Microsoft Vulnerabilities and Situations for 2012 in sgpkg-ips-444-4219

Microsoft Vulnerabilities and Situations for 2012 in sgpkg-ips-444-4219

Vulnerabilities

MS12-022 Microsoft-Expression-Design-Insecure-Library-Loading-CVE-2012-0016

About this vulnerability: A vulnerability in Microsoft Windows
Risk: High
First detected in: sgpkg-ips-443-4219
Last changed: sgpkg-ips-444-4219
Platform: Windows
Software: Microsoft Expression Design
Type: Malfunction
Description: There is a vulnerability in Microsoft Expression Design.
SituationHTTP_CSU-Microsoft-Expression-Design-Insecure-Library-Loading-CVE-2012-0016
Comment: Detected attempt to exploit a vulnerability in Microsoft PowerPoint
Description: An attempt to exploit a vulnerability in Microsoft Expression Design was detected.
SituationSMB-TCP_CHS_Microsoft-Expression-Design-Insecure-Library-Loading-CVE-2012-0016
Comment: Detected attempt to exploit a vulnerability in Microsoft Expression Design
Description: An attempt to exploit a vulnerability in Microsoft Expression Design was detected.
References:
CVE-2012-0016
MS12-022
Back to top

MS12-020 Remote-Desktop-Code-Execution-Vulnerability

About this vulnerability: A vulnerability in Windows
Risk: Moderate
First detected in: sgpkg-ips-443-4219
Last changed: sgpkg-ips-443-4219
Platform: Windows
Software: <os>
Type: Malfunction
Description: A vulnerability in Windows
SituationGeneric_CS-Remote-Desktop-Code-Execution-Vulnerability
Comment: An attempt to exploit vulnerability in Windows detected
Description: An attempt to exploit vulnerability in Windows detected
References:
CVE-2012-0002
MS12-020
Back to top

MS12-015 Microsoft-Visio-VSD-File-Format-Memory-Corruption-CVE-2012-0019

About this vulnerability: Code execution vulnerability in Microsoft Visio Viewer
Risk: Moderate
First detected in: sgpkg-ips-440-4219
Last changed: sgpkg-ips-440-4219
Platform: Windows
Software: Microsoft Visio Viewer
Type: Malfunction
Description: There is a memory corruption vulnerability in Microsoft Visio Viewer
SituationFile-OLE_Microsoft-Visio-VSD-File-Format-Memory-Corruption-CVE-2012-0019
Comment: An attempt to exploit vulnerability in Microsoft Visio Viewer detected
Description: There is a memory corruption vulnerability in Microsoft Visio Viewer
References:
CVE-2012-0019
MS12-015
Back to top

MS12-015 Microsoft-Visio-VSD-File-Format-Memory-Corruption-CVE-2012-0020

About this vulnerability: Code execution vulnerability in Microsoft Visio Viewer
Risk: Moderate
First detected in: sgpkg-ips-440-4219
Last changed: sgpkg-ips-442-4219
Platform: Windows
Software: Microsoft Visio Viewer
Type: Malfunction
Description: There is a memory corruption vulnerability in Microsoft Visio Viewer
SituationFile-OLE_Microsoft-Visio-VSD-File-Format-Memory-Corruption-CVE-2012-0020
Comment: An attempt to exploit vulnerability in Microsoft Visio Viewer detected
Description: There is a memory corruption vulnerability in Microsoft Visio Viewer
References:
CVE-2012-0020
OSVDB-79255
MS12-015
Back to top

MS12-015 Microsoft-Visio-VSD-File-Format-Memory-Corruption-CVE-2012-0136

About this vulnerability: Code execution vulnerability in Microsoft Visio Viewer
Risk: Moderate
First detected in: sgpkg-ips-440-4219
Last changed: sgpkg-ips-440-4219
Platform: Windows
Software: Microsoft Visio Viewer
Type: Malfunction
Description: There is a memory corruption vulnerability in Microsoft Visio Viewer
SituationFile-OLE_Microsoft-Visio-VSD-File-Format-Memory-Corruption-CVE-2012-0136
Comment: An attempt to exploit vulnerability in Microsoft Visio Viewer detected
Description: There is a memory corruption vulnerability in Microsoft Visio Viewer
References:
CVE-2012-0136
MS12-015
Back to top

MS12-014 Microsoft-Indeo-Codec-Insecure-Library-Loading-Vulnerability

About this vulnerability: Detected attempt to exploit a vulnerability in Microsoft Windows
Risk: Moderate
First detected in: sgpkg-ips-440-4219
Last changed: sgpkg-ips-442-4219
Platform: Windows
Software: <os>
Type: Code Injection
Description: There is a library loading vulnarability in Microsoft Windows
SituationHTTP_CSU-Microsoft-Indeo-Codec-Insecure-Library-Loading-Vulnerability
Comment: Detected attempt to exploit a vulnerability in Microsoft Windows
Description: An attempt to exploit a vulnerability in Microsoft Windows was detected.
SituationSMB-TCP_CHS_Microsoft-Indeo-Codec-Insecure-Library-Loading-Vulnerability
Comment: Detected attempt to exploit a vulnerability in Microsoft Windows
Description: An attempt to exploit a vulnerability in Microsoft Windows was detected.
References:
CVE-2010-3138
OSVDB-67551
MS12-014
Back to top

MS12-013 Microsoft-Windows-Msvcrt.dll-Buffer-Overflow-CVE-2012-0150

About this vulnerability: A vulnerability in Microsoft Windows
Risk: High
First detected in: sgpkg-ips-440-4219
Last changed: sgpkg-ips-440-4219
Platform: Windows 2008; Windows Vista; Windows 7
Software: <os>
Type: Malfunction
Description: There is a vulnerability in Microsoft Windows.
SituationFile-Text_Microsoft-Windows-Msvcrt.dll-Buffer-Overflow-CVE-2012-0150
Comment: Detected attempt to exploit a vulnerability in Microsoft Windows
Description: An attempt to exploit a vulnerability in Microsoft Windows was detected.
References:
CVE-2012-0150
MS12-013
Back to top

MS12-012 Microsoft-Windows-Color-Control-Panel-Insecure-Library-Loading-CVE-2010-5082

About this vulnerability: A vulnerability in Microsoft Windows
Risk: High
First detected in: sgpkg-ips-440-4219
Last changed: sgpkg-ips-440-4219
Platform: Windows 2008
Software: <os>
Type: Malfunction
Description: There is a vulnerability in Microsoft Windows.
SituationHTTP_CSU-Microsoft-Windows-Color-Control-Panel-Library-Loading-CVE-2010-5082
Comment: Detected attempt to exploit a vulnerability in Microsoft PowerPoint
Description: An attempt to exploit a vulnerability in Microsoft Windows was detected.
SituationSMB-TCP_CHS-Microsoft-Windows-Color-Control-Panel-Library-Loading-CVE-2010-5082
Comment: Detected attempt to exploit a vulnerability in Microsoft Windows
Description: An attempt to exploit a vulnerability in Microsoft Windows was detected.
References:
CVE-2010-5082
MS12-012
Back to top

MS12-011 Microsoft-Sharepoint-XSS-CVE-2012-0017

About this vulnerability: A cross-site scripting vulnarability in Microsoft SharePoint
Risk: Moderate
First detected in: sgpkg-ips-440-4219
Last changed: sgpkg-ips-440-4219
Platform: Windows
Software: Microsoft Sharepoint
Type: Cross-site Scripting
Description: There is a cross-site scripting vulnarability in Microsoft SharePoint
SituationHTTP_CSU-Microsoft-Sharepoint-XSS-CVE-2012-0017
Comment: A cross-site scripting vulnarability in Microsoft SharePoint
Description: There is a cross-site scripting vulnarability in Microsoft SharePoint
References:
CVE-2012-0017
MS12-011
Back to top

MS12-011 Microsoft-Sharepoint-XSS-CVE-2012-0144

About this vulnerability: A cross-site scripting vulnarability in Microsoft SharePoint
Risk: Moderate
First detected in: sgpkg-ips-440-4219
Last changed: sgpkg-ips-440-4219
Platform: Windows
Software: Microsoft Sharepoint
Type: Cross-site Scripting
Description: There is a cross-site scripting vulnarability in Microsoft SharePoint
SituationHTTP_CS-Microsoft-Sharepoint-XSS-CVE-2012-0144
Comment: A cross-site scripting vulnarability in Microsoft SharePoint
Description: There is a cross-site scripting vulnarability in Microsoft SharePoint
References:
CVE-2012-0144
MS12-011
Back to top

MS12-011 Microsoft-Sharepoint-XSS-CVE-2012-0145

About this vulnerability: A cross-site scripting vulnarability in Microsoft SharePoint
Risk: Moderate
First detected in: sgpkg-ips-440-4219
Last changed: sgpkg-ips-440-4219
Platform: Windows
Software: Microsoft Sharepoint
Type: Cross-site Scripting
Description: There is a cross-site scripting vulnarability in Microsoft SharePoint
SituationHTTP_CSU-Microsoft-Sharepoint-XSS-CVE-2012-0145
Comment: A cross-site scripting vulnarability in Microsoft SharePoint
Description: There is a cross-site scripting vulnarability in Microsoft SharePoint
References:
CVE-2012-0145
MS12-011
Back to top

MS12-010 Microsoft-Internet-Explorer-HTML-Layout-CVE-2012-0011

About this vulnerability: A vulnerability in Microsoft Internet Explorer
Risk: High
First detected in: sgpkg-ips-440-4219
Last changed: sgpkg-ips-440-4219
Platform: Windows
Software: Internet Explorer 7.0; Internet Explorer 8.0; Internet Explorer 9.0
Type: Malfunction
Description: There is a vulnerability in Microsoft Internet Explorer.
SituationFile-Text_Microsoft-Internet-Explorer-HTML-Layout-CVE-2012-0011
Comment: Detected attempt to exploit a vulnerability in Microsoft Internet Explorer
Description: An attempt to exploit a vulnerability in Microsoft Internet Explorer was detected.
References:
CVE-2012-0011
MS12-010
Back to top

MS12-010 Microsoft-Internet-Explorer-Null-Byte-CVE-2012-0012

About this vulnerability: A vulnerability in Microsoft Internet Explorer
Risk: High
First detected in: sgpkg-ips-440-4219
Last changed: sgpkg-ips-440-4219
Platform: Windows
Software: Internet Explorer 7.0; Internet Explorer 8.0; Internet Explorer 9.0
Type: Malfunction
Description: There is a vulnerability in Microsoft Internet Explorer.
SituationFile-Text_Microsoft-Internet-Explorer-Null-Byte-CVE-2012-0012
Comment: Detected attempt to exploit a vulnerability in Microsoft Internet Explorer
Description: An attempt to exploit a vulnerability in Microsoft Internet Explorer was detected.
SituationFile-Text_Microsoft-Internet-Explorer-HTML-Layout-CVE-2012-0011
Comment: Detected attempt to exploit a vulnerability in Microsoft Internet Explorer
Description: An attempt to exploit a vulnerability in Microsoft Internet Explorer was detected.
References:
CVE-2012-0012
MS12-010
Back to top

MS12-008 Microsoft-Windows-GDI-Access-Violation-CVE-2011-5046

About this vulnerability: A vulnerability in Microsoft Word
Risk: High
First detected in: sgpkg-ips-440-4219
Last changed: sgpkg-ips-440-4219
Platform: Windows XP; Windows 2003; Windows 2008; Windows Vista; Windows 7
Software: <os>
Type: Malfunction
Description: There is a vulnerability in Microsoft Windows.
References:
CVE-2011-5046
MS12-008
Back to top

MS12-008 Microsoft-Windows-Win32k.sys-Memory-Corruption

About this vulnerability: A vulnerability in Microsoft Windows
Risk: Moderate
First detected in: sgpkg-ips-438-4219
Last changed: sgpkg-ips-442-4219
Platform: Windows
Software: <os>
Type: Malfunction
Description: A memory corruption vulnerability has been reported in the Microsoft Windows kernel file win32k.sys. The public proof of concept triggers the vulnerability through a specially sized iFrame opened with the Safari web browser. A remote, unauthenticated attacker can also be trigger this vulnerability by enticing a user to visit a specially crafted web page with the vulnerable application. Successful exploitation could result in arbitrary code execution with kernel privileges. Note: This vulnerability has been confirmed by Secunia on a fully patched installation of Windows 7 64 bit, other versions may also be vulnerable. Telus Security Labs has been able to reproduce this vulnerability with the published exploit. However, to fully understand the mechanism of the vulnerability, further investigation is required.
SituationFile-Text_Microsoft-Windows-Win32k.sys-Memory-Corruption
Comment: An attempt to exploit vulnerability in Microsoft Windows detected
Description: A memory corruption vulnerability has been reported in the Microsoft Windows kernel file win32k.sys. The public proof of concept triggers the vulnerability through a specially sized iFrame opened with the Safari web browser. A remote, unauthenticated attacker can also be trigger this vulnerability by enticing a user to visit a specially crafted web page with the vulnerable application. Successful exploitation could result in arbitrary code execution with kernel privileges. Note: This vulnerability has been confirmed by Secunia on a fully patched installation of Windows 7 64 bit, other versions may also be vulnerable. Telus Security Labs has been able to reproduce this vulnerability with the published exploit. However, to fully understand the mechanism of the vulnerability, further investigation is required.
References:
CVE-2011-5046
BID-51122
OSVDB-77908
MS12-008
Back to top

MS12-007 Microsoft-Anti-XSS-Library-Bypass-Vulnerability

About this vulnerability: A vulnerability in Microsoft Anti-XSS Library
Risk: Moderate
First detected in: sgpkg-ips-433-4219
Last changed: sgpkg-ips-433-4219
Platform: Windows
Software: Microsoft Anti-XSS Libarary
Type: Malfunction
Description: There is a vulnerability in the Microsoft Anti-Cross Site Scripting Library.
SituationFile-Text_Microsoft-Anti-XSS-Library-Bypass-Vulnerability
Comment: An attempt to exploit vulnerability in Microsoft Anti-XSS Library detected
Description: There is a vulnerability in the Microsoft Anti-Cross Site Scripting Library.
References:
CVE-2012-0007
MS12-007
Back to top

MS12-004 Microsoft-Windows-Midi-Remote-Code-Execution-Vulnerability

About this vulnerability: Detected an attempt to exploit a vulnerability in Microsoft Windows
Risk: Moderate
First detected in: sgpkg-ips-433-4219
Last changed: sgpkg-ips-433-4219
Platform: Windows
Software: <os>
Type: Input Validation
Description: Detected an attempt to exploit a vulnerability in Microsoft Windows
SituationFile-Binary_Microsoft-Windows-Midi-Remote-Code-Execution-Vulnerability
Comment: Detected an attempt to exploit a vulnerability in Microsoft Windows
Description: An attempt to exploit a vulnerability in Microsoft Windows was detected.
References:
CVE-2012-0003
MS12-004
Back to top

MS12-002 Microsoft-Object-Packager-Insecure-Executable-Launching-Vulnerability

About this vulnerability: Detected an attempt to exploit a vulnerability in Microsoft Windows
Risk: Moderate
First detected in: sgpkg-ips-433-4219
Last changed: sgpkg-ips-434-4219
Platform: Windows
Software: <os>
Type: Insecure Configuration
Description: Detected an attempt to exploit a vulnerability in Microsoft Windows
SituationSMB-TCP_Microsoft-Object-Packager-Insecure-Executable-Launching-Vulnerability
Comment: Detected an attempt to exploit a vulnerability in Microsoft Windows
Description: A possibly malicious file was seen.
SituationHTTP_CSU-Microsoft-Object-Packager-Insecure-Executable-Launching-Vulnerability
Comment: Detected an attempt to exploit a vulnerability in Microsoft Windows
Description: A possibly malicious file was seen.
References:
CVE-2012-0009
MS12-002
Back to top