microsoftvn
06-09-2010, 09:55 AM
Microsoft Security Bulletin Review: June 2010
Description:Microsoft Corp. has released 10 Security Bulletins encompassing 34 vulnerabilities. This report provides an initial summary of these pending issues
Security Bulletin MS10-032: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)
http://www.microsoft.com/technet/security/bulletin/MS10-032.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-032.mspx)
CVE Number: CVE-2010-0484
iDefense Title: Microsoft Windows Kernel Object Validation Vulnerability
iDefense Master ID: 595393
iDefense Severity: MEDIUM
Local exploitation of a validation vulnerability in Microsoft Corp.'s Windows operating system could allow an attacker to gain unauthorized system privileges.
CVE Number: CVE-2010-0485
iDefense Title: Microsoft Windows win32k Window Creation Privilege Escalation Vulnerability
iDefense Master ID: 595403
iDefense Severity: MEDIUM
Local exploitation of a validation vulnerability in Microsoft Corp.'s Windows operating system could allow an attacker to gain unauthorized system privileges.
CVE Number: CVE-2010-1255
iDefense Title: Microsoft Kernel Win32k TrueType Font Parsing Privilege Escalation Vulnerability
iDefense Master ID: 595420
iDefense Severity: MEDIUM
Local exploitation of a design error vulnerability in Microsoft Corp.'s kernel could allow an attacker to gain unauthorized system privileges.
Security Bulletin MS10-033: Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902)
http://www.microsoft.com/technet/security/bulletin/MS10-033.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-033.mspx)
CVE Number: CVE-2010-1879
iDefense Title: Microsoft Windows Media Decompression Vulnerability
iDefense Master ID: 595372
iDefense Severity: HIGH
Remote exploitation of a media decompression vulnerability in Microsoft Corp.'s Windows could allow an attacker to execute arbitrary code on a targeted host with the privileges of the active user.
CVE Number: CVE-2010-1880
iDefense Title: Microsoft Windows MJPEG Media Decompression Vulnerability
iDefense Master ID: 595373
iDefense Severity: HIGH
Remote exploitation of a media decompression vulnerability in Microsoft Corp.'s Windows could allow an attacker to execute arbitrary code on a targeted host with the privileges of the active user.
Security Bulletin MS10-034: Cumulative Security Update of ActiveX Kill Bits (980195)
http://www.microsoft.com/technet/security/bulletin/MS10-034.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-034.mspx)
CVE Number: CVE-2010-0252
iDefense Title: Microsoft Data Analyzer ActiveX Control Memory Corruption Vulnerability
iDefense Master ID: 595375
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Data Analyzer ActiveX control could allow an attacker to execute arbitrary code with the privileges of the victim.
CVE Number: CVE-2010-0811
iDefense Title: Microsoft Internet Explorer 8 Developer Tools Control Memory Corruption Vulnerability
iDefense Master ID: 595378
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer 8 Developer Tools Control could allow an attacker to execute arbitrary code with the privileges of the victim.
Security Bulletin MS10-035: Cumulative Security Update for Internet Explorer (982381)
http://www.microsoft.com/technet/security/bulletin/MS10-035.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-035.mspx)
CVE Number: CVE-2010-0255
iDefense Title: Microsoft Internet Explorer URLMON Sniffing Information Disclosure Vulnerability
iDefense Master ID: 568201
iDefense Severity: MEDIUM
Remote exploitation of an input validation error vulnerability in Microsoft Corp.'s Internet Explorer could allow attackers to steal sensitive information on the targeted host.
CVE Number: CVE-2010-0257
iDefense Title: Microsoft Internet Explorer 8 toStaticHTML Information Disclosure Vulnerability
iDefense Master ID: 595371
iDefense Severity: MEDIUM
Remote exploitation of an information disclosure vulnerability in Microsoft Corp.'s Internet Explorer could allow a malicious script to bypass the same origin policy of a site that uses the toStaticHTML application programming interface (API), allowing attackers to access sensitive information.
CVE Number: CVE-2010-0259
iDefense Title: Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability
iDefense Master ID: 595377
iDefense Severity: HIGH
Remote exploitation of an uninitialized memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the targeted user.
CVE Number: CVE-2010-1260
iDefense Title: Microsoft Internet Explorer 8 Developer Toolbar Memory Corruption Vulnerability
iDefense Master ID: 595381
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in version 8 of Microsoft Corp.'s Internet Explorer could allow attackers to execute arbitrary code on the targeted host under the security context of the current logged-on user.
CVE Number: CVE-2010-1261
iDefense Title: Microsoft Internet Explorer 8 Developer Toolbar Uninitialized Memory Vulnerability
iDefense Master ID: 595382
iDefense Severity: MEDIUM
Remote exploitation of an uninitialized memory vulnerability in version 8 of Microsoft Corp.'s Internet Explorer could allow attackers to execute arbitrary code on the targeted host under the security context of the current logged-on user.
CVE Number: CVE-2010-1262
iDefense Title: Microsoft Internet Explorer Uninitialized Memory Vulnerability
iDefense Master ID: 595385
iDefense Severity: HIGH
Remote exploitation of an uninitialized memory vulnerability in multiple versions of Microsoft Corp.'s Internet Explorer could allow attackers to execute arbitrary code on the targeted host under the security context of the current logged-on user.
Security Bulletin MS10-036: Vulnerability in COM validation in Microsoft Office Could Allow Remote Code Execution (983235)
http://www.microsoft.com/technet/security/bulletin/MS10-036.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-036.mspx)
CVE Number: CVE-2010-1263
iDefense Title: Microsoft Office COM Validation Vulnerability
iDefense Master ID: 595384
iDefense Severity: MEDIUM
Remote exploitation of a COM validation vulnerability in multiple versions of Microsoft Corp.'s Office could allow attackers to execute arbitrary code with the privileges of the targeted user.
Security Bulletin MS10-037: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege (980218)
http://www.microsoft.com/technet/security/bulletin/MS10-037.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-037.mspx)
CVE Number: CVE-2010-0819
iDefense Title: Microsoft Windows OpenType Compact Font Driver Memory Corruption Vulnerability
iDefense Master ID: 595386
iDefense Severity: MEDIUM
Local exploitation of a memory corruption vulnerability in multiple versions of Microsoft Corp.'s Windows could allow an attacker to gain elevated privileges on a targeted system.
Security Bulletin MS10-038: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452)
http://www.microsoft.com/technet/security/bulletin/MS10-038.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-038.mspx)
CVE Number: CVE-2010-0821
iDefense Title: Microsoft Office Excel 2007 Record Parsing Memory Corruption Vulnerability
iDefense Master ID: 595374
iDefense Severity: HIGH
Remote exploitation of a memory corruption vulnerability in versions 2007 and prior of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-0822
iDefense Title: Microsoft Office Excel 2007 Object Stack Overflow Buffer Overflow Vulnerability
iDefense Master ID: 595383
iDefense Severity: HIGH
Remote exploitation of a buffer overflow vulnerability in versions 2007 and prior of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-0823
iDefense Title: Microsoft Office Excel 2007 Memory Corruption Vulnerability
iDefense Master ID: 595388
iDefense Severity: HIGH
Remote exploitation of a memory corruption vulnerability in versions 2007 and prior of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-0824
iDefense Title: Microsoft Office Excel 2007 Record Memory Corruption Vulnerability
iDefense Master ID: 595416
iDefense Severity: HIGH
Remote exploitation of a memory corruption vulnerability in versions 2007 and prior of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-1245
iDefense Title: Microsoft Excel Record Memory Corruption Vulnerability
iDefense Master ID: 595379
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code on a targeted host with the privileges of the active user.
CVE Number: CVE-2010-1246
iDefense Title: Microsoft Excel RTD Memory Corruption Vulnerability
iDefense Master ID: 595380
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code on a targeted host with the privileges of the active user.
CVE Number: CVE-2010-1247
iDefense Title: Microsoft Excel Memory Corruption Vulnerability
iDefense Master ID: 595387
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code on a targeted host with the privileges of the active user.
CVE Number: CVE-2010-1248
iDefense Title: Microsoft Excel HFPicture Memory Corruption Vulnerability
iDefense Master ID: 595397
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code on a targeted host with the privileges of the active user.
CVE Number: CVE-2010-1249
iDefense Title: Microsoft Office Excel Unspecified Memory Corruption Vulnerability
iDefense Master ID: 595409
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in multiple versions of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-1250
iDefense Title: Microsoft Office Excel EDG Memory Corruption Vulnerability
iDefense Master ID: 595410
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in multiple versions of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-1251
iDefense Title: Microsoft Excel Record Stack Corruption Vulnerability
iDefense Master ID: 595421
iDefense Severity: MEDIUM
Remote exploitation of a record stack corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-1252
iDefense Title: Microsoft Excel String Variable Vulnerability
iDefense Master ID: 595424
iDefense Severity: MEDIUM
Remote exploitation of a string variable vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-1253
iDefense Title: Microsoft Office Excel 2007 ADO Object Design Error Vulnerability
iDefense Master ID: 595428
iDefense Severity: HIGH
Remote exploitation of a design error vulnerability in versions 2007 and prior of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-1254
iDefense Title: Microsoft Mac Office Open XML Permissions Privilege Escalation Vulnerability
iDefense Master ID: 595427
iDefense Severity: MEDIUM
Remote exploitation of a design error vulnerability in Microsoft Corp.'s Mac Office could allow attackers to gain escalated privileges on the targeted host.
Security Bulletin MS10-039: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554)
http://www.microsoft.com/technet/security/bulletin/MS10-039.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-039.mspx)
CVE Number: CVE-2010-0817
iDefense Title: Microsoft SharePoint 2007 "cid0" Variable Cross-Site Scripting (XSS) Vulnerability
iDefense Master ID: 593004
iDefense Severity: LOW
Remote exploitation of an input validation error vulnerability in Microsoft Corp.'s SharePoint 2007 could allow attackers to steal sensitive information on the targeted host.
CVE Number: CVE-2010-1257
iDefense Title: Microsoft SharePoint "toStaticHTML" Input Validation Error Vulnerability
iDefense Master ID: 595412
iDefense Severity: LOW
Remote exploitation of an input validation error vulnerability in Microsoft Corp.'s SharePoint could allow an attacker to steal sensitive information on the targeted host.
CVE Number: CVE-2010-1264
iDefense Title: Microsoft SharePoint Help Page DoS Vulnerability
iDefense Master ID: 595413
iDefense Severity: MEDIUM
Remote exploitation of a design error vulnerability in Microsoft Corp.'s SharePoint could allow an attacker to create a denial of service (DoS) condition on the targeted host.
Security Bulletin MS10-040: Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)
http://www.microsoft.com/technet/security/bulletin/MS10-040.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-040.mspx)
CVE Number: CVE-2010-1256
iDefense Title: Microsoft Internet Information Services (IIS) Extended Protection for Authentication Memory Corruption Vulnerability
iDefense Master ID: 595376
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in multiple versions of Microsoft Corp.'s Internet Information Services (IIS) could allow attackers to execute arbitrary code on the targeted host.
Security Bulletin MS10-041: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343)
http://www.microsoft.com/technet/security/bulletin/MS10-041.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-041.mspx)
CVE Number: CVE-2010-0217
iDefense Title: Multiple Vendor W3C XMLDsig XML Signature HMAC Truncation Authentication Bypass Vulnerability
iDefense Master ID: 491086
iDefense Severity: MEDIUM
Remote exploitation of a design error vulnerability in W3C's XML Signature Syntax and Processing standard (XMLDsig), as included in various vendors' applications, could allow an attacker to bypass authentication.
The related individual vulnerability intelligence reports will be available within the iDefense Intelligence Web portal, which iDefense customers can access here (https://idefense.verisign.com/portal/login.do).
Sources:
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-032.mspx) (Microsoft Security Bulletin MS10-032), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-033.mspx) (Microsoft Security Bulletin MS10-033), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-034.mspx) (Microsoft Security Bulletin MS10-034), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-035.mspx) (Microsoft Security Bulletin MS10-035), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-036.mspx) (Microsoft Security Bulletin MS10-036), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-037.mspx) (Microsoft Security Bulletin MS10-037), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-038.mspx) (Microsoft Security Bulletin MS10-038), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-0329.mspx) (Microsoft Security Bulletin MS10-039), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-040.mspx) (Microsoft Security Bulletin MS10-040), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-041.mspx) (Microsoft Security Bulletin MS10-041), 2010-06-08
Analysis:iDefense considers the cumulative rating of these reports to be of HIGH severity.
Detection:N/A
Exploit:N/A
Workaround:N/A
Vendor Fix:N/A
Report Type:
Known Vulnerability
Vulnerability Types:
Buffer Overflow, Design Error, Other Error
CVSS Severity:
Base: 9.3
Temporal: 6.9 (High)
CVSS Score(V2) Vector:
AccessVector:Network/AccessComplexity:Medium/Authentication:None/ConfImpact:Complete/IntegImpact:Complete/AvailImpact:Complete/Exploitability:Unproven that exploit exists/RemediationLevel:Official Fix/ReportConfidence:Confirmed (http://nvd.nist.gov/cvss.cfm?version=2&vector=(av:N/ac:M/au:N/c:C/i:C/a:C/e:U/rl:OF/rc:C)&name=)
Exploitability Metrics
Related exploit range (AccessVector):
Network
Attack complexity (AccessComplexity):
Medium
Level of authentication needed (Authentication):
None
Impact Metrics
Confidentiality impact (ConfImpact):
Complete
Integrity impact (IntegImpact):
Complete
Availability impact (AvailImpact):
Complete
Temporal Score Metrics
Availability of exploit (Exploitability):
Unproven that exploit exists
Type of fix available (RemediationLevel):
Official Fix
Level of verification that vulnerability exists (ReportConfidence):
Confirmed
Prevalence and Popularity:Almost Always
Description:Microsoft Corp. has released 10 Security Bulletins encompassing 34 vulnerabilities. This report provides an initial summary of these pending issues
Security Bulletin MS10-032: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)
http://www.microsoft.com/technet/security/bulletin/MS10-032.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-032.mspx)
CVE Number: CVE-2010-0484
iDefense Title: Microsoft Windows Kernel Object Validation Vulnerability
iDefense Master ID: 595393
iDefense Severity: MEDIUM
Local exploitation of a validation vulnerability in Microsoft Corp.'s Windows operating system could allow an attacker to gain unauthorized system privileges.
CVE Number: CVE-2010-0485
iDefense Title: Microsoft Windows win32k Window Creation Privilege Escalation Vulnerability
iDefense Master ID: 595403
iDefense Severity: MEDIUM
Local exploitation of a validation vulnerability in Microsoft Corp.'s Windows operating system could allow an attacker to gain unauthorized system privileges.
CVE Number: CVE-2010-1255
iDefense Title: Microsoft Kernel Win32k TrueType Font Parsing Privilege Escalation Vulnerability
iDefense Master ID: 595420
iDefense Severity: MEDIUM
Local exploitation of a design error vulnerability in Microsoft Corp.'s kernel could allow an attacker to gain unauthorized system privileges.
Security Bulletin MS10-033: Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902)
http://www.microsoft.com/technet/security/bulletin/MS10-033.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-033.mspx)
CVE Number: CVE-2010-1879
iDefense Title: Microsoft Windows Media Decompression Vulnerability
iDefense Master ID: 595372
iDefense Severity: HIGH
Remote exploitation of a media decompression vulnerability in Microsoft Corp.'s Windows could allow an attacker to execute arbitrary code on a targeted host with the privileges of the active user.
CVE Number: CVE-2010-1880
iDefense Title: Microsoft Windows MJPEG Media Decompression Vulnerability
iDefense Master ID: 595373
iDefense Severity: HIGH
Remote exploitation of a media decompression vulnerability in Microsoft Corp.'s Windows could allow an attacker to execute arbitrary code on a targeted host with the privileges of the active user.
Security Bulletin MS10-034: Cumulative Security Update of ActiveX Kill Bits (980195)
http://www.microsoft.com/technet/security/bulletin/MS10-034.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-034.mspx)
CVE Number: CVE-2010-0252
iDefense Title: Microsoft Data Analyzer ActiveX Control Memory Corruption Vulnerability
iDefense Master ID: 595375
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Data Analyzer ActiveX control could allow an attacker to execute arbitrary code with the privileges of the victim.
CVE Number: CVE-2010-0811
iDefense Title: Microsoft Internet Explorer 8 Developer Tools Control Memory Corruption Vulnerability
iDefense Master ID: 595378
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer 8 Developer Tools Control could allow an attacker to execute arbitrary code with the privileges of the victim.
Security Bulletin MS10-035: Cumulative Security Update for Internet Explorer (982381)
http://www.microsoft.com/technet/security/bulletin/MS10-035.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-035.mspx)
CVE Number: CVE-2010-0255
iDefense Title: Microsoft Internet Explorer URLMON Sniffing Information Disclosure Vulnerability
iDefense Master ID: 568201
iDefense Severity: MEDIUM
Remote exploitation of an input validation error vulnerability in Microsoft Corp.'s Internet Explorer could allow attackers to steal sensitive information on the targeted host.
CVE Number: CVE-2010-0257
iDefense Title: Microsoft Internet Explorer 8 toStaticHTML Information Disclosure Vulnerability
iDefense Master ID: 595371
iDefense Severity: MEDIUM
Remote exploitation of an information disclosure vulnerability in Microsoft Corp.'s Internet Explorer could allow a malicious script to bypass the same origin policy of a site that uses the toStaticHTML application programming interface (API), allowing attackers to access sensitive information.
CVE Number: CVE-2010-0259
iDefense Title: Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability
iDefense Master ID: 595377
iDefense Severity: HIGH
Remote exploitation of an uninitialized memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the targeted user.
CVE Number: CVE-2010-1260
iDefense Title: Microsoft Internet Explorer 8 Developer Toolbar Memory Corruption Vulnerability
iDefense Master ID: 595381
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in version 8 of Microsoft Corp.'s Internet Explorer could allow attackers to execute arbitrary code on the targeted host under the security context of the current logged-on user.
CVE Number: CVE-2010-1261
iDefense Title: Microsoft Internet Explorer 8 Developer Toolbar Uninitialized Memory Vulnerability
iDefense Master ID: 595382
iDefense Severity: MEDIUM
Remote exploitation of an uninitialized memory vulnerability in version 8 of Microsoft Corp.'s Internet Explorer could allow attackers to execute arbitrary code on the targeted host under the security context of the current logged-on user.
CVE Number: CVE-2010-1262
iDefense Title: Microsoft Internet Explorer Uninitialized Memory Vulnerability
iDefense Master ID: 595385
iDefense Severity: HIGH
Remote exploitation of an uninitialized memory vulnerability in multiple versions of Microsoft Corp.'s Internet Explorer could allow attackers to execute arbitrary code on the targeted host under the security context of the current logged-on user.
Security Bulletin MS10-036: Vulnerability in COM validation in Microsoft Office Could Allow Remote Code Execution (983235)
http://www.microsoft.com/technet/security/bulletin/MS10-036.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-036.mspx)
CVE Number: CVE-2010-1263
iDefense Title: Microsoft Office COM Validation Vulnerability
iDefense Master ID: 595384
iDefense Severity: MEDIUM
Remote exploitation of a COM validation vulnerability in multiple versions of Microsoft Corp.'s Office could allow attackers to execute arbitrary code with the privileges of the targeted user.
Security Bulletin MS10-037: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege (980218)
http://www.microsoft.com/technet/security/bulletin/MS10-037.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-037.mspx)
CVE Number: CVE-2010-0819
iDefense Title: Microsoft Windows OpenType Compact Font Driver Memory Corruption Vulnerability
iDefense Master ID: 595386
iDefense Severity: MEDIUM
Local exploitation of a memory corruption vulnerability in multiple versions of Microsoft Corp.'s Windows could allow an attacker to gain elevated privileges on a targeted system.
Security Bulletin MS10-038: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452)
http://www.microsoft.com/technet/security/bulletin/MS10-038.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-038.mspx)
CVE Number: CVE-2010-0821
iDefense Title: Microsoft Office Excel 2007 Record Parsing Memory Corruption Vulnerability
iDefense Master ID: 595374
iDefense Severity: HIGH
Remote exploitation of a memory corruption vulnerability in versions 2007 and prior of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-0822
iDefense Title: Microsoft Office Excel 2007 Object Stack Overflow Buffer Overflow Vulnerability
iDefense Master ID: 595383
iDefense Severity: HIGH
Remote exploitation of a buffer overflow vulnerability in versions 2007 and prior of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-0823
iDefense Title: Microsoft Office Excel 2007 Memory Corruption Vulnerability
iDefense Master ID: 595388
iDefense Severity: HIGH
Remote exploitation of a memory corruption vulnerability in versions 2007 and prior of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-0824
iDefense Title: Microsoft Office Excel 2007 Record Memory Corruption Vulnerability
iDefense Master ID: 595416
iDefense Severity: HIGH
Remote exploitation of a memory corruption vulnerability in versions 2007 and prior of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-1245
iDefense Title: Microsoft Excel Record Memory Corruption Vulnerability
iDefense Master ID: 595379
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code on a targeted host with the privileges of the active user.
CVE Number: CVE-2010-1246
iDefense Title: Microsoft Excel RTD Memory Corruption Vulnerability
iDefense Master ID: 595380
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code on a targeted host with the privileges of the active user.
CVE Number: CVE-2010-1247
iDefense Title: Microsoft Excel Memory Corruption Vulnerability
iDefense Master ID: 595387
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code on a targeted host with the privileges of the active user.
CVE Number: CVE-2010-1248
iDefense Title: Microsoft Excel HFPicture Memory Corruption Vulnerability
iDefense Master ID: 595397
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code on a targeted host with the privileges of the active user.
CVE Number: CVE-2010-1249
iDefense Title: Microsoft Office Excel Unspecified Memory Corruption Vulnerability
iDefense Master ID: 595409
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in multiple versions of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-1250
iDefense Title: Microsoft Office Excel EDG Memory Corruption Vulnerability
iDefense Master ID: 595410
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in multiple versions of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-1251
iDefense Title: Microsoft Excel Record Stack Corruption Vulnerability
iDefense Master ID: 595421
iDefense Severity: MEDIUM
Remote exploitation of a record stack corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-1252
iDefense Title: Microsoft Excel String Variable Vulnerability
iDefense Master ID: 595424
iDefense Severity: MEDIUM
Remote exploitation of a string variable vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-1253
iDefense Title: Microsoft Office Excel 2007 ADO Object Design Error Vulnerability
iDefense Master ID: 595428
iDefense Severity: HIGH
Remote exploitation of a design error vulnerability in versions 2007 and prior of Microsoft Corp.'s Excel could allow attackers to execute arbitrary code on the targeted host.
CVE Number: CVE-2010-1254
iDefense Title: Microsoft Mac Office Open XML Permissions Privilege Escalation Vulnerability
iDefense Master ID: 595427
iDefense Severity: MEDIUM
Remote exploitation of a design error vulnerability in Microsoft Corp.'s Mac Office could allow attackers to gain escalated privileges on the targeted host.
Security Bulletin MS10-039: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554)
http://www.microsoft.com/technet/security/bulletin/MS10-039.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-039.mspx)
CVE Number: CVE-2010-0817
iDefense Title: Microsoft SharePoint 2007 "cid0" Variable Cross-Site Scripting (XSS) Vulnerability
iDefense Master ID: 593004
iDefense Severity: LOW
Remote exploitation of an input validation error vulnerability in Microsoft Corp.'s SharePoint 2007 could allow attackers to steal sensitive information on the targeted host.
CVE Number: CVE-2010-1257
iDefense Title: Microsoft SharePoint "toStaticHTML" Input Validation Error Vulnerability
iDefense Master ID: 595412
iDefense Severity: LOW
Remote exploitation of an input validation error vulnerability in Microsoft Corp.'s SharePoint could allow an attacker to steal sensitive information on the targeted host.
CVE Number: CVE-2010-1264
iDefense Title: Microsoft SharePoint Help Page DoS Vulnerability
iDefense Master ID: 595413
iDefense Severity: MEDIUM
Remote exploitation of a design error vulnerability in Microsoft Corp.'s SharePoint could allow an attacker to create a denial of service (DoS) condition on the targeted host.
Security Bulletin MS10-040: Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)
http://www.microsoft.com/technet/security/bulletin/MS10-040.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-040.mspx)
CVE Number: CVE-2010-1256
iDefense Title: Microsoft Internet Information Services (IIS) Extended Protection for Authentication Memory Corruption Vulnerability
iDefense Master ID: 595376
iDefense Severity: MEDIUM
Remote exploitation of a memory corruption vulnerability in multiple versions of Microsoft Corp.'s Internet Information Services (IIS) could allow attackers to execute arbitrary code on the targeted host.
Security Bulletin MS10-041: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343)
http://www.microsoft.com/technet/security/bulletin/MS10-041.mspx (http://www.microsoft.com/technet/security/bulletin/MS10-041.mspx)
CVE Number: CVE-2010-0217
iDefense Title: Multiple Vendor W3C XMLDsig XML Signature HMAC Truncation Authentication Bypass Vulnerability
iDefense Master ID: 491086
iDefense Severity: MEDIUM
Remote exploitation of a design error vulnerability in W3C's XML Signature Syntax and Processing standard (XMLDsig), as included in various vendors' applications, could allow an attacker to bypass authentication.
The related individual vulnerability intelligence reports will be available within the iDefense Intelligence Web portal, which iDefense customers can access here (https://idefense.verisign.com/portal/login.do).
Sources:
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-032.mspx) (Microsoft Security Bulletin MS10-032), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-033.mspx) (Microsoft Security Bulletin MS10-033), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-034.mspx) (Microsoft Security Bulletin MS10-034), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-035.mspx) (Microsoft Security Bulletin MS10-035), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-036.mspx) (Microsoft Security Bulletin MS10-036), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-037.mspx) (Microsoft Security Bulletin MS10-037), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-038.mspx) (Microsoft Security Bulletin MS10-038), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-0329.mspx) (Microsoft Security Bulletin MS10-039), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-040.mspx) (Microsoft Security Bulletin MS10-040), 2010-06-08
Microsoft Corp. (http://www.microsoft.com/technet/security/bulletin/ms10-041.mspx) (Microsoft Security Bulletin MS10-041), 2010-06-08
Analysis:iDefense considers the cumulative rating of these reports to be of HIGH severity.
Detection:N/A
Exploit:N/A
Workaround:N/A
Vendor Fix:N/A
Report Type:
Known Vulnerability
Vulnerability Types:
Buffer Overflow, Design Error, Other Error
CVSS Severity:
Base: 9.3
Temporal: 6.9 (High)
CVSS Score(V2) Vector:
AccessVector:Network/AccessComplexity:Medium/Authentication:None/ConfImpact:Complete/IntegImpact:Complete/AvailImpact:Complete/Exploitability:Unproven that exploit exists/RemediationLevel:Official Fix/ReportConfidence:Confirmed (http://nvd.nist.gov/cvss.cfm?version=2&vector=(av:N/ac:M/au:N/c:C/i:C/a:C/e:U/rl:OF/rc:C)&name=)
Exploitability Metrics
Related exploit range (AccessVector):
Network
Attack complexity (AccessComplexity):
Medium
Level of authentication needed (Authentication):
None
Impact Metrics
Confidentiality impact (ConfImpact):
Complete
Integrity impact (IntegImpact):
Complete
Availability impact (AvailImpact):
Complete
Temporal Score Metrics
Availability of exploit (Exploitability):
Unproven that exploit exists
Type of fix available (RemediationLevel):
Official Fix
Level of verification that vulnerability exists (ReportConfidence):
Confirmed
Prevalence and Popularity:Almost Always
