• info
• discussion
• exploit
• solution
• references

RETIRED: Microsoft February 2012 Advance Notification Multiple Vulnerabilities

Microsoft has released advance notification that on February 14, 2012, they will be releasing nine security bulletins addressing 21 vulnerabilities.

The bulletins and their affected components are as follows:

Four bulletins rated 'Critical' affecting Windows, Internet Explorer, .NET Framework, and Silverlight
Five bulletins rated 'Important' affecting Windows, Visio, and SharePoint

This BID is being retired. The following individual records exist to better document the issues:

42730 Microsoft Windows Indeo Filter 'iacenc.dll' DLL Loading Arbitrary Code Execution Vulnerability
44157 Windows Server 2008 Color Control Panel DLL Loading Arbitrary Code Execution Vulnerability
51122 Microsoft Windows 'win32k.sys' Remote Memory Corruption Vulnerability
51903 Microsoft Visio Viewer VSD File Format CVE-2012-0019 Remote Code Execution Vulnerability
51904 Microsoft Visio Viewer VSD File Format CVE-2012-0020 Remote Code Execution Vulnerability
51906 Microsoft Visio Viewer VSD File Format CVE-2012-0136 Remote Code Execution Vulnerability
51907 Microsoft Visio Viewer VSD File Format CVE-2012-0137 Remote Code Execution Vulnerability
51908 Microsoft Visio Viewer VSD File Format CVE-2012-0138 Remote Code Execution Vulnerability
51913 Microsoft Windows 'Msvcrt.dll' Remote Buffer Overflow Vulnerability
51920 Microsoft Windows Kernel 'Win32k.sys' Keyboard Layout Local Privilege Escalation Vulnerability
51928 Microsoft SharePoint 'inplview.aspx' Cross Site Scripting Vulnerability
51930 Microsoft Windows Ancillary Function Driver CVE-2012-0148 Local Privilege Escalation Vulnerability
51931 Microsoft Internet Explorer Copy&Paste Operation Cross Domain Information Disclosure Vulnerability
51932 Microsoft Internet Explorer Null Byte Handling Information Disclosure Vulnerability
51933 Microsoft Internet Explorer CVE-2012-0011 Remote Code Execution Vulnerability
51934 Microsoft SharePoint 'themeweb.aspx' Cross Site Scripting Vulnerability
51935 Microsoft Internet Explorer CVE-2012-0155 VML Handling Remote Code Execution Vulnerability
51936 Microsoft Windows Ancillary Function Driver CVE-2012-0149 Local Privilege Escalation Vulnerability
51937 Microsoft SharePoint 'wizardlist.aspx' Cross Site Scripting Vulnerability
51938 Microsoft Silverlight & .NET Framework Unmanaged Objects Remote Code Execution Vulnerability
51940 Microsoft Silverlight & .NET Framework Framework Heap Corruption Remote Code Execution Vulnerability