fredag, juni 15, 2012

WeCloud beskytter mot nye sårbarheter

WeClouds websikkerhetsløsning Zscaler, som samarbeider med Microsoft gjennom MAPPs-programmet, har aktivert beskyttelse for de følgende 16 web-baserte klient-sårbarheter, som er inkludert i Microsofts sikkerhetsoppdatering for juni:

MS12-­-037 – Cumulative Security Update for Internet Explorer (2699988)
Severity: Critical Affected Software
  • Internet Explorer 6
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9

CVE-­-2012-­-1523 Center Element Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted. 

CVE-­-2012-­-1858 HTML Sanitization Vulnerability
Description: An information disclosure vulnerability exists in the way that Internet Explorer handles content using specific strings when sanitizing HTML.

CVE-­-2012-­-1873 Null Byte Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists in Internet Explorer that could allow an attacker to gain access and read Internet Explorer's process memory.

CVE-­-2012-­-1874 Developer Toolbar Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted.

CVE-­-2012-­-1875 Same ID Property Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted.

CVE-­-2012-­-1876 Col Element Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that does not exist.

CVE-­-2012-­-1877 Title Element Change Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted.

CVE-­-2012-­-1878 OnBeforeDeactivate Event Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted.

CVE-­-2012-­-1879 insertAdjacentText Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an undefined memory location.

CVE-­-2012-­-1880 insertRow Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted.

CVE-­-2012-­-1881 OnRowsInserted Event Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted.

MS12-­-038 – Vulnerability in .NET Framework Could Allow Remote Code Execution (2706726)
Severity: Critical Affected Software
  • Windows XP
  • Windows Server 2003 
  • Windows Vista
  • Windows Server 2008
  • Windows 7
CVE-­-2012-­-1855 .NET Framework Memory Access Vulnerability
Description: A remote code execution vulnerability exists in the Microsoft .NET Framework due to the improper execution of a function pointer.

MS12-­-039 – Vulnerabilities in Lync Could Allow Remote Code Execution (2707956)
Severity: Important Affected Software
  • Microsoft Communicator 2007
  • Microsoft Lync 2010
CVE-­-2011-­-3402 TrueType Font Parsing Vulnerability
Description: A remote code execution vulnerability exists in the way that affected components handle shared content that contains specially crafted TrueType fonts.

CVE-­-2012-­-0159 TrueType Font Parsing Vulnerability
Description: A remote code execution vulnerability exists in the way that affected components handle shared content that contains specially crafted TrueType fonts.

CVE-­-2012-­-1858 HTML Sanitization Vulnerability
Description: An information disclosure vulnerability exists in the way that HTML is filtered that could allow an attacker to perform cross-­-site scripting attacks and run script in the security context of the current user.

MS12-­-040 – Vulnerability in Microsoft Dynamics AX Enterprise Portal Could Allow Elevation of Privilege (2709100)
Severity: Important Affected Software
  • Microsoft Dynamics AX 2012
CVE-­-2012-­-1857 Dynamics AX Enterprise Portal XSS Vulnerability
Description: A cross-­-site scripting vulnerability exists in Microsoft Dynamics AX Enterprise Portal that could result in information disclosure or elevation of privilege if a user clicks a specially crafted URL that contains malicious JavaScript elements. 

1 kommentar:

  1. Casino Slot Machines in Houston
    Casino Slot 부산광역 출장샵 Machines in Houston. 구리 출장마사지 Get the best in gaming technology, coupons & deals 전라남도 출장마사지 and more! 울산광역 출장마사지 Discover the best in-store and 파주 출장안마 direct to your event venue

    SvarSlett