|
|
Foreword
The FortiGuard Global Threat Research Team has released new security content to cover multiple vulnerabilities. The FortiGuard Team has observed 24 active exploitations of these vulnerabilities to date.
For more information, visit the FortiGuard Center at www.fortiguardcenter.com.
Threat Remediation
Fortinet provides coverage for the vulnerabilities described below as of the 2.825 IPS Definitions database update. A brief description of each vulnerability is provided as follows, in order of severity.
Critical ( 20 )
| Adobe.0day.23305 Event ID: 23305 |
Release Date: Jun 08, 2010 IPS Definitions DB Version: 2.818 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe products. The vulnerability is caused by an error in "authplay.dll" while handling malicious SWF content. It allows a remote attacker to execute arbitrary code via sending a crafted PDF document or FLASH file. Affected Products: Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX Reference IDs:
|
| Adobe.Flash.Player.DefineFontInfo.Pointer.Code.Execution Event ID: 23421 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: This indicates an attack attempt against a code-execution vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It allows a remote attacker to execute arbitrary code via sending a crafted .swf file. Affected Products: Adobe Flash Player version 10.0.45.2 and prior Reference IDs: |
| Adobe.Flash.Player.Unspecified.JIT.Code.Execution Event ID: 23418 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a code-execution vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It allows a remote attacker to execute arbitrary code via sending a crafted .swf file. Affected Products: Adobe Flash Player version 10.0.45.2 and prior Reference IDs: |
| Adobe.Flash.Player.Unspecified.Static.Code.Execution Event ID: 23403 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a code-execution vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It allows a remote attacker to execute arbitrary code via sending a crafted .swf file. Affected Products: Adobe Flash Player 10.0.45.2 and prior versions Reference IDs: |
| Adobe.Flash.Player.Unspecified.UD.Code.Execution Event ID: 23419 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a code-execution vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It allows a remote attacker to execute arbitrary code via sending a crafted .swf file. Affected Products: Adobe Flash Player 10.0.45.2 and prior versions Reference IDs: |
| FG-VD-10-001-Adobe Event ID: 23306 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It allows a remote attacker to execute arbitrary code. Affected Products: Adobe Flash Player 10.0.45.2 and prior versions Reference IDs: |
| FG-VD-10-019-Adobe Event ID: 23307 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It allows a remote attacker to execute arbitrary code. Affected Products: Adobe Flash Player 10.0.45.2 and prior versions Reference IDs: |
| HP.OpenView.NNM.Getnnmdata.CGI.Hostname.Code.Execution Event ID: 23020 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: This indicates an attack attempt against a buffer-overflow vulnerability in HP OpenView. The vulnerability is caused by an error when the vulnerable software handles a malicious "Hostname" parameter. It allows a remote attacker to execute arbitrary code via sending a crafted web request. Affected Products: HP OpenView Network Node Manager 7.01 HP OpenView Network Node Manager 7.51 HP OpenView Network Node Manager 7.53 Reference IDs: |
| HP.OpenView.NNM.Getnnmdata.EXE.CGI.ICount.Code.Execution Event ID: 23019 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: This indicates an attack attempt against a buffer-overflow vulnerability in HP OpenView. The vulnerability is caused by an error when the vulnerable software handles a malicious "Icount" parameter. It allows a remote attacker to execute arbitrary code via sending a crafted web request. Affected Products: HP OpenView Network Node Manager 7.01 HP OpenView Network Node Manager 7.51 HP OpenView Network Node Manager 7.53 Reference IDs: |
| HP.OpenView.NNM.Getnnmdata.EXE.CGI.MaxAge.Code.Execution Event ID: 23003 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: This indicates an attack attempt against a buffer-overflow vulnerability in HP OpenView. The vulnerability is caused by an error when the vulnerable software handles a malicious "MaxAge" parameter. It allows a remote attacker to execute arbitrary code via sending a crafted web request. Affected Products: HP OpenView Network Node Manager 7.01 HP OpenView Network Node Manager 7.51 HP OpenView Network Node Manager 7.53 Reference IDs: |
| HP.OpenView.NNM.Netmon.Sel.CGI.Variable.Code.Execution Event ID: 23001 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: This indicates an attack attempt against a stack-based buffer-overflow vulnerability in HP OpenView. The vulnerability is caused by an error when the vulnerable software handles an overly long "sel" parameter. It allows a remote attacker to execute arbitrary code via sending a crafted web request. Affected Products: HP OpenView Network Node Manager 7.01 HP OpenView Network Node Manager 7.51 HP OpenView Network Node Manager 7.53 Reference IDs: |
| HP.OpenView.NNM.Snmpviewer.EXE.CGI.Code.Execution Event ID: 23002 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: This indicates an attack attempt against a buffer-overflow vulnerability in HP OpenView. The vulnerability is caused by an error when the vulnerable software handles malicious "act" and "app" parameters. It allows a remote attacker to execute arbitrary code via sending a crafted web request. Affected Products: HP OpenView Network Node Manager 7.01 HP OpenView Network Node Manager 7.51 HP OpenView Network Node Manager 7.53 Reference IDs: |
| MS.Excel.EDG.Publisher.Code.Execution Event ID: 23330 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a code-execution vulnerability in Microsoft Excel. The vulnerability is caused by an error when the vulnerable software handles a malicious .xls file. It allows a remote attacker to execute arbitrary code via sending a crafted .xls file. Affected Products: Excel 2000 and Excel 2002 Reference IDs: |
| MS.Excel.External.Name.Handling.Stack.Buffer.Overrun Event ID: 23328 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Offfice. The vulnerability is caused by an error when the vulnerable software handles an XLS file with a malformed External Name record. It may allow remote attackers to execute arbitrary code by sending a crafted XLS file. Affected Products: Microsoft Office Excel 2002 Service Pack 3 Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Open XML File Format Converter for Mac Reference IDs: |
| MS.IE.Developer.Tools.ActiveX.Code.Execution Event ID: 23313 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a code-execution vulnerability in Microsoft Internet Explorer 8. The vulnerability is caused by an error when the vulnerable software handles a certain COM object that is instantiated as an ActiveX control. It allows a remote attacker to execute arbitrary code via sending a crafted web page. Affected Products: Windows XP Service Pack 2 and Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Vista Service Pack 1 and Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2** Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2** Windows 7 for 32-bit Systems Windows 7 x64 Edition Windows Server 2008 R2 for x64-based Systems** Windows Server 2008 R2 for Itanium-based Systems Reference IDs: |
| MS.IE.SharePoint.toStaticHTML.XSS Event ID: 23316 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates a possible attack against a cross-site-scripting vulnerability in Microsoft Internet Explorer and SharePoint. The vulnerability is due to an error in the vulnerable software when handling the toStaticHTML API. An attacker may exploit this to gain sensitive information bysending a malicious web page. Affected Products: Microsoft Internet Explorer 8 Microsoft Office InfoPath 2003 Service Pack 3 Microsoft Office InfoPath 2007 Service Pack 1 and Microsoft Office InfoPath 2007 Service Pack 2 Microsoft Office SharePoint Server 2007 Service Pack 1&2 (32-bit and 64-bit editions) Microsoft Windows SharePoint Services 3.0 Service Pack 1 and Microsoft Windows SharePoint Services 3.0 Service Pack 2 (32-bit and 64-bit versions) Reference IDs: |
| MS.Windows.Help.Center.Protocol.Malformed.Escape.Sequence Event ID: 23422 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a vulnerability in Microsoft Help and Support Centre. The vulnerability is caused by the vulnerable software failing to sanitize malformed escaped sequences. It may allow a remote attacker to execute arbitrary command via a crafted hcp:// URL. Affected Products: Windows XP Service Pack 2 and Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Reference IDs: |
| MS.Windows.Media.Decompression.Code.Execution Event ID: 23319 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Windows. The vulnerability is caused by an error when the vulnerable software handles a malicious media file. It may allow remote attackers to execute arbitrary code by sending a crafted media file. Affected Products: Quartz.dll (DirectShow) (DirectX 9) when installed on Microsoft Windows 2000 Service Pack 4 Quartz.dll (DirectShow) on Windows XP Service Pack 2 and Windows XP Service Pack 3 Quartz.dll (DirectShow) on Windows XP Professional x64 Edition Service Pack 2 Quartz.dll (DirectShow) on Windows Server 2003 Service Pack 2 Quartz.dll (DirectShow) on Windows Server 2003 x64 Edition Service Pack 2 Quartz.dll (DirectShow) on Windows Vista Service Pack 1 Quartz.dll (DirectShow) on Windows Vista x64 Edition Service Pack 1 Quartz.dll (DirectShow) on Windows Server 2008 for 32-bit Systems** Quartz.dll (DirectShow) on Windows Server 2008 for x64-based Systems** Quartz.dll (DirectShow) on Windows Server 2008 for Itanium-based Systems Windows Media Format Runtime Windows Media Format Runtime 9 on Microsoft Windows 2000 Service Pack 4 Windows Media Format Runtime 9, Windows Media Format Runtime 9.5 and Windows Media Format Runtime 11 on Windows XP Service Pack 2 and Windows XP Service Pack 3 Windows Media Format Runtime 9.5, Windows Media Format Runtime 9.5 x64 Edition and Windows Media Format Runtime 11 when installed on Windows XP Professional x64 Edition Service Pack 2 Windows Media Format Runtime 9.5 when installed on Windows Server 2003 Service Pack 2 Windows Media Format Runtime 9.5 and Windows Media Format Runtime 9.5 x64 Edition when installed on Windows Server 2003 x64 Edition Service Pack 2 Windows Media Encoder 9 Windows Media Encoder 9 x86 when installed on Microsoft Windows 2000 Service Pack 4 Windows Media Encoder 9 x86 when installed on Windows XP Service Pack 2 and Windows XP Service Pack 3 Windows Media Encoder 9 x86 when installed on Windows XP Professional x64 Edition Service Pack 2 Windows Media Encoder 9 x64 when installed on Windows XP Professional x64 Edition Service Pack 2 Windows Media Encoder 9 x86 when installed on Windows Server 2003 Service Pack 2 Windows Media Encoder 9 x64 when installed on Windows Server 2003 Service Pack 2 Windows Media Encoder 9 x64 when installed on Windows Server 2003 x64 Edition Service Pack 2 Windows Media Encoder 9 x86 when installed on Windows Vista Service Pack 1 and Windows Vista Service Pack 2 Windows Media Encoder 9 x86 when installed on Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2 Windows Media Encoder 9 x64 when installed on Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2 Windows Media Encoder 9 x86 when installed on Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 ** Windows Media Encoder 9 x86 when installed on Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2** Windows Media Encoder 9 x64 when installed on Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2** Asycfilt.dll (COM component) Asycfilt.dll (COM component) on Microsoft Windows 2000 Service Pack 4 Asycfilt.dll (COM component) on Windows XP Service Pack 2 and Windows XP Service Pack 3 Asycfilt.dll (COM component) on Windows XP Professional x64 Edition Service Pack 2 Asycfilt.dll (COM component) on Windows Server 2003 Service Pack 2 Asycfilt.dll (COM component) on Windows Server 2003 x64 Edition Service Pack 2 Asycfilt.dll (COM component) on Windows Server 2003 with SP2 for Itanium-based Systems Asycfilt.dll (COM component) on Windows Vista Service Pack 1 Asycfilt.dll (COM component) on Windows Vista x64 Edition Service Pack 1 Asycfilt.dll (COM component) on Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2* Asycfilt.dll (COM component) on Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2* Asycfilt.dll (COM component) on Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2 Asycfilt.dll (COM component) on Windows 7 for 32-bit Systems Asycfilt.dll (COM component) on Windows 7 for x64-based Systems Asycfilt.dll (COM component) on Windows Server 2008 R2 for x64-based Systems* Asycfilt.dll (COM component) on Windows Server 2008 R2 for Itanium-based Systems Reference IDs: |
| MS.Windows.MJPEG.Media.Decompression.Code.Execution Event ID: 23326 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Windows. The vulnerability is caused by an error when the vulnerable software handles a media file with malformed JPEG frames. It may allow remote attackers to execute arbitrary code by sending a crafted media file. Affected Products: Quartz.dll (DirectShow) (DirectX 9) when installed on Microsoft Windows 2000 Service Pack 4 Quartz.dll (DirectShow) on Windows XP Service Pack 2 and Windows XP Service Pack 3 Quartz.dll (DirectShow) on Windows XP Professional x64 Edition Service Pack 2 Quartz.dll (DirectShow) on Windows Server 2003 Service Pack 2 Quartz.dll (DirectShow) on Windows Server 2003 x64 Edition Service Pack 2 Quartz.dll (DirectShow) on Windows Vista Service Pack 1 Quartz.dll (DirectShow) on Windows Vista x64 Edition Service Pack 1 Quartz.dll (DirectShow) on Windows Server 2008 for 32-bit Systems Quartz.dll (DirectShow) on Windows Server 2008 for x64-based Systems Quartz.dll (DirectShow) on Windows Server 2008 for Itanium-based Systems Reference IDs: |
| SNMP.Trap.Service.GET.Request.DoS Event ID: 12612 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description:
Affected Products: Any unprotected implementation of SNMPv1 is vulnerable to the attack. Reference IDs: |
High ( 44 )
| Adobe.Flash.Player.Air.DLL.Memory.Corruption Event ID: 23390 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a code-execution vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It allows a remote attacker to execute arbitrary code. Affected Products: Adobe Flash Player version 10.0.45.2 and prior Reference IDs: |
| Adobe.Flash.Player.AVM2.getouterscope.Opcode.Code.Execution Event ID: 23405 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates a possible attack against a remote-code-execution vulnerability in Adobe's ActionScript Virtual Machine. The vulnerability is caused by an error when the vulnerable software handles a malicious Flash file. An attacker may exploit this by sending a malicious Flash file. Affected Products: Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris Adobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux Reference IDs: |
| Adobe.Flash.Player.Embeded.Image.Memory.Corruption Event ID: 23407 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a code-execution vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It may allow a remote attacker to execute arbitrary code. Affected Products: Adobe Flash Player version 10.0.45.2 and prior Reference IDs: |
| Adobe.Flash.Player.Flash10e.ocx.Unspecified.Buffer.Overflow Event ID: 23412 |
Release Date: Jun 14, 2010 IPS Definitions DB Version: 2.822 |
|
Description: This indicates an attack attempt against a buffer-overflow vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It allows an attacker to execute arbitrary code via sending a malicious .swf file. Affected Products: Adobe Flash Player version 10.0.45.2 Other versions may also be affected Reference IDs: |
| Adobe.Flash.Player.LocalConnection.Memory.Corruption Event ID: 23392 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a function call multiple times with malformed parameters. It could allow a remote attacker to execute arbitrary code via sending a crafted SWF file. Affected Products: Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris Reference IDs: |
| Adobe.Flash.Player.Malformed.SWF.Memory.Corruption Event ID: 23416 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malformed SWF file. It could allow a remote attacker to execute arbitrary code. Affected Products: Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris Reference IDs: |
| Adobe.Flash.Player.Out.Of.Bounds.Memory.Indexing Event ID: 23410 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates a possible attack against a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious Flash file. An attacker may exploit this by sending a malicious Flash file. Affected Products: Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris Adobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux Reference IDs: |
| Adobe.Flash.Player.Unspecified.Dividing.Zero.Exception Event ID: 23411 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a dividing-zero vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It allows a remote attacker to execute arbitrary code. Affected Products: Adobe Flash Player version 10.0.45.2 and prior Reference IDs: |
| Adobe.Flash.Player.Unspecified.Module.Memory.Corruption Event ID: 23408 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It may allow a remote attacker to execute arbitrary code. Affected Products: Adobe Flash Player 10.0.45.2 and prior versions Reference IDs: |
| Adobe.Flash.Player.Unspecified.MSB.Memory.Corruption Event ID: 23420 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It allows a remote attacker to execute arbitrary code. Affected Products: Adobe Flash Player 10.0.45.2 and prior versions Reference IDs: |
| Adobe.Flash.Player.Unspecified.SR.Code.Execution Event ID: 23401 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a code-execution vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It allows a remote attacker to execute arbitrary code via sending a crafted .swf file. Affected Products: Adobe Flash Player version 10.0.45.2 Reference IDs: |
| Adobe.Flash.Player.Unspecified.SR.Memory.Corruption Event ID: 23415 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. It allows a remote attacker to execute arbitrary code. Affected Products: Adobe Flash Player version 10.0.45.2 and prior Reference IDs: |
| Adobe.Flash.Player.Use.After.Free.Memory.Corruption Event ID: 23417 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates a possible attack against a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious Flash file. An attacker may exploit this by sending a malicious Flash file. Affected Products: Adobe Flash Player version 10.0.45.2 Other versions may also be affected Reference IDs: |
| Backdoor.AOL.Admin.Server Event ID: 23071 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the AOL Admin Server backdoor trojan. The AOL Admin Server backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.Big.Gluck Event ID: 23070 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the Big Gluck backdoor trojan. The Big Gluck backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.Blazer Event ID: 23129 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the Blazer 5 backdoor trojan. The Blazer 5 backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.Bugs Event ID: 23130 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the Bugs backdoor trojan. The Bugs backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.CMD.Reverse.Shell Event ID: 23084 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the CMD.EXE reverse shell. CMD.EXE reverse shell is classified as a remote shell with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.Coma Event ID: 23116 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the Coma backdoor trojan. The Coma backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.Delta.Source.Variant Event ID: 23093 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the Delta Source backdoor trojan. The Delta Source backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.Donald.Dick Event ID: 23118 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the Donald Dick backdoor trojan. The Donald Dick backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.Forced.Entry Event ID: 23072 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the Forced Entry backdoor trojan. The Forced Entry backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.GateCrasher Event ID: 23095 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the GateCrasher backdoor trojan. The GateCrasher backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.HVL.RAT Event ID: 23120 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the HVL RAT backdoor trojan. The HVL RAT backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.IRC.Register Event ID: 23026 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the IRC backdoor trojan. The IRC backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.Netspy Event ID: 23096 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the Netspy backdoor trojan. The Netspy backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| Backdoor.Phase.Zero Event ID: 23022 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates detection of the Phase Zero backdoor trojan. Phase Zero backdoor is classified as a trojan with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system. Affected Products: N/A |
| CommuniCrypt.Mail.SMTP.ActiveX.Stack.Overflow Event ID: 23099 |
Release Date: Jun 08, 2010 IPS Definitions DB Version: 2.818 |
|
Description: This indicates a possible attack against a buffer-overflow vulnerability in CommuniCrypt Mail 1.16. The vulnerability is in the ANSMTP.dll/AOSMTP.dll ActiveX Control. An attacker may exploit this to execute arbitrary code by sending an overly long string to the "AddAttachments()" method. Affected Products: CommuniCrypt Mail 1.16 |
| Free.MP3.CD.Ripper.Buffer.Overflow Event ID: 23214 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: This indicates an attack attempt against a buffer-overflow vulnerability in Free MP3 CD Ripper. The vulnerability is caused by an error when the vulnerable software handles a malicious .wav file. It allows a remote attacker to execute arbitrary code via sending a crafted wav file. Affected Products: Free MP3 CD Ripper 2.6 is vulnerable. Other versions may also be affected. Reference IDs: |
| HTTP.Accept-Language.Header.XSS Event ID: 19426 |
Release Date: Jun 10, 2010 IPS Definitions DB Version: 2.820 |
|
Description: Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted 'Accept-Language headers that do not conform to RFC 2616'. Affected Products: Apache Software Foundation Tomcat 6.0.13 Apache Software Foundation Tomcat 6.0.12 Apache Software Foundation Tomcat 6.0.11 Apache Software Foundation Tomcat 6.0.10 Apache Software Foundation Tomcat 6.0.5 Apache Software Foundation Tomcat 6.0.4 Apache Software Foundation Tomcat 6.0.3 Apache Software Foundation Tomcat 6.0.2 Apache Software Foundation Tomcat 6.0.1 Apache Software Foundation Tomcat 6.0 Apache Software Foundation Tomcat 5.5.20 Apache Software Foundation Tomcat 5.5.19 Apache Software Foundation Tomcat 5.5.18 Apache Software Foundation Tomcat 5.5.17 Apache Software Foundation Tomcat 5.5.16 Apache Software Foundation Tomcat 5.5.15 Apache Software Foundation Tomcat 5.5.14 Apache Software Foundation Tomcat 5.5.13 Apache Software Foundation Tomcat 5.5.12 Apache Software Foundation Tomcat 5.5.11 Apache Software Foundation Tomcat 5.5.10 Apache Software Foundation Tomcat 5.5.2 Apache Software Foundation Tomcat 5.5.1 Apache Software Foundation Tomcat 5.5 Apache Software Foundation Tomcat 5.0.30 Apache Software Foundation Tomcat 5.0.16 Apache Software Foundation Tomcat 5.0.15 Apache Software Foundation Tomcat 5.0.14 Apache Software Foundation Tomcat 5.0.13 Apache Software Foundation Tomcat 5.0.12 Apache Software Foundation Tomcat 5.0.11 Apache Software Foundation Tomcat 5.0.10 Apache Software Foundation Tomcat 5.0.3 Apache Software Foundation Tomcat 5.0.2 Apache Software Foundation Tomcat 5.0.1 Apache Software Foundation Tomcat 4.1.34 Apache Software Foundation Tomcat 4.1 Apache Software Foundation Tomcat 4.0.6 Apache Software Foundation Tomcat 4.0.5 Apache Software Foundation Tomcat 4.0.4 Apache Software Foundation Tomcat 4.0.3 Apache Software Foundation Tomcat 4.0.2 Apache Software Foundation Tomcat 4.0.1 Apache Software Foundation Tomcat 4.0 Apache Software Foundation Tomcat 5.0 Reference IDs: |
| MicroWorld.eScan.Products.Remote.Command.Execution Event ID: 23160 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates an attack attempt against a command-execution vulnerability in MicroWorld eScan Products. The vulnerability is caused by an error when the vulnerable software handles a malicious POST request. It allows a remote attacker to execute arbitrary code via sending a crafted request. Affected Products: The following products versions prior to 4.1.x: eScan for Linux Desktop eScan for Linux File Servers MailScan for Linux Mailservers WebScan for Linux Proxy Servers Reference IDs: |
| MS.Excel.BIFF5.LBL.Record.Stack.Corruption Event ID: 23324 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a stack-corruption vulnerability in Microsoft Office Excel. The vulnerability is caused by improper bounds checking when the vulnerable software handles an Excel file containing a malformed "LBL" record. It could allow a remote attacker to execute arbitrary code and take complete control of an affected system. Affected Products: Microsoft Office XP Service Pack 3 Microsoft Office 2003 Service Pack 3 2007 Microsoft Office System Service Pack 1 2007 Microsoft Office System Service Pack 2 Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Open XML File Format Converter for Mac Reference IDs: |
| MS.Excel.BIFF5.String.Variable.Buffer.Overrun Event ID: 23335 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a buffer-overrun vulnerability in Microsoft Office Excel. The vulnerability is caused by improper bounds checking when the vulnerable software handles an Excel file containing a malformed ExternSheet record. It could allow a remote attacker to execute arbitrary code and take complete control of an affected system. Affected Products: Microsoft Office Excel 2002 Service Pack 3 Microsoft Office Excel 2003 Service Pack 3 Microsoft Office Excel 2007 Service Pack 1 Microsoft Office Excel 2007 Service Pack 2 Microsoft Office for Mac Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Open XML File Format Converter for Mac Reference IDs: |
| MS.Excel.DBQueryExt.Record.Memory.Corruption Event ID: 23337 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Office Excel. The vulnerability is caused by improper bounds checking when the vulnerable software handles an Excel file containing a malformed DBQueryExt record. It could allow a remote attacker to execute arbitrary code and take complete control of an affected system. Affected Products: Excel 2000 Excel 2002 Excel 2007 Reference IDs: |
| MS.Excel.HFPicture.Record.Length.Memory.Corruption Event ID: 23336 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Office Excel. The vulnerability is caused by an error when the vulnerable software handles a specially crafted Excel file. It allows a remote attacker to execute arbitrary code. Affected Products: Microsoft Office Excel 2002 Service Pack 3 Microsoft Office for Mac Reference IDs: |
| MS.Excel.Object.LBSDropData.Stack.Overflow Event ID: 23322 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a buffer-overflow vulnerability in Microsoft Office Excel. The vulnerability is caused by an error when the vulnerable software handles a specially crafted Excel file. It allows a remote attacker to execute arbitrary code. Affected Products: Microsoft Office Excel 2002 Service Pack 3 Microsoft Office for Mac Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Reference IDs: |
| MS.Excel.RealTimeData.Record.IchSamePrefix.Memory.Corruption Event ID: 23333 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Office Excel. The vulnerability is caused by an error when the vulnerable software handles a specially crafted Excel file. It allows a remote attacker to execute arbitrary code. Affected Products: Microsoft Office Excel 2002 Service Pack 3 Microsoft Office for Mac Reference IDs: |
| MS.Excel.RealTimeData.Record.StTopic.Memory.Corruption Event ID: 23329 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Office Excel. The vulnerability is caused by an error when the vulnerable software handles a specially crafted Excel file. It allows a remote attacker to execute arbitrary code. Affected Products: Microsoft Office Excel 2002 Service Pack 3 Reference IDs: |
| MS.Excel.Sxview.Record.Colfirst.Memory.Corruption Event ID: 23312 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Office Excel. The vulnerability is caused by an error when the vulnerable software handles a specially crafted Excel file. It allows a remote attacker to execute arbitrary code. Affected Products: Microsoft Office Excel 2002 Service Pack 3 Microsoft Office Excel 2003 Service Pack 3 Microsoft Office Excel 2007 Service Pack 1 Microsoft Office Excel 2007 Service Pack 2 Microsoft Office for Mac Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Reference IDs: |
| MS.Excel.Sxview.Record.iCache.Memory.Corruption Event ID: 23327 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Office Excel. The vulnerability is caused by an error when the vulnerable software handles a specially crafted Excel file. It allows a remote attacker to execute arbitrary code. Affected Products: Microsoft Office Excel 2002 Service Pack 3 Microsoft Office for Mac Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Reference IDs: |
| MS.Excel.WOpt.Record.Memory.Corruption Event ID: 23325 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Office Excel. The vulnerability is caused by an error when the vulnerable software handles a specially crafted Excel file. It allows a remote attacker to execute arbitrary code. Affected Products: Microsoft Office Excel 2002 Service Pack 3 Microsoft Office for Mac Reference IDs: |
| PhotoFiltre.Studio.Buffer.Overflow Event ID: 23181 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates an attack attempt against a buffer-overflow vulnerability in PhotoFiltre Studio. The vulnerability is caused by an error when the vulnerable software handles a malicious .tif file. It allows a remote attacker to execute arbitrary code via sending a crafted .tif file. Affected Products: Photofiltre Studio versions 8.1.1 and 10.3.0; other versions may also be affected. Reference IDs: |
| Wireshark.PN.DCP.Data.Format.String Event ID: 23156 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates an attack attempt to exploit a format-string vulnerability in Wireshark. The vulnerability is caused by an error when the vulnerable software handles a malicious PN-DCP packet. It allows a remote attacker to crash the application or execute arbitrary code via sending a crafted PN-DCP packet. Affected Products: Wireshark Wireshark 1.0.6 Wireshark Wireshark 1.0.5 Wireshark Wireshark 1.0.4 Wireshark Wireshark 1.0.3 Wireshark Wireshark 1.0.2 Wireshark Wireshark 1.0.1 Wireshark Wireshark 1.0 Wireshark Wireshark 0.99.8 Wireshark Wireshark 0.99.7 Wireshark Wireshark 0.99.6 Wireshark Wireshark 0.99.5 Wireshark Wireshark 0.99.4 Wireshark Wireshark 0.99.3 Wireshark Wireshark 0.99.2 Wireshark Wireshark 0.99.1 Wireshark Wireshark 0.99 Reference IDs: |
| XML.Signature.HMAC.Truncation.Authentication.Bypass Event ID: 23334 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt to exploit an authentication-bypass vulnerability in multiple products. The vulnerability is caused by the improper way that the W3C XML Signature Syntax and Processing (XMLDsig) recommendation. It could allow an attacker to tamper with signed XML content without being detected. Affected Products: Microsoft .NET Framework 1.1 Service Pack 1 Microsoft .NET Framework 1.0 Service Pack 3 Microsoft .NET Framework 2.0 Service Pack 1 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 Service Pack 1 Microsoft .NET Framework 3.5.1 Other products may also be affected. Reference IDs: |
Medium ( 22 )
| Adobe.Flash.ASnative.NULL.Pointer.DoS Event ID: 23115 |
Release Date: Jun 10, 2010 IPS Definitions DB Version: 2.820 |
|
Description: This indicates an attack attempt to exploit a denial-of-service vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious Flash file. It allows a remote attacker to crash the application via sending a crafted Flash file. Affected Products: Adobe Flash 9/10 |
| Adobe.Flash.Player.Flash10c.ocx.Memory.Corruption Event ID: 23389 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates a possible attack against a memory-exhaustion vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious Flash file. It allows a remote attacker to execute arbitrary code or cause a denial-of-service condition. Affected Products: Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris Adobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux Reference IDs: |
| Adobe.Flash.Player.Flash10e.ocx.1.Memory.Corruption Event ID: 23404 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt to exploit a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. An attacker may exploit this by sending a malicious .swf file. Affected Products: Adobe Flash Player version 10.0.45.2 Other versions may also be affected Reference IDs: |
| Adobe.Flash.Player.Flash10e.ocx.2.Memory.Corruption Event ID: 23400 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates an attack attempt to exploit a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .swf file. An attacker may exploit this by sending a malicious .swf file. Affected Products: Adobe Flash Player version 10.0.45.2 Other versions may also be affected Reference IDs: |
| Adobe.Flash.Player.Flash10e.ocx.Zero.Memory.Corruption Event ID: 23409 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates a possible attack against a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious Flash file. An attacker may exploit this by sending a malicious Flash file. Affected Products: Adobe Flash Player version 10.0.45.2 Other versions may also be affected Reference IDs: |
| Adobe.Flash.Player.PlayerDestroy.IJG.Memory.Corruption Event ID: 23402 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: This indicates a possible attack against a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious Flash file. It allows a remote attacker to execute arbitrary code via sending a crafted Flash file. Affected Products: Adobe Flash Player version 10.0.45.2 Other versions may also be affected Reference IDs: |
| Adobe.Flash.Player.SWF.Version.Null.Pointer.Dereference.DoS Event ID: 23428 |
Release Date: Jun 14, 2010 IPS Definitions DB Version: 2.822 |
|
Description: This indicates an attack attempt against a denial-of-service vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles two responses for the same HTTP request, which includes SWF files with different version numbers. It allows a remote attacker to crash the vulnerable software via sending two crafted HTTP responses. Affected Products: Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris Adobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux Reference IDs: |
| Adobe.Flash.Player.Unspecified.Zero.Memory.Corruption Event ID: 23413 |
Release Date: Jun 11, 2010 IPS Definitions DB Version: 2.821 |
|
Description: This indicates a possible attack against a memory-corruption vulnerability in Adobe Flash Player. The vulnerability is caused by an error when the vulnerable software handles a malicious Flash file. An attacker may exploit this by sending a malicious Flash file. Affected Products: Adobe Flash Player version 10.0.45.2 Other versions may also be affected Reference IDs: |
| Apple.Mac.OSX.Safari.HTML.Tag.Handling.DoS Event ID: 23079 |
Release Date: Jun 08, 2010 IPS Definitions DB Version: 2.818 |
|
Description: This indicates an attack attempt to exploit a denial-of-service vulnerability in Apple Safari. The vulnerability is caused by an error in the KWQListIteratorImpl::KWQListIteratorImpl(), QPainter::drawText(), and objc_msgSend_rtp() functions when handling an IFRAME tag with SCROLLING attributes or SRC attributes with no value. It allows a remote attacker to crash the vulnerable software via sending a crafted web page. Affected Products: Apple Safari 2.0.3 Apple Safari 2.0.2 Apple Safari 2.0.1 Apple Mobile Safari 0 Apple Mac OS X Server 10.4.6 Apple Mac OS X Server 10.4.5 Apple Mac OS X Server 10.4.4 Apple Mac OS X Server 10.4.3 Apple Mac OS X Server 10.4.2 Apple Mac OS X Server 10.4.1 Apple Mac OS X Server 10.4 Apple Mac OS X Server 10.3.9 Apple Mac OS X Server 10.3.8 Apple Mac OS X Server 10.3.7 Apple Mac OS X Server 10.3.6 Apple Mac OS X Server 10.3.5 Apple Mac OS X Server 10.3.4 Apple Mac OS X Server 10.3.3 Apple Mac OS X Server 10.3.2 Apple Mac OS X Server 10.3.1 Apple Mac OS X Server 10.3 Apple Mac OS X 10.4.6 Apple Mac OS X 10.4.5 Apple Mac OS X 10.4.4 Apple Mac OS X 10.4.3 Apple Mac OS X 10.4.2 Apple Mac OS X 10.4.1 Apple Mac OS X 10.4 Apple Mac OS X 10.3.9 Apple Mac OS X 10.3.8 Apple Mac OS X 10.3.7 Apple Mac OS X 10.3.6 Apple Mac OS X 10.3.5 Apple Mac OS X 10.3.4 Apple Mac OS X 10.3.3 Apple Mac OS X 10.3.2 Apple Mac OS X 10.3.1 Apple Mac OS X 10.3 Reference IDs: |
| Apple.Safari.Feed.URI.DoS Event ID: 23091 |
Release Date: Jun 08, 2010 IPS Definitions DB Version: 2.818 |
|
Description: This indicates an attack attempt to exploit a denial-of-service vulnerability in Apple Safari. The vulnerability is caused by an error when the vulnerable software handles a malicious "feed://" url. It allows a remote attacker to crash the application via sending a crafted web page. Affected Products: Apple Safari 3 Beta for Windows Reference IDs: |
| Apple.WebKit.WebCore.HTML.Parsing.DoS Event ID: 23100 |
Release Date: Jun 08, 2010 IPS Definitions DB Version: 2.818 |
|
Description: This indicates an attack attempt to exploit a denial-of-service vulnerability in Apple WebKit. The vulnerability is caused by an error when WebCore handles a TD element with a malicious ROWSPAN attribute. It allows a remote attacker to crash the application via sending a crafted web page. Affected Products: Omni Group OmniWeb 5.5.3 Apple WebKit build 18794 Apple Safari 2.0.4 Apple Mac OS X Server 10.4.8 Apple Mac OS X 10.4.8 Reference IDs: |
| Asterisk.Chan_iax2.IAX2.Control.Frame.DoS Event ID: 23078 |
Release Date: Jun 08, 2010 IPS Definitions DB Version: 2.818 |
|
Description: This indicates an attack attempt against a denial-of-service vulnerability in the IAX2 channel driver (chan_iax2) in Asterisk. The vulnerability is caused by an error when the vulnerable software handles a specially crafted packet. It allows a remote attacker to cause a denial of service. Affected Products: Asterisk s800i Appliance 1.0.1 Asterisk s800i Appliance 1.0 Asterisk AsteriskNow Beta 6 Asterisk AsteriskNow Beta 5 Asterisk Asterisk Business Edition B.2.2.0 Asterisk Asterisk Business Edition B.1.3.3 Asterisk Asterisk Business Edition B.1.3.2 Asterisk Asterisk Business Edition A Asterisk Asterisk Appliance Developer Kit 0.4 Asterisk Asterisk 1.4.7 Asterisk Asterisk 1.4.4 Asterisk Asterisk 1.4.3 Asterisk Asterisk 1.4.2 Asterisk Asterisk 1.4.1 Asterisk Asterisk 1.2.21 Asterisk Asterisk 1.2.19 Asterisk Asterisk 1.2.18 Asterisk Asterisk 1.2.17 Asterisk Asterisk 1.2.16 Asterisk Asterisk 1.2.15 Asterisk Asterisk 1.2.14 Asterisk Asterisk 1.2.13 Asterisk Asterisk 1.2.11 Asterisk Asterisk 1.2.11 Asterisk Asterisk 1.2.10 Asterisk Asterisk 1.2 .0-beta2 Asterisk Asterisk 1.2 .0-beta1 Asterisk Asterisk 1.0.12 Asterisk Asterisk 1.0.11 Asterisk Asterisk 1.0.10 Asterisk Asterisk 1.0.9 Asterisk Asterisk 1.0.8 Asterisk Asterisk 1.0.7 Asterisk Asterisk 1.0.6 Asterisk Asterisk 1.0 Asterisk Asterisk B.2.1 Asterisk Asterisk 1.4 Beta Asterisk Appliance Developers Kit 0.3 Reference IDs: |
| Asterisk.Chan_skinny.Large.Memcpy.DoS Event ID: 23083 |
Release Date: Jun 08, 2010 IPS Definitions DB Version: 2.818 |
|
Description: This indicates an attack attempt against a denial-of-service vulnerability in the Skinny channel driver (chan_skinny) in Asterisk. The vulnerability is caused by an error when the vulnerable software handles a certain data length value in a crafted packet. It allows a remote attacker to cause a denial of service. Affected Products: Asterisk AsteriskNow Beta 6 Asterisk AsteriskNow Beta 5 Asterisk Asterisk Business Edition B.2.2.0 Asterisk Asterisk Business Edition B.1.3.3 Asterisk Asterisk Business Edition B.1.3.2 Asterisk Asterisk Business Edition A Asterisk Asterisk Appliance Developer Kit 0.4 Asterisk Asterisk 1.4.7 Asterisk Asterisk 1.4.4 Asterisk Asterisk 1.4.3 Asterisk Asterisk 1.4.2 Asterisk Asterisk 1.4.1 Asterisk Asterisk 1.2.21 Asterisk Asterisk 1.2.19 Asterisk Asterisk 1.2.18 Asterisk Asterisk 1.2.17 Asterisk Asterisk 1.2.16 Asterisk Asterisk 1.2.15 Asterisk Asterisk 1.2.14 Asterisk Asterisk 1.2.13 Asterisk Asterisk 1.2.11 Asterisk Asterisk 1.2.11 Asterisk Asterisk 1.2.10 Asterisk Asterisk 1.2 .0-beta2 Asterisk Asterisk 1.2 .0-beta1 Asterisk Asterisk 1.0.12 Asterisk Asterisk 1.0.11 Asterisk Asterisk 1.0.10 Asterisk Asterisk 1.0.9 Asterisk Asterisk 1.0.8 Asterisk Asterisk 1.0.7 Asterisk Asterisk 1.0.6 Asterisk Asterisk 1.0 Asterisk Asterisk B.2.1 Asterisk Asterisk 1.4 Beta Asterisk Appliance Developers Kit 0.3 Reference IDs: |
| Mozilla.Firefox.NsSessionStore.js.Arbitrary.File.Access Event ID: 23216 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: This indicates an attack attempt to exploit an arbitrary file-accessing vulnerability in Mozilla FireFox. The vulnerability is caused by an error when the vulnerable software handles an HTML file with a malicious "input" element. It allows a remote attacker to read arbitrary files from the vulnerable system via sending a crafted web page. Affected Products: Firefox before 3.0.6 Reference IDs: |
| MS.Sharepoint.Help.Page.DoS Event ID: 23317 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates an attack attempt against a denial-of-service vulnerability in Sharepoint. The vulnerability is caused by an error when the vulnerable software handles a malicious request. It allows a remote attacker to cause the web server to become non-responsive via sending crafted web page. Affected Products: Microsoft Windows SharePoint Services 3.0 Service Pack 1 and Microsoft Windows SharePoint Services 3.0 Service Pack 2 (32-bit versions) Microsoft Windows SharePoint Services 3.0 Service Pack 1 and Microsoft Windows SharePoint Services 3.0 Service Pack 2 (64-bit versions) Reference IDs: |
| Opera.Kengen.Element.DoS Event ID: 23215 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: This indicates an attack attempt to exploit a denial-of-service vulnerability in Opera. The vulnerability is caused by an error when the vulnerable software handles an HTML file with a malicious KEYGEN element. It allows a remote attacker to crash the application via sending a crafted web page. Affected Products: Opera 9.52 and the prior version Reference IDs: |
| SIP.BYE.Message.Also.Transfer.Method.DoS Event ID: 23136 |
Release Date: Jun 10, 2010 IPS Definitions DB Version: 2.820 |
|
Description: This indicates an attack attempt against a denial-of-service vulnerability in the SIP channel driver in Asterisk. The vulnerability is caused by an error when the vulnerable software handles a specially crafted BYE message with an Also (Also transfer) header. It allows a remote attacker to trigger a NULL pointer dereference and cause a denial of service. Affected Products: Asterisk Open Source versions prior to 1.4.17 Asterisk Business Edition versions prior to C.1.0-beta8 AsteriskNOW versions prior to beta7 Asterisk Appliance Developer Kit Asterisk Appliance s800i versions prior to 1.0.3.4 Reference IDs: |
| SIP.Invite.Invalid.IP4.DoS Event ID: 15266 |
Release Date: Jun 10, 2010 IPS Definitions DB Version: 2.820 |
|
Description: This indicates an attack attempt against a denial-of-service vulnerability in the channel driver in Asterisk. The vulnerability is caused by an error when the vulnerable software handles a specially crafted SIP INVITE message. It allows a remote attacker to cause a denial of service. Affected Products: Asterisk Asterisk 1.4.1 Asterisk Asterisk 1.2.16 Asterisk Asterisk 1.2.15 Asterisk Asterisk 1.2.14 Reference IDs: |
| Sun.Java.Class.Validator.Abort.DoS Event ID: 23119 |
Release Date: Jun 10, 2010 IPS Definitions DB Version: 2.820 |
|
Description: This indicates an attack attempt to exploit a denial-of-service vulnerability in Sun Java. The vulnerability is caused by an error when the vulnerable software handles a malicious Java applet. It allows a remote attacker to crash the application via sending a crafted web page. Affected Products: Sun Java 1.6.0 |
| Sun.Java.Class.Validator.strlen.DoS Event ID: 23121 |
Release Date: Jun 10, 2010 IPS Definitions DB Version: 2.820 |
|
Description: This indicates an attack attempt to exploit a denial-of-service vulnerability in Sun Java. The vulnerability is caused by an error when the vulnerable software handles a malicious Java applet. It allows a remote attacker to crash the application via sending a crafted web page. Affected Products: Sun Java 1.6.0 |
| SUN.Solaris.DHCP.Malformed.BOOTP.Packet.DoS Event ID: 23137 |
Release Date: Jun 10, 2010 IPS Definitions DB Version: 2.820 |
|
Description: This indicates an attack attempt to exploit a denial-of-service vulnerability in Sun Solaris. The vulnerability is caused by an error when the DHCP server daemon handles malicious DHCP requests. It allows a remote attacker to crash the application via sending a crafted DHCP request packet. Affected Products: Sun Solaris 8 Sun Solaris 9 Sun Solaris 10 Sun OpenSolaris builds snv_01 through snv_102 Reference IDs: |
| Yahoo.Toolbar.Helper.Class.ActiveX.Control.Access Event ID: 23073 |
Release Date: Jun 08, 2010 IPS Definitions DB Version: 2.818 |
|
Description: This indicates an attack attempt to exploit a denial-of-service vulnerability in Yahoo! Toolbar. The vulnerability is located in the "yt.ythelper.2" ActiveX control through misuse of the "c" property. It may allow remote attackers to crash the application using the affected ActiveX control. Affected Products: Yahoo! Toolbar 1.4.1 Reference IDs: |
Low ( 8 )
| Asterisk.Skinny.Channel.Driver.Remote.DoS Event ID: 23080 |
Release Date: Jun 08, 2010 IPS Definitions DB Version: 2.818 |
|
Description: This indicates an attack attempt against a denial-of-service vulnerability in the Skinny channel driver (chan_skinny) in Asterisk. The vulnerability is caused by an error when the vulnerable software handles a specially crafted packet. It allows a remote attacker to cause a denial of service. Affected Products: Asterisk s800i Appliance 1.0.2 Asterisk s800i Appliance 1.0.1 Asterisk s800i Appliance 1.0 Asterisk AsteriskNow Beta 6 Asterisk AsteriskNow Beta 5 Asterisk Asterisk Appliance Developer Kit 0.6 Asterisk Asterisk Appliance Developer Kit 0.5 Asterisk Asterisk Appliance Developer Kit 0.4 Asterisk Asterisk Appliance Developer Kit 0.3 Asterisk Asterisk Appliance Developer Kit 0.2 Asterisk Asterisk 1.4.9 Asterisk Asterisk 1.4.8 Asterisk Asterisk 1.4.7 Asterisk Asterisk 1.4.4 Asterisk Asterisk 1.4.3 Asterisk Asterisk 1.4.2 Asterisk Asterisk 1.4.1 Asterisk Asterisk 1.4 Beta Reference IDs: |
| KDE.Konqueror.Javascript.Iframe.DoS Event ID: 23218 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: This indicates an attack attempt against a null-pointer-dereference vulnerability in ecma/kjs_html.cpp of KDE JavaScript. This vulnerability is caused by an error in the vulnerable software when handling malformed iframe contents. A remote attacker may exploit this by sending a crafted web page, causing a denial-of-service condition. Affected Products: KDE 3.5.5 KDE 3.5.4 Reference IDs: |
| Mozilla.Firefox.XUL.Tree.Node.Removal Event ID: 19014 |
Release Date: Jun 08, 2010 IPS Definitions DB Version: 2.818 |
|
Description: This indicates an attack attempt against a unspecified vulnerability in Mozilla Firefox. The vulnerability is caused by an error when the vulnerable software handles a specially crafted webpage. It allows a remote attacker to cause a denial of service (crash) and potentially execute arbitrary code. Affected Products: Mozilla Firefox 2.0.1 and previous versions Reference IDs: |
| MS.FrontPage.Server.Extensions.MS-DOS.Device.Name.DoS Event ID: 23035 |
Release Date: Jun 15, 2010 IPS Definitions DB Version: 2.823 |
|
Description: This indicates an attack attempt against a denial-of-service vulnerability in the shtml.exe component of Microsoft FrontPage. The vulnerability is caused by an error when the vulnerable software handles a specially crafted URL whose name includes a standard DOS device name. It allows a remote attacker to cause a denial of service. Affected Products: Microsoft FrontPage 2000 Server Extensions SR 1.1 Reference IDs: |
| MS.IE.StructuredGraphics.DoS Event ID: 12032 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: Microsoft Internet Explorer allows remote attackers to cause a denial of service by declaring the sourceURL attribute on an uninitialized DirectAnimation.StructuredGraphicsControl ActiveX Object. This flaw is due to a NULL pointer dereference error in the Microsoft DirectAnimation Structured Graphics control ("daxctle.ocx") when handling a specially crafted "SourceURL" parameter. This bug can be exploited by attackers to crash a vulnerable browser by tricking a user into visiting a malicious web page. Affected Products: Microsoft Internet Explorer 5.0.1 SP4 Microsoft Internet Explorer 6.0 Microsoft Internet Explorer 6.0 SP1 ? SP2 Reference IDs: |
| MS.IE.Stylesheet.Uninitialized.Memory.Corruption Event ID: 23321 |
Release Date: Jun 09, 2010 IPS Definitions DB Version: 2.819 |
|
Description: This indicates a possible attack against a memory-corruption vulnerability in Microsoft Internet Explorer. This vulnerability is in the importing of CStyleSheet. A remote attacker may exploit this to execute arbitrary code or cause a denial of service. Affected Products: Microsoft Internet Explorer 8 Reference IDs: |
| MS.IE.Sysmon.DoS Event ID: 23258 |
Release Date: Jun 17, 2010 IPS Definitions DB Version: 2.825 |
|
Description: This indicates a an attack attempt against a denial-of-service vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an error in the vulnerable software when handling the "Sysmon" ActiveX control. An attacker can exploit this by sending a malicious web page containing the ActiveX control "Sysmon". Affected Products: Microsoft Internet Explorer, vulnerable versions unclear. |
| Nokia.N95.Jpeg.File.Crash Event ID: 23092 |
Release Date: Jun 08, 2010 IPS Definitions DB Version: 2.818 |
|
Description: This indicates a possible attack against a denial-of-service vulnerability in the Nokia N95 device which could be exploited by sending a malicious .jpg file. Affected Products: Nokia N95 |
Top of Section
Enhanced Coverage
The FortiGuard Threat Research team updates security content as new vectors of exploitation are discovered. The table below details the security content enhanced with this release.
Critical ( 10 )
| Event Name | Revision Notes |
|---|---|
| Adobe.0day.23305 | Detection Enhanced Previous name: "Adobe.0day.23305" |
| Adobe.Flash.Player.AVM2.ActionScript.Memory.Corruption | Previous name: "FG-VD-10-001-Adobe" |
| Adobe.Flash.Player.AVM2.KeyboardEvent.Memory.Corruption | Previous name: "FG-VD-10-019-Adobe" |
| Adobe.Photoshop.Style.Layer.Code.Execution | Detection Enhanced |
| Java.Deployment.Toolkit.Launch.Method.Access | Detection Enhanced |
| MS.Windows.Help.Center.Protocol.Malformed.Escape.Sequence | Detection Enhanced |
| MS.Windows.Media.Services.Stack.Buffer.Overflow | Detection Enhanced |
| MS.Windows.MPEG.Layer3.Audio.Decoder.Stack.Overflow | Detection Enhanced |
| SAP.Crystal.Reports.Path.Traversal | Previous name: "Crystal.Reports.Path.Traversal" |
High ( 3 )
| Event Name | Revision Notes |
|---|---|
| MS.Excel.StartObject.Pair.Memory.Corruption | Detection Enhanced Previous name: "FG-VD-09-030-Microsoft" |
| MS.IE.AxDebugger.Document.ActiveX.Control.Access | Previous name: "MS.IE.AxDebugger.Document.1.Active... |
| MS.Office.XP.HTML.Link.Processing.Buffer.Overflow | Detection Enhanced |
Medium ( 9 )
| Event Name | Revision Notes |
|---|---|
| Apache.HTTP.Exhaust.Connection.DoS | Detection Enhanced |
| Backdoor.EvilFTP | Detection Enhanced |
| HTTP.Malformed.Request.DoS | Detection Enhanced |
| MS.Exchange.Server.Attendant.DoS | Detection Enhanced |
| MS.IE.DirectAnimation.DAUserData.ActiveX.Control.Access | Previous name: "MS.IE.DirectAnimation.DAUserData.A... |
| MS.IE.NMSA.ASFSourceMediaDescription.ActiveX.Control.Access | Previous name: "MS.IE6.NMSA.ASFSourceMediaDescript... |
| SIP.Invite.Remote.DoS | Detection Enhanced |
| Sun.Solaris.DHCP.Malformed.BOOTP.Packet.DoS | Previous name: "SUN.Solaris.DHCP.Malformed.BOOTP.P... |
| Worm.Lupper | Detection Enhanced |
Low ( 3 )
| Event Name | Revision Notes |
|---|---|
| Mozilla.Firefox.XUL.Tree.Node.Removal | Detection Enhanced |
| MS.IE.URLMon.DLL.BGSOUND.DoS | Detection Enhanced |
| Ntpd.Reserved.Mode.DoS | Detection Enhanced |
Top of Section
Active Exploitation
The FortiGuard Threat Research team uses globally distributed probes to monitor exploit activity. Vulnerabilities can be classified as active and given a magnitude level. The magnitude level is the rate of activity across the probes. The value of the magnitude is set to low, medium or high.
The table below lists the vulnerabilities discussed in this bulletin (specifically new and enhanced detection) and their corresponding exploit activity magnitude. The data below is as of this writing.
Critical ( 5 of 24 )
High ( 10 of 46 )
Medium ( 6 of 28 )
Low ( 2 of 10 )
| Event Name | Active Exploitation Observed | Magnitude |
|---|---|---|
| Asterisk.Skinny.Channel.Driver.Remote.DoS | No | n/a |
| KDE.Konqueror.Javascript.Iframe.DoS | No | n/a |
| Mozilla.Firefox.XUL.Tree.Node.Removal | No | n/a |
| MS.FrontPage.Server.Extensions.MS-DOS.Device.Name.DoS | No | n/a |
| MS.IE.StructuredGraphics.DoS | No | n/a |
| MS.IE.Stylesheet.Uninitialized.Memory.Corruption | Yes | Low |
| MS.IE.Sysmon.DoS | No | n/a |
| MS.IE.URLMon.DLL.BGSOUND.DoS | Yes | Low |
| Nokia.N95.Jpeg.File.Crash | No | n/a |
| Ntpd.Reserved.Mode.DoS | No | n/a |
Top of Section
Document History
| Revision Date | Version Number | |
|---|---|---|
| Monday, June 21, 2010 | 1 | Initial Documentation. |
About Fortinet ( www.fortinet.com )
Fortinet is the pioneer and leading provider of ASIC-accelerated unified threat management, or UTM, security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, VPN, spyware prevention and anti-spam -- designed to help customers protect against network and content level threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified in six programs by ICSA Labs: (Firewall, Antivirus, IPSec, SSL, Network IPS, and Anti-Spyware). Fortinet is privately held and based in Sunnyvale, California.
Disclaimer
Although Fortinet has attempted to provide accurate information in these materials, Fortinet assumes no legal responsibility for the accuracy or completeness of the information. Please note that no Fortinet statements herein constitute or contain any guarantee, warranty or legally binding representation. All materials contained in this publication are subject to change without notice, and Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
Top of page
