SecurityFocus Microsoft Newsletter #433 ----------------------------------------
This issue is sponsored by Sophos Security Threat Report: 2009 Predicting the future in such a rapidly evolving environment is near impossible. One only needs to count the rate at which new malware appears today compared to five years ago to see how quickly the threat has become more serious. Read our security threat report to read about the malware trends we predict will be at the forefront in 2009. http://dinclinx.com/Redirect.aspx?36;4036;35;189;0;4;259;d0ddf43bf0d4abdd SECURITY BLOGS SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks. http://www.securityfocus.com/blogs ------------------------------------------------------------------ I. FRONT AND CENTER 1. Free Market Filtering 2. Don't Blame the Browser II. MICROSOFT VULNERABILITY SUMMARY 1. BitDefender Internet Security 2009 File Name Cross Site Scripting Vulnerability 2. HP Virtual Rooms Client Unspecified Remote Code Execution Vulnerability 3. Drupal Theme System Template File Local File Include Vulnerability 4. SHOUTcast Server DNAS Relay Remote Buffer Overflow Vulnerability 5. Adobe Flash Player Unspecified Remote Denial of Service Vulnerability 6. Adobe Flash Player Unspecified Information Disclosure Vulnerability 7. Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability 8. Microsoft Excel Invalid Object Remote Code Execution Vulnerability 9. Got All Media URI Handling Remote Denial of Service Vulnerability 10. Agavi Multiple Cross Site Scripting Vulnerabilities 11. Windows Live Messenger Charset Data Remote Denial Of Service Vulnerability 12. Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclosure Vulnerability III. MICROSOFT FOCUS LIST SUMMARY 1. SecurityFocus Microsoft Newsletter #432 IV. UNSUBSCRIBE INSTRUCTIONS V. SPONSOR INFORMATION I. FRONT AND CENTER --------------------- 1.Free Market Filtering By Mark Rasch The Australian government is considering requiring that Internet service providers in that country install filters which would prevent citizens from accessing tens of thousands of sites that contain "objectionable" material. http://www.securityfocus.com/columnists/493 2.Don't Blame the Browser Melih Abdulhayoglu There was a time when most diseases were fatal for humans. Intense study and research helped doctors manage diseases better, and subsequently even prevent them altogether. http://www.securityfocus.com/columnists/492 II. MICROSOFT VULNERABILITY SUMMARY ------------------------------------ 1. BitDefender Internet Security 2009 File Name Cross Site Scripting Vulnerability BugTraq ID: 33921 Remote: Yes Date Published: 2009-02-26 Relevant URL: http://www.securityfocus.com/bid/33921 Summary: BitDefender Internet Security 2009 is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. 2. HP Virtual Rooms Client Unspecified Remote Code Execution Vulnerability BugTraq ID: 33918 Remote: Yes Date Published: 2009-02-26 Relevant URL: http://www.securityfocus.com/bid/33918 Summary: HP Virtual Rooms client is prone to a remote code-execution vulnerability caused by an unspecified error. Successfully exploiting this issue allows an attacker to execute arbitrary code with the privileges of the user running the affected application. This issue affects Virtual Rooms 7.0 and earlier running on Microsoft Windows. 3. Drupal Theme System Template File Local File Include Vulnerability BugTraq ID: 33910 Remote: Yes Date Published: 2009-02-25 Relevant URL: http://www.securityfocus.com/bid/33910 Summary: Drupal is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. This issue affects Drupal running under Microsoft Windows. An attacker can exploit this vulnerability to view files and execute local scripts in the context of the webserver process. This may aid in further attacks. The following are vulnerable: Drupal 5.x prior to 5.16 Drupal 6.x prior to 6.10 4. SHOUTcast Server DNAS Relay Remote Buffer Overflow Vulnerability BugTraq ID: 33904 Remote: Yes Date Published: 2009-02-25 Relevant URL: http://www.securityfocus.com/bid/33904 Summary: SHOUTcast Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may exploit this issue to overwrite the application's web administration password and possibly to execute arbitrary code within the context of the application, but this has not been confirmed. Failed exploit attempts will cause a denial-of-service condition. SHOUTcast Server 1.9.8 for Windows is vulnerable; other versions may also be affected. 5. Adobe Flash Player Unspecified Remote Denial of Service Vulnerability BugTraq ID: 33890 Remote: Yes Date Published: 2009-02-24 Relevant URL: http://www.securityfocus.com/bid/33890 Summary: Adobe Flash Player is prone to a remote denial-of-service vulnerability because it fails to properly validate user-supplied input. Exploiting this issue allows remote attackers to crash the application and possibly to execute code, but this has not been confirmed. Versions prior to Flash Player 10.0.22.87 are vulnerable. 6. Adobe Flash Player Unspecified Information Disclosure Vulnerability BugTraq ID: 33889 Remote: Yes Date Published: 2009-02-24 Relevant URL: http://www.securityfocus.com/bid/33889 Summary: Adobe Flash Player is prone to an information-disclosure vulnerability. Successful exploits will allow an attacker to obtain potentially sensitive information that may be used to elevate privileges. This issue affects Flash Player on Linux-based operating systems only. 7. Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability BugTraq ID: 33880 Remote: Yes Date Published: 2009-02-24 Relevant URL: http://www.securityfocus.com/bid/33880 Summary: Adobe Flash Player is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will likely crash the application, denying service to legitimate users. Versions prior to Flash Player 10.0.12.36 are vulnerable. 8. Microsoft Excel Invalid Object Remote Code Execution Vulnerability BugTraq ID: 33870 Remote: Yes Date Published: 2009-02-23 Relevant URL: http://www.securityfocus.com/bid/33870 Summary: Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will result in a denial-of-service condition. 9. Got All Media URI Handling Remote Denial of Service Vulnerability BugTraq ID: 33830 Remote: Yes Date Published: 2009-02-19 Relevant URL: http://www.securityfocus.com/bid/33830 Summary: Got All Media is prone to a remote denial-of-service vulnerability when processing URI requests. Exploiting this issue allows remote attackers to cause denial-of-service conditions by crashing the application. Got All Media 7.0.0.3 is vulnerable; other versions may be affected as well. 10. Agavi Multiple Cross Site Scripting Vulnerabilities BugTraq ID: 33826 Remote: Yes Date Published: 2009-02-18 Relevant URL: http://www.securityfocus.com/bid/33826 Summary: Agavi is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials. 11. Windows Live Messenger Charset Data Remote Denial Of Service Vulnerability BugTraq ID: 33825 Remote: Yes Date Published: 2009-02-18 Relevant URL: http://www.securityfocus.com/bid/33825 Summary: Windows Live Messenger is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Windows Live Messenger 2009 14.0.8064.206 is vulnerable; other versions may also be affected. 12. Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclosure Vulnerability BugTraq ID: 33803 Remote: Yes Date Published: 2009-02-17 Relevant URL: http://www.securityfocus.com/bid/33803 Summary: Microsoft XML Core Services (MSXML) is prone to an information-disclosure vulnerability because it fails to properly protect sensitive cookie data with the 'HTTPOnly' protection mechanism. A successful exploit may allow attackers to steal cookie-based authentication credentials; information harvested may aid in further attacks. III. MICROSOFT FOCUS LIST SUMMARY --------------------------------- 1. SecurityFocus Microsoft Newsletter #432 http://www.securityfocus.com/archive/88/501097 IV. UNSUBSCRIBE INSTRUCTIONS ----------------------------- To unsubscribe send an e-mail message to [email protected] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website. If your email address has changed email [email protected] and ask to be manually removed. V. SPONSOR INFORMATION ------------------------ This issue is sponsored by Sophos Security Threat Report: 2009 Predicting the future in such a rapidly evolving environment is near impossible. One only needs to count the rate at which new malware appears today compared to five years ago to see how quickly the threat has become more serious. Read our security threat report to read about the malware trends we predict will be at the forefront in 2009. http://dinclinx.com/Redirect.aspx?36;4036;35;189;0;4;259;d0ddf43bf0d4abdd
