RETIRED: Microsoft December 2012 Advance Notification Multiple Vulnerabilities

Microsoft has released advance notification that on December 11, 2012, they will be releasing seven security bulletins addressing eleven vulnerabilities.

The bulletins and their affected components are as follows:

Five bulletins rated 'Critical' affecting Windows, Word, Windows Server, and Internet Explorer
Two bulletins rated 'Important' affecting Windows

This BID is being retired. The following individual records exist to better document the issues:

56443 Microsoft Windows CVE-2012-4774 Remote Code Execution Vulnerability
56828 Microsoft Internet Explorer InjectHTMLStream Use-After-Free Remote Code Execution Vulnerability
56829 Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
56830 Microsoft Internet Explorer Improper Ref Counting Use-After-Free Remote Code Execution Vulnerability
56840 Microsoft Windows IP-HTTPS Server Revoked SSL Certificate Validation Security Bypass Vulnerability
56839 Microsoft DirectX DirectPlay CVE-2012-1537 Heap Overflow Remote Code Execution Vulnerability
56841 Microsoft Windows OpenType Font (OTF) Driver CVE-2012-2556 Remote Code Execution Vulnerability
56842 Microsoft Windows TrueType Font CVE-2012-4786 Remote Code Execution Vulnerability
55977 Oracle Outside In Technology CVE-2012-3214 Local Security Vulnerability
55993 Oracle Outside In Technology CVE-2012-3217 Local Security Vulnerability
56836 Microsoft Exchange Server RSS Feed Remote Denial of Service Vulnerability
56834 Microsoft Word RTF File 'listoverridecount' Remote Code Execution Vulnerability


 

Privacy Statement
Copyright 2010, SecurityFocus