Focus on Microsoft
SecurityFocus Microsoft Newsletter #433 Feb 26 2009 09:56PM
Rob Keith (rkeith securityfocus com)
SecurityFocus Microsoft Newsletter #433

----------------------------------------

This issue is sponsored by Sophos Security Threat Report: 2009

Predicting the future in such a rapidly evolving environment is near impossible. One only needs to count the rate at which new malware appears today compared to five years ago to see how quickly the threat has become more serious. Read our security threat report to read about the malware trends we predict will be at the forefront in 2009.

http://dinclinx.com/Redirect.aspx?36;4036;35;189;0;4;259;d0ddf43bf0d4abd
d

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Free Market Filtering
2. Don't Blame the Browser
II. MICROSOFT VULNERABILITY SUMMARY
1. BitDefender Internet Security 2009 File Name Cross Site Scripting Vulnerability
2. HP Virtual Rooms Client Unspecified Remote Code Execution Vulnerability
3. Drupal Theme System Template File Local File Include Vulnerability
4. SHOUTcast Server DNAS Relay Remote Buffer Overflow Vulnerability
5. Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
6. Adobe Flash Player Unspecified Information Disclosure Vulnerability
7. Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability
8. Microsoft Excel Invalid Object Remote Code Execution Vulnerability
9. Got All Media URI Handling Remote Denial of Service Vulnerability
10. Agavi Multiple Cross Site Scripting Vulnerabilities
11. Windows Live Messenger Charset Data Remote Denial Of Service Vulnerability
12. Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclosure Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #432
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Free Market Filtering
By Mark Rasch
The Australian government is considering requiring that Internet service providers in that country install filters which would prevent citizens from accessing tens of thousands of sites that contain "objectionable" material.
http://www.securityfocus.com/columnists/493

2.Don't Blame the Browser
Melih Abdulhayoglu
There was a time when most diseases were fatal for humans. Intense study and research helped doctors manage diseases better, and subsequently even prevent them altogether.
http://www.securityfocus.com/columnists/492

II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. BitDefender Internet Security 2009 File Name Cross Site Scripting Vulnerability
BugTraq ID: 33921
Remote: Yes
Date Published: 2009-02-26
Relevant URL: http://www.securityfocus.com/bid/33921
Summary:
BitDefender Internet Security 2009 is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

2. HP Virtual Rooms Client Unspecified Remote Code Execution Vulnerability
BugTraq ID: 33918
Remote: Yes
Date Published: 2009-02-26
Relevant URL: http://www.securityfocus.com/bid/33918
Summary:
HP Virtual Rooms client is prone to a remote code-execution vulnerability caused by an unspecified error.

Successfully exploiting this issue allows an attacker to execute arbitrary code with the privileges of the user running the affected application.

This issue affects Virtual Rooms 7.0 and earlier running on Microsoft Windows.

3. Drupal Theme System Template File Local File Include Vulnerability
BugTraq ID: 33910
Remote: Yes
Date Published: 2009-02-25
Relevant URL: http://www.securityfocus.com/bid/33910
Summary:
Drupal is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. This issue affects Drupal running under Microsoft Windows.

An attacker can exploit this vulnerability to view files and execute local scripts in the context of the webserver process. This may aid in further attacks.

The following are vulnerable:

Drupal 5.x prior to 5.16
Drupal 6.x prior to 6.10

4. SHOUTcast Server DNAS Relay Remote Buffer Overflow Vulnerability
BugTraq ID: 33904
Remote: Yes
Date Published: 2009-02-25
Relevant URL: http://www.securityfocus.com/bid/33904
Summary:
SHOUTcast Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Attackers may exploit this issue to overwrite the application's web administration password and possibly to execute arbitrary code within the context of the application, but this has not been confirmed. Failed exploit attempts will cause a denial-of-service condition.

SHOUTcast Server 1.9.8 for Windows is vulnerable; other versions may also be affected.

5. Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
BugTraq ID: 33890
Remote: Yes
Date Published: 2009-02-24
Relevant URL: http://www.securityfocus.com/bid/33890
Summary:
Adobe Flash Player is prone to a remote denial-of-service vulnerability because it fails to properly validate user-supplied input.

Exploiting this issue allows remote attackers to crash the application and possibly to execute code, but this has not been confirmed.

Versions prior to Flash Player 10.0.22.87 are vulnerable.

6. Adobe Flash Player Unspecified Information Disclosure Vulnerability
BugTraq ID: 33889
Remote: Yes
Date Published: 2009-02-24
Relevant URL: http://www.securityfocus.com/bid/33889
Summary:
Adobe Flash Player is prone to an information-disclosure vulnerability.

Successful exploits will allow an attacker to obtain potentially sensitive information that may be used to elevate privileges.

This issue affects Flash Player on Linux-based operating systems only.

7. Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability
BugTraq ID: 33880
Remote: Yes
Date Published: 2009-02-24
Relevant URL: http://www.securityfocus.com/bid/33880
Summary:
Adobe Flash Player is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will likely crash the application, denying service to legitimate users.

Versions prior to Flash Player 10.0.12.36 are vulnerable.

8. Microsoft Excel Invalid Object Remote Code Execution Vulnerability
BugTraq ID: 33870
Remote: Yes
Date Published: 2009-02-23
Relevant URL: http://www.securityfocus.com/bid/33870
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will result in a denial-of-service condition.

9. Got All Media URI Handling Remote Denial of Service Vulnerability
BugTraq ID: 33830
Remote: Yes
Date Published: 2009-02-19
Relevant URL: http://www.securityfocus.com/bid/33830
Summary:
Got All Media is prone to a remote denial-of-service vulnerability when processing URI requests.

Exploiting this issue allows remote attackers to cause denial-of-service conditions by crashing the application.

Got All Media 7.0.0.3 is vulnerable; other versions may be affected as well.

10. Agavi Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 33826
Remote: Yes
Date Published: 2009-02-18
Relevant URL: http://www.securityfocus.com/bid/33826
Summary:
Agavi is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input.

Attacker-supplied HTML and script code would run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials.

11. Windows Live Messenger Charset Data Remote Denial Of Service Vulnerability
BugTraq ID: 33825
Remote: Yes
Date Published: 2009-02-18
Relevant URL: http://www.securityfocus.com/bid/33825
Summary:
Windows Live Messenger is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

Windows Live Messenger 2009 14.0.8064.206 is vulnerable; other versions may also be affected.

12. Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclosure Vulnerability
BugTraq ID: 33803
Remote: Yes
Date Published: 2009-02-17
Relevant URL: http://www.securityfocus.com/bid/33803
Summary:
Microsoft XML Core Services (MSXML) is prone to an information-disclosure vulnerability because it fails to properly protect sensitive cookie data with the 'HTTPOnly' protection mechanism.

A successful exploit may allow attackers to steal cookie-based authentication credentials; information harvested may aid in further attacks.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #432
http://www.securityfocus.com/archive/88/501097

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Sophos Security Threat Report: 2009

Predicting the future in such a rapidly evolving environment is near impossible. One only needs to count the rate at which new malware appears today compared to five years ago to see how quickly the threat has become more serious. Read our security threat report to read about the malware trends we predict will be at the forefront in 2009.

http://dinclinx.com/Redirect.aspx?36;4036;35;189;0;4;259;d0ddf43bf0d4abd
d

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus