAlan.Galan.File.Stack.Overflow	Detection Enhanced
HP.UX.LPD.Arbitrary.Command.Execution	Severity updated to 'high'
IBM.Lotus.Notes.123File.Viewer.Remote.Buffer.Overflow	Default_action updated to 'drop'
IDEAL.Administration.IPJ.File.Buffer.Overflow	Detection Enhanced
Imrabot.Botnet.CC	Previous name: "Imrabot.Botnet"
MS.ASP.Net.Forms.Authentication.Bypass	Detection Enhanced
MS.Access.Snapshot.Viewer.ActiveX.Control.File.Download	Default_action updated to 'drop'
MS.Anti.XSS.Library.Bypass.Information.Disclosure	Detection Enhanced
MS.CMM.ICC.Profile.Buffer.Overflow	Default_action updated to 'drop'
MS.Cinepak.Codec.Decompression.Code.Execution	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
MS.Excel.Data.Initialization.Code.Execution	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
MS.Excel.Drawing.Layer.Dangling.Pointer.Remote.Code.Execution	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
MS.Excel.Sxview.Record.iCache.Code.Execution	Default_action updated to 'drop'
MS.Exchange.Server.Outlook.Web.Access.Script.Injection	Default_action updated to 'drop'
MS.Explorer.Long.Share.Name.Buffer.Overflow	Default_action updated to 'drop'
MS.Help.Workshop.Buffer.Overflow	Detection Enhanced
MS.IE.Cached.Object.Zone.Bypass	Default_action updated to 'drop'
MS.IE.DOM.Modification.Evasion.Memory.Corruption	Detection Enhanced Detection Enhanced
MS.IE.DOM.Modification.Memory.Corruption	Detection Enhanced Default_action updated to 'pass'
MS.IE.Layout.Memory.Corruption	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
MS.IE.Nested.OBJECT.Tag.Handling.Memory.Corruption	Detection Enhanced
MS.Office.Excel.Lel.Biff.Record.Memory.Corruption	Detection Enhanced Default_action updated to 'pass'
MS.Office.Excel.Row.Record.Integer.Field.Code.Execution	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
MS.Office.PowerPoint.OfficeArt.Shape.RCE.Memory.Corruption	Detection Enhanced
MS.Office.Visio.DXF.File.Stack.Buffer.Overflow	Detection Enhanced
MS.PPT.Invalid.TimeColorBehaviorContainer.Remote.Code.Execution	Detection Enhanced
MS.Project.PropList.Pid.Memory.Corruption	Default_action updated to 'drop'
MS.RRAS.RasRpcSubmitRequest.Buffer.Overflow	Default_action updated to 'drop'
MS.SQL.Server.sqldmo.dll.Code.Execution	Default_action updated to 'drop'
MS.Shell.Handler.Remote.Code.Execution	Detection Enhanced
MS.Visio.Insecure.MFC.Dll.Loading	Detection Enhanced
MS.WMPlayer.Plugin.Buffer.Overflow	Default_action updated to 'drop' Detection Enhanced Detection Enhanced
MS.Windows.CreateSizedDIBSECTION.Thumbnail.View.Stack.Overflow	Default_action updated to 'drop'
MS.Windows.Fax.Cover.Page.Editor.Remote.Code.Execution	Default_action updated to 'drop' Detection Enhanced Detection Enhanced
MS.Windows.HTML.Help.Control.CrossZone.Scripting	Default_action updated to 'drop'
MS.Windows.LSASS.Remote.Buffer.Overflow	Detection Enhanced
MS.Windows.WKSSVC.Privilege.Elevation	Default_action updated to 'drop'
MS.Windows.X509.OID.Spoofing	Default_action updated to 'drop'
MagicISO.Maker.Cue.File.Stack.Overflow	Previous name: "Cue.File.Stack.Overflow" Detection Enhanced
Mini.Stream.PLS.Buffer.Overflow	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
Mozilla.Firefox.JS.Engine.Function.Integer.Overflow	Default_action updated to 'drop'
Multiple.Player.S3m.Buffer.Overflow	Detection Enhanced
MySQL.Remote.DoS	Detection Enhanced
MySQL.YaSSL.Certificate.Packet.Buffer.Overflow	Default_action updated to 'drop'
Novell.GroupWise.Messenger.Buffer.Overflow	Default_action updated to 'drop'
Oracle.SYS.DBMSMETADATA.SQL.Injection	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
PHF.Qname.Parameter.Command.Execution	Detection Enhanced
Phatbot.Botnet.CC	Previous name: "Phatbot.P2P.Connection"
Pushdo.Botnet.CC	Previous name: "W32.Pushdo.Virus"
Real.Netzip.Classic.File.Parsing.Buffer.Overflow	Detection Enhanced
SCADA.Engine.BACnet.OPC.Client.Overflow	Detection Enhanced Detection Enhanced
SDBot.Botnet.CC	Previous name: "Virus.SDBot.Command.PRIVMSG"
SSL.PCT.Overflow	Default_action updated to 'drop'
Sasfis.Botnet.CC	Previous name: "Sasfis.Botnet"
Sunway.ForceControl.SNMP.NetDBServer.Buffer.Overflow	Default_action updated to 'drop' Detection Enhanced Detection Enhanced
Symantec.Alert.Management.CreateProcess.Code.Execution	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
TippingPoint.IPS.Reverse.DNS.Lookup.Domain.Name.Overflow	Default_action updated to 'drop'
URI.Buffer.Overflow	Previous name: "Virata.EmWeb.URI.Remote.DoS"
VariCAD.DWB.File.Stack.Overflow	Detection Enhanced
VideoLAN.VLC.Media.Player.MKV.Remote.Code.Execution	Detection Enhanced Default_action updated to 'pass'
ZIP.File.Document.Title.Buffer.Overflow	Detection Enhanced
Zeus.Botnet.CC	Previous name: "Zeus.Botnet"

Medium ( 19 )

Vulnerability	Revision Notes
Adobe.Acrobat.Reader.Shell.Metacharacter.Code.Execution	Default_action updated to 'drop'
AnnoncesV.Annonce.PHP.Remote.File.Inclusion	Detection Enhanced Detection Enhanced
Graphiks.GrapAgenda.Index.php.Remote.File.Inclusion	Detection Enhanced Detection Enhanced
HTTP.Response.Splitting.Information.Disclosure	Detection Enhanced Default_action updated to 'pass'
HTTPS.CBC.Mode.Information.Disclosure	Detection Enhanced Severity updated to 'medium' Detection Enhanced
IMAP.APPEND.Command.Buffer.Overflow	Severity updated to 'medium'
LOIC.IRC.Botnet.CC	Previous name: "LOIC.IRC"
MS.ASP.NET.Form.Authentication.Insecure.Redirect	Detection Enhanced Severity updated to 'medium'
MS.CapiCom.Utilities.ActiveX.GetRandom.Integer.Overflow.DoS	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
MS.Malware.Protection.Engine.File.Processing.DoS	Default_action updated to 'drop'
MS.Windows.Sapi.Dll.ActiveX.Control.Access	Default_action updated to 'drop'
Oracle.Database.PITRIG_DROPMETADATA.Procedure.Buffer.Overflow	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
Oracle.Database.SYS.LT.FINDRICSET.SQL.Injection	Default_action updated to 'drop' Detection Enhanced Detection Enhanced
Oracle.GlassFish.Administration.Console.Authentication.Bypass	Detection Enhanced Default_action updated to 'pass'
Oracle.SYS.LT.ROLLBACKWORKSPACE.SQL.Injection	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
Oracle.Spatial.Application.Priviledge.Escalation	Detection Enhanced Default_action updated to 'drop' Detection Enhanced
PDF.With.Launch.Action	Default_action updated to 'pass' Detection Enhanced Detection Enhanced
SIP.Phone.Proxy.Authentication.Required.Credential.Disclosure	Default_action updated to 'drop'
Sun.Solaris.DHCP.Malformed.BOOTP.Packet.DoS	Detection Enhanced

Low ( 56 )

Vulnerability	Revision Notes
ACal.Arbitrary.Command.Execution	Detection Enhanced Severity updated to 'low'
Aardvark.Topsites.PHP.Arbitrary.Command.Execution
Agile.Joomla.Components.Parameter.Local.File.Inclusion	Detection Enhanced Severity updated to 'low' Detection Enhanced
Apple.Quicktime.Multiple.Vuln	Severity updated to 'low' Detection Enhanced
Asterisk.Skinny.Channel.Driver.Remote.DoS	Default_action updated to 'drop'
Bind.InverseQuery.Overflow	Detection Enhanced Severity updated to 'low' Detection Enhanced
Dagger.Cal.Func.PHP.File.Inclusion	Detection Enhanced Severity updated to 'low'
FrontAccounting.Config.PHP.File.Inclusion	Severity updated to 'low'
Galleria.galleria.html.php.File.Inclusion	Detection Enhanced Severity updated to 'low'
Horde.Eval.Poor.Input.Validation	Severity updated to 'low'
ISC.DHCPD.Hostname.Buffer.Overflow	Detection Enhanced Severity updated to 'low' Detection Enhanced
Idan.Sofer.phphtml.PHP.File.Inclusion	Detection Enhanced Severity updated to 'low'
MPlayer.RTSP.Line.Response.Buffer.Overflow	Severity updated to 'low' Detection Enhanced Detection Enhanced
MS.DirectX.DirectShow.Buffer.Overflow	Severity updated to 'low'
MS.IE.DHTML.Method.Heap.Memory.Corruption	Severity updated to 'low' Detection Enhanced
MS.IE.HTML.Same.Origin.Policy.Violation	Detection Enhanced Severity updated to 'low' Detection Enhanced
MS.IE.HTTPS.ProxyAuthentication.Basic	Detection Enhanced Severity updated to 'low'
MS.IIS.IndexServer.Disclosure	Default_action updated to 'drop'
MS.InternetExplorer.ContentEncoding.BufferOverflow	Detection Enhanced Severity updated to 'low'
MS.Office.Document.Handling.Code.Execution	Severity updated to 'low' Detection Enhanced Detection Enhanced
MS.RDS.Dataspace.ActiveX.Access	Severity updated to 'low'
MS.Speech.Engines.ActiveX.Buffer.Overflow	Detection Enhanced Severity updated to 'low'
MS.Windows.Media.Encoder.WMEX.DLL.Buffer.Overflow	Detection Enhanced Severity updated to 'low'
MS.Windows.Media.Player.ActiveX.Insecure.Method.Access	Detection Enhanced Severity updated to 'low' Detection Enhanced
MS.Windows.WinHlp.Buffer.Overflow	Detection Enhanced Severity updated to 'low' Detection Enhanced
MS.Windows.XP.HCP.URI.Handler.Arbitrary.Command.Execution	Severity updated to 'low'
Mozilla.Firefox.Arbitrary.HTTP.Request.Injection	Severity updated to 'low'
Multiple.Mozilla.Products.IFRAME.JavaScript.Execution	Detection Enhanced Severity updated to 'low'
NcasterCMS.Archive.PHP.File.Inclusion	Detection Enhanced Severity updated to 'low'
Oracle.9i.Application.Server.Web.Cache.DoS	Default_action updated to 'drop'
Oracle.Java.docBase.Parameter.Overflow	Severity updated to 'low' Detection Enhanced
PHP.MyGuestbook.Form.inc.php3.Remote.File.Include	Detection Enhanced Severity updated to 'low'
PHP.PPA.PpaRootPath.Remote.File.Include	Detection Enhanced Severity updated to 'low'
PHP.iPhotoAlbum.Remote.File.Include	Severity updated to 'low' Detection Enhanced Detection Enhanced
PHPNews.Change_Action.PHP.File.Inclusion	Severity updated to 'low' Detection Enhanced
Photokorn.File.Inclusion	Detection Enhanced Severity updated to 'low'
Php.Blue.Dragon.Activecontent.PHP.File.Inclusion	Severity updated to 'low' Detection Enhanced
PhpConcept.Library.Parameter.g_pcltar_lib_dir.File.Inclusion	Severity updated to 'low' Detection Enhanced
RaXnet.Cacti.ConfigSettings.PHP.Remote.File.Include	Severity updated to 'low' Detection Enhanced
RealNetworks.RealPlayer.rmoc3260.ActiveX.Code.Execution	Detection Enhanced Severity updated to 'low' Detection Enhanced
RealPlayer.SWF.Parsing.Heap.Overflow	Severity updated to 'low'
ReloadCMS.UserAgent.HTML.Injection	Detection Enhanced Severity updated to 'low'
Sina.DLoader.DownloadAndInstall.Method.ActiveX.Access	Detection Enhanced Severity updated to 'low'
Squito.Gallery.Photolist.inc.php.File.Include	Detection Enhanced Severity updated to 'low' Detection Enhanced
Storm.Krackin.Botnet.CC	Previous name: "Trojan.Storm.Worm.Krackin.Detection" Severity updated to 'low'
Sun.Java.Applet2ClassLoader.Code.Execution	Detection Enhanced Severity updated to 'low' Detection Enhanced
TCP.Window.Size.Zero.DoS	Detection Enhanced
UUSee.UUUpgrade.Update.Method.ActiveX.Control.Access	Severity updated to 'low' Detection Enhanced
WANewsletter.Waroot.Parameter.File.Inclusion	Severity updated to 'low'
WMNews.Multiple.Remote.File.Include	Detection Enhanced Severity updated to 'low'
WTools.Common.PHP.Remote.File.Include	Detection Enhanced Severity updated to 'low' Detection Enhanced
WTools.Common.PHP.Remote.File.Inclusion	Previous name: "WTools.Common.PHP.Remote.File.Include"
WebProvence.Spaw.control.class.PHP.Remote.File.Inclusion	Detection Enhanced Severity updated to 'low'
Xoops.Horoscope.Module.Footer.PHP.File.Inclusion	Severity updated to 'low'
Xoops.Multiple.Modules.SpawControl.Class.PHP.File.Inclusion	Severity updated to 'low'
Yahoo.Messenger.Webcam.Upload.Viewer.ActiveX.Buffer.Overflow	Severity updated to 'low' Detection Enhanced

Info ( 1 )

Vulnerability	Revision Notes
DNS.Zone.Transfer	Detection Enhanced

Top of Section

Active Exploitation

The FortiGuard Threat Research team uses globally distributed probes to monitor exploit activity. Vulnerabilities can be classified as active and given a magnitude level. The magnitude level is the rate of activity across the probes. The value of the magnitude is set to low, medium or high.

The table below lists the vulnerabilities discussed in this bulletin (specifically new and enhanced detection) and their corresponding exploit activity magnitude. The data below is as of this writing.

Critical ( 24 of 41 )

Vulnerability	Active Exploitaion Observed	Magnitude
Adobe.Acrobat.BMP.Colors.Parsing.Memory.Corruption	No	N/A
Adobe.Acrobat.BMP.Parsing.Memory.Corruption	No	N/A
Adobe.Acrobat.GetAnnots.Code.Execution	Yes	Low
Adobe.Acrobat.JPEG.Decoding.Memory.Corruption	No	N/A
Adobe.Acrobat.JavaScript.SubmitForm.Memory.Corruption	No	N/A
Adobe.CoolType.SING.Table.uniqueName.Buffer.Overflow	Yes	Low
Adobe.Flash.Player.Authplay.DLL.SWF.Handling.Code.Execution	Yes	Low
Adobe.Flash.Player.Authplay.Remote.Code.Execution	Yes	Medium
Adobe.Illustrator.Remote.Buffer.Overflow	Yes	Low
Adobe.Reader.Javascript.newplayer.Method.Code.Execution	Yes	Low
Adobe.U3D.CLOD.Mesh.Declaration.Array.Buffer.Overflow	Yes	Low
BEA.Weblogic.Double.Dot.Buffer.Overflow	Yes	Low
Bredolab.Botnet.CC	No	N/A
FreeDownloadManager.Torrent.Multitags.Buffer.Overflow	Yes	Low
HT.MP3Player.HT3.Buffer.Overflow	Yes	Medium
InduSoft.Web.Studio.Insecure.Operations.Remote.Code.Execution	No	N/A
Kiwi.CatTools.TFTP.Directory.Traversal	Yes	Low
Libtelnet.Key.Remote.Buffer.Overflow	No	N/A
MS.DirectShow.L21.Remote.Code.Execution	No	N/A
MS.Excel.Obj.Record.Code.Execution	Yes	Low
MS.GDI.WMF.META.DIB.Heap.Overflow	Yes	Low
MS.GDIPlus.EMFPlusPoint.Integer.Overflow	No	N/A
MS.Host.Integration.Server.RPC.Service.Code.Execution	Yes	Low
MS.IE.DHTML.Script.Function.Memory.Corruption	Yes	Low
MS.IE.Vector.Markup.Language.Remote.Code.Execution	Yes	Low
MS.License.Logging.Server.RPC.Code.Execution	Yes	Low
MS.OpenType.Font.Index.Code.Execution	Yes	Low
MS.Publisher.Pubconv.dll.Pointer.Overwrite.Memory.Corruption	No	N/A
MS.SMB.Client.Transaction.Code.Execution	Yes	Low
MS.VS.WMI.Object.Broker.ActiveX.Code.Execution	No	N/A
MS.Visio.Compressed.Document.Packaged.Object.Code.Execution	Yes	Low
MS.Windows.Media.MIDI.Remote.Code.Execution	No	N/A
MS.Windows.OLE.Remote.Code.Execution	No	N/A
Oracle.DBMS.Cdc.Publish.SQL.Injection	Yes	Low
PeaZIP.Archived.FileName.Command.Injection	No	N/A
Sendmail.Header.Buffer.Overflow	Yes	Medium
Sun.Java.System.Web.Server.WEBDAV.Stack.Buffer.Overflow	Yes	Low
Sun.Java.Web.Proxy.sockd.Remote.Buffer.Overflow	No	N/A
TugZip.File.Parsing.Buffer.Overflow	Yes	Low
UltraISO.CCD.Buffer.Overflow	No	N/A
Waledac.Botnet.CC	No	N/A

High ( 25 of 61 )

Vulnerability	Active Exploitaion Observed	Magnitude
ACDSee.FotoSlate.PLP.File.Overflow	No	N/A
ACDSee.XPMHeaders.Buffer.Overflow	Yes	Low
AVID.Phonetic.Indexer.Remote.Stack.Buffer.Overflow	No	N/A
Apache.BAT.Command.Execution	Yes	Medium
Apache.HTTP.Server.DoS	No	N/A
Apple.Mac.OS.X.Mail.Code.Execution	No	N/A
Apple.Safari.Webkit.libxslt.Arbitrary.File.Creation	Yes	Low
BOOTP.Boot.File.Name.Buffer.Overflow	Yes	Low
BrightStor.ARCserve.Probe.Buffer.Overflow	Yes	Low
CCMPlayer.M3U.File.Handling.Overflow	No	N/A
Cisco.WebEx.Player.ATDL2006.DLL.Heap.Memory.Corruption	No	N/A
CoDeSys.SCADA.Remote.Code.Execution	No	N/A
CoDeSys.Scada.Webserver.Stack.Buffer.Overflow	No	N/A
Cyrus.IMAPD.POP3D.Remote.Buffer.Overflow	No	N/A
Family.Connections.CMS.Remote.Command.Execution	No	N/A
FeedDemon.OPML.Outline.Tag.Buffer.Overflow	No	N/A
Flexera.InstallShield.ISGrid2.DLL.DoFindReplace.Buffer.Overflow	Yes	Low
Foxit.PDF.Reader.Javascript.File.Write	No	N/A
Foxit.Reader.Title.Parsing.Overflow	No	N/A
GAlan.Galan.File.Stack.Overflow	No	N/A
IDEAL.Administration.IPJ.File.Buffer.Overflow	No	N/A
MS.ASP.Net.Forms.Authentication.Bypass	No	N/A
MS.Anti.XSS.Library.Bypass.Information.Disclosure	No	N/A
MS.Cinepak.Codec.Decompression.Code.Execution	No	N/A
MS.Excel.Data.Initialization.Code.Execution	Yes	Low
MS.Excel.Drawing.Layer.Dangling.Pointer.Remote.Code.Execution	Yes	Low
MS.Help.Workshop.Buffer.Overflow	No	N/A
MS.IE.DOM.Modification.Evasion.Memory.Corruption	Yes	Low
MS.IE.DOM.Modification.Memory.Corruption	No	N/A
MS.IE.Layout.Memory.Corruption	Yes	Low
MS.IE.Nested.OBJECT.Tag.Handling.Memory.Corruption	Yes	High
MS.Office.Excel.Lel.Biff.Record.Memory.Corruption	Yes	Low
MS.Office.Excel.Row.Record.Integer.Field.Code.Execution	Yes	Low
MS.Office.PowerPoint.OfficeArt.Shape.RCE.Memory.Corruption	No	N/A
MS.Office.Visio.DXF.File.Stack.Buffer.Overflow	No	N/A
MS.PPT.Invalid.TimeColorBehaviorContainer.Remote.Code.Execution	Yes	Low
MS.Shell.Handler.Remote.Code.Execution	Yes	Low
MS.Visio.Insecure.MFC.Dll.Loading	Yes	Low
MS.WMPlayer.Plugin.Buffer.Overflow	No	N/A
MS.Windows.Embedded.Packager.Remote.Code.Execution	No	N/A
MS.Windows.Fax.Cover.Page.Editor.Remote.Code.Execution	No	N/A
MS.Windows.LSASS.Remote.Buffer.Overflow	Yes	Low
MS.Windows.Object.Packager.Insecure.Remote.Code.Execution	No	N/A
MS.Windows7.64bit.Memory.Corruption	Yes	Low
MagicISO.Maker.Cue.File.Stack.Overflow	No	N/A
Mini.Stream.PLS.Buffer.Overflow	No	N/A
Multiple.Player.S3m.Buffer.Overflow	No	N/A
MySQL.Remote.DoS	No	N/A
Oracle.Java.Software.Update.Weakness	No	N/A
Oracle.SYS.DBMSMETADATA.SQL.Injection	Yes	Low
PHF.Qname.Parameter.Command.Execution	Yes	Low
PHPBB.Viewtopic.Highlight.Remote.Code.Execution	Yes	Medium
PmWiki.Remote.PHP.Code.Injection	Yes	Low
Real.Netzip.Classic.File.Parsing.Buffer.Overflow	No	N/A
SCADA.Engine.BACnet.OPC.Client.Overflow	No	N/A
Sunway.ForceControl.SNMP.NetDBServer.Buffer.Overflow	Yes	Low
Symantec.Alert.Management.CreateProcess.Code.Execution	No	N/A
Traq.Authenticate.Function.Remote.Code.Execution	Yes	Low
VariCAD.DWB.File.Stack.Overflow	No	N/A
VideoLAN.VLC.Media.Player.MKV.Remote.Code.Execution	No	N/A
ZIP.File.Document.Title.Buffer.Overflow	Yes	Low

Medium ( 7 of 14 )

Vulnerability	Active Exploitaion Observed	Magnitude
AnnoncesV.Annonce.PHP.Remote.File.Inclusion	Yes	Low
Graphiks.GrapAgenda.Index.php.Remote.File.Inclusion	Yes	Low
HTTP.Response.Splitting.Information.Disclosure	No	N/A
HTTPS.CBC.Mode.Information.Disclosure	No	N/A
MS.ASP.NET.Form.Authentication.Insecure.Redirect	No	N/A
MS.CapiCom.Utilities.ActiveX.GetRandom.Integer.Overflow.DoS	No	N/A
Oracle.Database.PITRIG_DROPMETADATA.Procedure.Buffer.Overflow	Yes	Low
Oracle.Database.SYS.LT.FINDRICSET.SQL.Injection	No	N/A
Oracle.GlassFish.Administration.Console.Authentication.Bypass	No	N/A
Oracle.SYS.LT.ROLLBACKWORKSPACE.SQL.Injection	No	N/A
Oracle.Spatial.Application.Priviledge.Escalation	Yes	Low
PDF.With.Launch.Action	Yes	Low
Rsyslog.Stack.Buffer.Overflow	Yes	Low
Sun.Solaris.DHCP.Malformed.BOOTP.Packet.DoS	Yes	Low

Low ( 28 of 41 )

Vulnerability	Active Exploitaion Observed	Magnitude
ACal.Arbitrary.Command.Execution	Yes	Low
Agile.Joomla.Components.Parameter.Local.File.Inclusion	Yes	Low
Apple.Quicktime.Multiple.Vuln	Yes	Low
Bind.InverseQuery.Overflow	Yes	Low
Dagger.Cal.Func.PHP.File.Inclusion	Yes	Low
FTP.Bounce.Port.Scanner	Yes	Low
Galleria.galleria.html.php.File.Inclusion	Yes	Low
ISC.DHCPD.Hostname.Buffer.Overflow	Yes	Low
Idan.Sofer.phphtml.PHP.File.Inclusion	Yes	Low
MPlayer.RTSP.Line.Response.Buffer.Overflow	Yes	Low
MS.IE.DHTML.Method.Heap.Memory.Corruption	Yes	High
MS.IE.HTML.Same.Origin.Policy.Violation	No	N/A
MS.IE.HTTPS.ProxyAuthentication.Basic	No	N/A
MS.InternetExplorer.ContentEncoding.BufferOverflow	No	N/A
MS.Office.Document.Handling.Code.Execution	Yes	Low
MS.Speech.Engines.ActiveX.Buffer.Overflow	Yes	Low
MS.Windows.Media.Encoder.WMEX.DLL.Buffer.Overflow	No	N/A
MS.Windows.Media.Player.ActiveX.Insecure.Method.Access	Yes	Low
MS.Windows.WinHlp.Buffer.Overflow	No	N/A
Multiple.Mozilla.Products.IFRAME.JavaScript.Execution	Yes	Low
NcasterCMS.Archive.PHP.File.Inclusion	Yes	Low
Oracle.Java.docBase.Parameter.Overflow	Yes	Low
PHP.MyGuestbook.Form.inc.php3.Remote.File.Include	No	N/A
PHP.PPA.PpaRootPath.Remote.File.Include	Yes	Low
PHP.iPhotoAlbum.Remote.File.Include	Yes	Low
PHPNews.Change_Action.PHP.File.Inclusion	Yes	Low
Photokorn.File.Inclusion	No	N/A
Php.Blue.Dragon.Activecontent.PHP.File.Inclusion	Yes	Low
PhpConcept.Library.Parameter.g_pcltar_lib_dir.File.Inclusion	Yes	Low
RaXnet.Cacti.ConfigSettings.PHP.Remote.File.Include	No	N/A
RealNetworks.RealPlayer.rmoc3260.ActiveX.Code.Execution	No	N/A
ReloadCMS.UserAgent.HTML.Injection	Yes	Low
Sina.DLoader.DownloadAndInstall.Method.ActiveX.Access	No	N/A
Squito.Gallery.Photolist.inc.php.File.Include	No	N/A
Sun.Java.Applet2ClassLoader.Code.Execution	Yes	Low
TCP.Window.Size.Zero.DoS	Yes	Medium
UUSee.UUUpgrade.Update.Method.ActiveX.Control.Access	No	N/A
WMNews.Multiple.Remote.File.Include	Yes	Low
WTools.Common.PHP.Remote.File.Include	Yes	Low
WebProvence.Spaw.control.class.PHP.Remote.File.Inclusion	No	N/A
Yahoo.Messenger.Webcam.Upload.Viewer.ActiveX.Buffer.Overflow	Yes	Low

Info ( 1 of 1 )

Vulnerability	Active Exploitaion Observed	Magnitude
DNS.Zone.Transfer	Yes	Medium

Top of Section

Fortinet

FortiGuard Center: Threat Research and Response

New Vulnerability Coverage - Jan 19, 2012

Foreword

Threat Remediation

Enhanced Coverage

Active Exploitation

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

Fortinet

FortiGuard Center: Threat Research and Response

New Vulnerability Coverage - Jan 19, 2012

Foreword

Threat Remediation

Enhanced Coverage

Active Exploitation

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

Social Media