SecurityFocus Microsoft Newsletter #432 ----------------------------------------
This issue is sponsored by Purewire NEW! White Paper: "Hackers Announce Open Season on Web 2.0 Users and Browsers" Learn how hackers are exploiting your employees Web surfing to gain entry into your network. Drive-by Downloads, Click Jacking, AJAX, XSS and Browser vulns are just some of the nasty attack methods hackers are coming up with and it's no longer good enough to block known bad URL's. Download this white paper now to mitigate your online security risks. http://www.purewire.com/lp/sec/ SECURITY BLOGS SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks. http://www.securityfocus.com/blogs ------------------------------------------------------------------ I. FRONT AND CENTER 1. Free Market Filtering 2. Don't Blame the Browser II. MICROSOFT VULNERABILITY SUMMARY 1. Got All Media URI Handling Remote Denial of Service Vulnerability 2. Agavi Multiple Cross Site Scripting Vulnerabilities 3. Windows Live Messenger Charset Data Remote Denial Of Service Vulnerability 4. Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclosure Vulnerability 5. RimArts Becky! Internet Mail Return Receipt Remote Buffer Overflow Vulnerability 6. Wireshark 1.0.5 Multiple Denial Of Service Vulnerabilities 7. Microsoft Visio Memory Corruption Remote Code Execution Vulnerability 8. Microsoft Visio Object Copy Memory Corruption Remote Code Execution Vulnerability 9. Microsoft Visio Object Validation Remote Code Execution Vulnerability 10. Microsoft Internet Explorer CSS Memory Corruption Remote Code Execution Vulnerability 11. Microsoft Internet Explorer Uninitialized Memory Remote Code Execution Vulnerability 12. Microsoft Exchange Server EMSMDB2 MAPI Command Remote Denial of Service Vulnerability 13. Microsoft Exchange Server TNEF Decoding Remote Code Execution Vulnerability III. MICROSOFT FOCUS LIST SUMMARY IV. UNSUBSCRIBE INSTRUCTIONS V. SPONSOR INFORMATION I. FRONT AND CENTER --------------------- 1.Free Market Filtering By Mark Rasch The Australian government is considering requiring that Internet service providers in that country install filters which would prevent citizens from accessing tens of thousands of sites that contain "objectionable" material. http://www.securityfocus.com/columnists/493 2.Don't Blame the Browser Melih Abdulhayoglu There was a time when most diseases were fatal for humans. Intense study and research helped doctors manage diseases better, and subsequently even prevent them altogether. http://www.securityfocus.com/columnists/492 II. MICROSOFT VULNERABILITY SUMMARY ------------------------------------ 1. Got All Media URI Handling Remote Denial of Service Vulnerability BugTraq ID: 33830 Remote: Yes Date Published: 2009-02-19 Relevant URL: http://www.securityfocus.com/bid/33830 Summary: Got All Media is prone to a remote denial-of-service vulnerability when processing URI requests. Exploiting this issue allows remote attackers to cause denial-of-service conditions by crashing the application. Got All Media 7.0.0.3 is vulnerable; other versions may be affected as well. 2. Agavi Multiple Cross Site Scripting Vulnerabilities BugTraq ID: 33826 Remote: Yes Date Published: 2009-02-18 Relevant URL: http://www.securityfocus.com/bid/33826 Summary: Agavi is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials. 3. Windows Live Messenger Charset Data Remote Denial Of Service Vulnerability BugTraq ID: 33825 Remote: Yes Date Published: 2009-02-18 Relevant URL: http://www.securityfocus.com/bid/33825 Summary: Windows Live Messenger is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Windows Live Messenger 2009 14.0.8064.206 is vulnerable; other versions may also be affected. 4. Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclosure Vulnerability BugTraq ID: 33803 Remote: Yes Date Published: 2009-02-17 Relevant URL: http://www.securityfocus.com/bid/33803 Summary: Microsoft XML Core Services (MSXML) is prone to an information-disclosure vulnerability because it fails to properly protect sensitive cookie data with the 'HTTPOnly' protection mechanism. A successful exploit may allow attackers to steal cookie-based authentication credentials; information harvested may aid in further attacks. 5. RimArts Becky! Internet Mail Return Receipt Remote Buffer Overflow Vulnerability BugTraq ID: 33756 Remote: Yes Date Published: 2009-02-12 Relevant URL: http://www.securityfocus.com/bid/33756 Summary: RimArts Becky! Internet Mail is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Versions prior to Becky! Internet Mail 2.50 are vulnerable. 6. Wireshark 1.0.5 Multiple Denial Of Service Vulnerabilities BugTraq ID: 33690 Remote: Yes Date Published: 2009-02-09 Relevant URL: http://www.securityfocus.com/bid/33690 Summary: Wireshark is prone to multiple denial-of-service vulnerabilities. Exploiting these issues may allow attackers to crash the application, denying service to legitimate users. Attackers may be able to leverage some of these vulnerabilities to execute arbitrary code, but this has not been confirmed. These issues affect Wireshark 0.99.6 through 1.0.5. 7. Microsoft Visio Memory Corruption Remote Code Execution Vulnerability BugTraq ID: 33661 Remote: Yes Date Published: 2009-02-10 Relevant URL: http://www.securityfocus.com/bid/33661 Summary: Microsoft Visio is prone to a remote code-execution vulnerability because it fails to adequately handle user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a denial-of-service condition. 8. Microsoft Visio Object Copy Memory Corruption Remote Code Execution Vulnerability BugTraq ID: 33660 Remote: Yes Date Published: 2009-02-10 Relevant URL: http://www.securityfocus.com/bid/33660 Summary: Microsoft Visio is prone to a remote code-execution vulnerability because it fails to adequately handle user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a denial-of-service condition. 9. Microsoft Visio Object Validation Remote Code Execution Vulnerability BugTraq ID: 33659 Remote: Yes Date Published: 2009-02-10 Relevant URL: http://www.securityfocus.com/bid/33659 Summary: Microsoft Visio is prone to a remote code-execution vulnerability because it fails to adequately handle user-supplied data. Attackers can exploit this issue to run arbitrary code in the context of the user running the application. Failed exploit attempts will result in a denial-of-service condition. 10. Microsoft Internet Explorer CSS Memory Corruption Remote Code Execution Vulnerability BugTraq ID: 33628 Remote: Yes Date Published: 2009-02-10 Relevant URL: http://www.securityfocus.com/bid/33628 Summary: Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions. 11. Microsoft Internet Explorer Uninitialized Memory Remote Code Execution Vulnerability BugTraq ID: 33627 Remote: Yes Date Published: 2009-02-10 Relevant URL: http://www.securityfocus.com/bid/33627 Summary: Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions. 12. Microsoft Exchange Server EMSMDB2 MAPI Command Remote Denial of Service Vulnerability BugTraq ID: 33136 Remote: Yes Date Published: 2009-02-10 Relevant URL: http://www.securityfocus.com/bid/33136 Summary: Microsoft Exchange Server is prone to a remote denial-of-service vulnerability. A successful exploit allows a remote attacker to cause the application to stop responding, denying service to legitimate users. 13. Microsoft Exchange Server TNEF Decoding Remote Code Execution Vulnerability BugTraq ID: 33134 Remote: Yes Date Published: 2009-02-10 Relevant URL: http://www.securityfocus.com/bid/33134 Summary: Microsoft Exchange Server is prone to a remote code-execution vulnerability. Remote attackers may exploit this issue by sending maliciously constructed TNEF-encoded email data to vulnerable servers. This issue will be triggered when a user views or previews the malicious email. Successfully exploiting this issue would allow the attacker to execute arbitrary code on an affected computer in the context of the affected application. III. MICROSOFT FOCUS LIST SUMMARY --------------------------------- IV. UNSUBSCRIBE INSTRUCTIONS ----------------------------- To unsubscribe send an e-mail message to [email protected] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website. If your email address has changed email [email protected] and ask to be manually removed. V. SPONSOR INFORMATION ------------------------ This issue is sponsored by Purewire NEW! White Paper: "Hackers Announce Open Season on Web 2.0 Users and Browsers" Learn how hackers are exploiting your employees Web surfing to gain entry into your network. Drive-by Downloads, Click Jacking, AJAX, XSS and Browser vulns are just some of the nasty attack methods hackers are coming up with and it's no longer good enough to block known bad URL's. Download this white paper now to mitigate your online security risks. http://www.purewire.com/lp/sec/
