ICT Update ~ IT geek

Friday, 4 January 2013

Microsoft Releases Security Advisory on Fraudulent Digital Certificates

Microsoft has released Security Advisory 2798897 in response to active attacks using fraudulent digital certificates issued by TURKTRUST Inc.

These fraudulent certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This vulnerability affects all supported releases of Microsoft Windows.

This update revokes the trust of the fraudulent certificates and places them in the Microsoft Untrusted Certificate Store.

US-CERT encourages users and administrators to review Microsoft Security Advisory 2798897 and follow best-practice security policies to determine if the update should be applied.

Wednesday, 12 December 2012

Microsoft Security Bulletin MS12-043 - Critical

Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479)

General Information

Executive Summary

This security update resolves a publicly disclosed vulnerability in Microsoft XML Core Services. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes the user to the attacker's website.
This security update is rated Critical for Microsoft XML Core Services 3.0, Microsoft XML Core Services 4.0, and Microsoft XML Core Services 6.0 on all supported editions of Windows XP, Windows Vista, and Windows 7; Critical for Microsoft XML Core Services 4.0 when installed on all supported editions of Windows 8; Critical for Microsoft XML Core Services 5.0 when installed with all supported editions of Microsoft Office 2003, Microsoft Office 2007, Microsoft Office Word Viewer, Microsoft Office Compatibility Pack, Microsoft Expression Web, Microsoft Office SharePoint Server 2007, Microsoft Groove 2007, and Microsoft Groove Server 2007; Moderate for Microsoft XML Core Services 3.0, 4.0, and 6.0 on all supported editions of Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2; and Moderate for Microsoft XML Core Services 4.0 when installed on all supported editions of Windows Server 2012. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerability by modifying the way that MSXML initializes objects in memory before use. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
This security update also addresses the vulnerability first described in Microsoft Security Advisory 2719615.
Recommendation. The majority of customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.
For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service.
See also the section, Detection and Deployment Tools and Guidance, later in this bulletin.
Known Issues. Microsoft Knowledge Base Article 2722479 documents the currently known issues that customers may experience when installing this security update. The article also documents recommended solutions for these issues. When currently known issues and recommended solutions pertain only to specific releases of this software, this article provides links to further articles.

Affected and Non-Affected Software

The following software have been tested to determine which versions or editions are affected. Other versions or editions are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, visit Microsoft Support Lifecycle.
Affected Software
Windows Operating Systems and Components

Operating System	Component	Maximum Security Impact	Aggregate Severity Rating	Updates Replaced
Windows XP
Windows XP Service Pack 3	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Critical	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 KB954459 in MS08-069 replaced by KB2719985
Windows XP Professional x64 Edition Service Pack 2	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2721693)	Remote Code Execution	Critical	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 KB954459 in MS08-069 replaced by KB2721693
Windows Server 2003
Windows Server 2003 Service Pack 2	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2721693)	Remote Code Execution	Moderate	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 KB954459 in MS08-069 replaced by KB2721693
Windows Server 2003 x64 Edition Service Pack 2	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2721693)	Remote Code Execution	Moderate	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 KB954459 in MS08-069 replaced by KB2721693
Windows Server 2003 with SP2 for Itanium-based Systems	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2721693)	Remote Code Execution	Moderate	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 KB954459 in MS08-069 replaced by KB2721693
Windows Vista
Windows Vista Service Pack 2	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Critical	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows Vista x64 Edition Service Pack 2	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Critical	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows Server 2008
Windows Server 2008 for 32-bit Systems Service Pack 2	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Moderate	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows Server 2008 for x64-based Systems Service Pack 2	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Moderate	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows Server 2008 for Itanium-based Systems Service Pack 2	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Moderate	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows 7
Windows 7 for 32-bit Systems	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Critical	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows 7 for 32-bit Systems Service Pack 1	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Critical	No updates replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows 7 for x64-based Systems	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Critical	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows 7 for x64-based Systems Service Pack 1	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Critical	No updates replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows Server 2008 R2
Windows Server 2008 R2 for x64-based Systems	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Moderate	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows Server 2008 R2 for x64-based Systems Service Pack 1	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Moderate	No updates replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows Server 2008 R2 for Itanium-based Systems	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Moderate	KB2079403 in MS10-051 replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1	Microsoft XML Core Services 3.0 (KB2719985) Microsoft XML Core Services 4.0 (KB2721691) Microsoft XML Core Services 6.0 (KB2719985)	Remote Code Execution	Moderate	No updates replaced by KB2719985 KB954430 in MS08-069 replaced by KB2721691 No updates replaced by KB2719985
Windows 8
Windows 8 for 32-bit Systems	Microsoft XML Core Services 4.0 (KB2721691)	Remote Code Execution	Critical	None
Windows 8 for 64-bit Systems	Microsoft XML Core Services 4.0 (KB2721691)	Remote Code Execution	Critical	None
Windows Server 2012
Windows Server 2012	Microsoft XML Core Services 4.0 (KB2721691)	Remote Code Execution	Moderate	None

Microsoft Office Suites and Software

Office Software	Component	Maximum Security Impact	Aggregate Severity Rating	Updates Replaced
Microsoft Office Suites and Components
Microsoft Office 2003 Service Pack 3	Microsoft XML Core Services 5.0^[1] (KB2687627)	Remote Code Execution	Critical	KB951535 in MS08-069 replaced by KB2687324 or KB2687627
Microsoft Office 2007 Service Pack 2	Microsoft XML Core Services 5.0 (KB2596856)	Remote Code Execution	Critical	None
Microsoft Office 2007 Service Pack 3	Microsoft XML Core Services 5.0 (KB2596856)	Remote Code Execution	Critical	None
Other Microsoft Office Software
Microsoft Office Word Viewer	Microsoft XML Core Services 5.0 (KB2596856)	Remote Code Execution	Critical	None
Microsoft Office Compatibility Pack Service Pack 2	Microsoft XML Core Services 5.0 (KB2596856)	Remote Code Execution	Critical	None
Microsoft Office Compatibility Pack Service Pack 3	Microsoft XML Core Services 5.0 (KB2596856)	Remote Code Execution	Critical	None
Microsoft Groove 2007 Service Pack 2	Microsoft XML Core Services 5.0^[²^] (KB2687497)	Remote Code Execution	Critical	None
Microsoft Groove 2007 Service Pack 3	Microsoft XML Core Services 5.0^[²^] (KB2687497)	Remote Code Execution	Critical	None

^[1]Although the rereleased update (KB2687627) replaces the original update (KB2687324) for Microsoft Office 2003 Service Pack 3, customers who have successfully installed the KB2687324 update do not need to install the KB2687627 update. For more information, see the update FAQ.
^[2]Although the rereleased update (KB2687497) replaces the original update (KB2596679) for Microsoft Groove 2007 Service Pack 2 and Microsoft Groove 2007 Service Pack 3, customers who have successfully installed the KB2596679 update do not need to install the KB2687497 update. For more information, see the update FAQ.

Microsoft Developer Tools and Software

Software	Component	Maximum Security Impact	Aggregate Severity Rating	Updates Replaced
Microsoft Expression Web Service Pack 1	Microsoft XML Core Services 5.0 (KB2596856)	Remote Code Execution	Critical	None
Microsoft Expression Web 2	Microsoft XML Core Services 5.0 (KB2596856)	Remote Code Execution	Critical	KB951550 in MS08-069 replaced by KB2596856

Microsoft Server Software

Software	Component	Maximum Security Impact	Aggregate Severity Rating	Updates Replaced
Microsoft Office SharePoint Server 2007 Service Pack 2 (32-bit editions)	Microsoft XML Core Services 5.0^[²^] (KB2687497)	Remote Code Execution	Critical	None
Microsoft Office SharePoint Server 2007 Service Pack 2 (64-bit editions)	Microsoft XML Core Services 5.0^[²^] (KB2687497)	Remote Code Execution	Critical	None
Microsoft Office SharePoint Server 2007 Service Pack 3 (32-bit editions)	Microsoft XML Core Services 5.0^[²^] (KB2687497)	Remote Code Execution	Critical	None
Microsoft Office SharePoint Server 2007 Service Pack 3 (64-bit editions)	Microsoft XML Core Services 5.0^[²^] (KB2687497)	Remote Code Execution	Critical	None
Microsoft Groove Server 2007 Service Pack 2	Microsoft XML Core Services 5.0^[²^] (KB2687497)	Remote Code Execution	Critical	None
Microsoft Groove Server 2007 Service Pack 3	Microsoft XML Core Services 5.0^[²^] (KB2687497)	Remote Code Execution	Critical	None

^[2]Although the rereleased update (KB2687497) replaces the original update (KB2596679) for affected editions of Microsoft Office SharePoint Server 2007 and Microsoft Groove Server 2007, customers who have successfully installed the KB2596679 update do not need to install the KB2687497 update. For more information, see the update FAQ.

Friday, 7 December 2012

Microsoft Security Bulletin Advance Notification for December 2012

This advance notification provides a number as the bulletin identifier, because the official Microsoft Security Bulletin numbers are not issued until release. The bulletin summary that replaces this advance notification will have the proper Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the bulletin identifier.

The following table summarizes the security bulletins for this month in order of severity.

For details on affected software, see the next section, Affected Software.

Bulletin ID	Maximum Severity Rating and Vulnerability Impact	Restart Requirement	Affected Software
Bulletin 1	Critical Remote Code Execution	Requires restart	Microsoft Windows, Internet Explorer
Bulletin 2	Critical Remote Code Execution	Requires restart	Microsoft Windows
Bulletin 3	Critical Remote Code Execution	May require restart	Microsoft Office, Microsoft Server Software
Bulletin 4	Critical Remote Code Execution	May require restart	Microsoft Server Software
Bulletin 5	Critical Remote Code Execution	Requires restart	Microsoft Windows
Bulletin 6	Important Remote Code Execution	Requires restart	Microsoft Windows
Bulletin 7	Important Security Feature Bypass	Requires restart	Microsoft Windows

Affected Software

Windows Operating System and Components

Windows XP
Bulletin Identifier	Bulletin 1	Bulletin 2	Bulletin 5	Bulletin 6	Bulletin 7
Aggregate Severity Rating	None	Critical	Critical	Important	None
Windows XP Service Pack 3	Internet Explorer 6 (No severity rating) Internet Explorer 7 (No severity rating) Internet Explorer 8 (No severity rating)	Windows XP Service Pack 3 (Critical)	Windows XP Service Pack 3 (Critical)	Windows XP Service Pack 3 (Important)	Not applicable
Windows XP Professional x64 Edition Service Pack 2	Internet Explorer 6 (No severity rating) Internet Explorer 7 (No severity rating) Internet Explorer 8 (No severity rating)	Windows XP Professional x64 Edition Service Pack 2 (Critical)	Windows XP Professional x64 Edition Service Pack 2 (Critical)	Windows XP Professional x64 Edition Service Pack 2 (Important)	Not applicable
Windows Server 2003
Bulletin Identifier	Bulletin 1	Bulletin 2	Bulletin 5	Bulletin 6	Bulletin 7
Aggregate Severity Rating	None	Critical	Critical	Important	None
Windows Server 2003 Service Pack 2	Internet Explorer 6 (No severity rating) Internet Explorer 7 (No severity rating) Internet Explorer 8 (No severity rating)	Windows Server 2003 Service Pack 2 (Critical)	Windows Server 2003 Service Pack 2 (Critical)	Windows Server 2003 Service Pack 2 (Important)	Not applicable
Windows Server 2003 x64 Edition Service Pack 2	Internet Explorer 6 (No severity rating) Internet Explorer 7 (No severity rating) Internet Explorer 8 (No severity rating)	Windows Server 2003 x64 Edition Service Pack 2 (Critical)	Windows Server 2003 x64 Edition Service Pack 2 (Critical)	Windows Server 2003 x64 Edition Service Pack 2 (Important)	Not applicable
Windows Server 2003 with SP2 for Itanium-based Systems	Internet Explorer 6 (No severity rating) Internet Explorer 7 (No severity rating)	Windows Server 2003 with SP2 for Itanium-based Systems (Critical)	Windows Server 2003 with SP2 for Itanium-based Systems (Critical)	Windows Server 2003 with SP2 for Itanium-based Systems (Important)	Not applicable
Windows Vista
Bulletin Identifier	Bulletin 1	Bulletin 2	Bulletin 5	Bulletin 6	Bulletin 7
Aggregate Severity Rating	Critical	Critical	Critical	Important	None
Windows Vista Service Pack 2	Internet Explorer 7 (No severity rating) Internet Explorer 8 (No severity rating) Internet Explorer 9 (Critical)	Windows Vista Service Pack 2 (Critical)	Windows Vista Service Pack 2 (Critical)	Windows Vista Service Pack 2 (Important)	Not applicable
Windows Vista x64 Edition Service Pack 2	Internet Explorer 7 (No severity rating) Internet Explorer 8 (No severity rating) Internet Explorer 9 (Critical)	Windows Vista x64 Edition Service Pack 2 (Critical)	Windows Vista x64 Edition Service Pack 2 (Critical)	Windows Vista x64 Edition Service Pack 2 (Important)	Not applicable
Windows Server 2008
Bulletin Identifier	Bulletin 1	Bulletin 2	Bulletin 5	Bulletin 6	Bulletin 7
Aggregate Severity Rating	Moderate	Critical	Critical	Important	None
Windows Server 2008 for 32-bit Systems Service Pack 2	Internet Explorer 7 (No severity rating) Internet Explorer 8 (No severity rating) Internet Explorer 9 (Moderate)	Windows Server 2008 for 32-bit Systems Service Pack 2 (Critical)	Windows Server 2008 for 32-bit Systems Service Pack 2 (Critical)	Windows Server 2008 for 32-bit Systems Service Pack 2 (Important)	Not applicable
Windows Server 2008 for x64-based Systems Service Pack 2	Internet Explorer 7 (No severity rating) Internet Explorer 8 (No severity rating) Internet Explorer 9 (Moderate)	Windows Server 2008 for x64-based Systems Service Pack 2 (Critical)	Windows Server 2008 for x64-based Systems Service Pack 2 (Critical)	Windows Server 2008 for x64-based Systems Service Pack 2 (Important)	Not applicable
Windows Server 2008 for Itanium-based Systems Service Pack 2	Internet Explorer 7 (No severity rating)	Windows Server 2008 for Itanium-based Systems Service Pack 2 (Critical)	Windows Server 2008 for Itanium-based Systems Service Pack 2 (Critical)	Windows Server 2008 for Itanium-based Systems Service Pack 2 (Important)	Not applicable
Windows 7
Bulletin Identifier	Bulletin 1	Bulletin 2	Bulletin 5	Bulletin 6	Bulletin 7
Aggregate Severity Rating	Critical	Critical	Critical	Important	None
Windows 7 for 32-bit Systems	Internet Explorer 8 (No severity rating) Internet Explorer 9 (Critical)	Windows 7 for 32-bit Systems (Critical)	Windows 7 for 32-bit Systems (Critical)	Windows 7 for 32-bit Systems (Important)	Not applicable
Windows 7 for 32-bit Systems Service Pack 1	Internet Explorer 8 (No severity rating) Internet Explorer 9 (Critical)	Windows 7 for 32-bit Systems Service Pack 1 (Critical)	Windows 7 for 32-bit Systems Service Pack 1 (Critical)	Windows 7 for 32-bit Systems Service Pack 1 (Important)	Not applicable
Windows 7 for x64-based Systems	Internet Explorer 8 (No severity rating) Internet Explorer 9 (Critical)	Windows 7 for x64-based Systems (Critical)	Windows 7 for x64-based Systems (Critical)	Windows 7 for x64-based Systems (Important)	Not applicable
Windows 7 for x64-based Systems Service Pack 1	Internet Explorer 8 (No severity rating) Internet Explorer 9 (Critical)	Windows 7 for x64-based Systems Service Pack 1 (Critical)	Windows 7 for x64-based Systems Service Pack 1 (Critical)	Windows 7 for x64-based Systems Service Pack 1 (Important)	Not applicable
Windows Server 2008 R2
Bulletin Identifier	Bulletin 1	Bulletin 2	Bulletin 5	Bulletin 6	Bulletin 7
Aggregate Severity Rating	Moderate	Critical	Critical	Important	Important
Windows Server 2008 R2 for x64-based Systems	Internet Explorer 8 (No severity rating) Internet Explorer 9 (Moderate)	Windows Server 2008 R2 for x64-based Systems (Critical)	Windows Server 2008 R2 for x64-based Systems (Critical)	Windows Server 2008 R2 for x64-based Systems (Important)	Windows Server 2008 R2 for x64-based Systems (Important)
Windows Server 2008 R2 for x64-based Systems Service Pack 1	Internet Explorer 8 (No severity rating) Internet Explorer 9 (Moderate)	Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Critical)	Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Critical)	Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Important)	Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Important)
Windows Server 2008 R2 for Itanium-based Systems	Internet Explorer 8 (No severity rating)	Windows Server 2008 R2 for Itanium-based Systems (Critical)	Windows Server 2008 R2 for Itanium-based Systems (Critical)	Windows Server 2008 R2 for Itanium-based Systems (Important)	Windows Server 2008 R2 for Itanium-based Systems (Important)
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1	Internet Explorer 8 (No severity rating)	Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 (Critical)	Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 (Critical)	Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 (Important)	Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 (Important)

Tuesday, 27 November 2012

Vulnerability Summary for the Week of November 19, 2012

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cyber Security Division (NCSD) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

High Vulnerabilities
Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
Back to top
adobe -- coldfusion	Unspecified vulnerability in Adobe ColdFusion 10 before Update 5, when Internet Information Services (IIS) is used, allows attackers to cause a denial of service via unknown vectors.	2012-11-20	7.1	CVE-2012-5674
agilefleet -- fleetcommander	Multiple SQL injection vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.	2012-11-18	7.5	CVE-2012-4941
agilefleet -- fleetcommander	Multiple cross-site request forgery (CSRF) vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to hijack the authentication of arbitrary users for requests that modify (1) passwords, (2) accounts, or (3) permissions.	2012-11-18	7.5	CVE-2012-4943
agilefleet -- fleetcommander	Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified page.	2012-11-18	7.5	CVE-2012-4944
agilefleet -- fleetcommander	Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection" issue.	2012-11-18	7.5	CVE-2012-4945
apple -- cups	CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.	2012-11-19	7.2	CVE-2012-5519
flashtux -- weechat	Heap-based buffer overflow in WeeChat 0.3.6 through 0.3.9 allows remote attackers to cause a denial of service (crash or hang) and possibly execute arbitrary code via crafted IRC colors that are not properly decoded.	2012-11-19	7.5	CVE-2012-5854
gegl -- gegl	Multiple integer overflows in operations/external/ppm-load.c in GEGL (Generic Graphics Library) 0.2.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large (1) width or (2) height value in a Portable Pixel Map (ppm) image, which triggers a heap-based buffer overflow.	2012-11-18	7.5	CVE-2012-4433
havalite -- cms	SQL injection vulnerability in hava_post.php in Havalite CMS 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the postId parameter.	2012-11-17	7.5	CVE-2012-5894
ibm -- websphere_datapower_xc10_appliance	The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2 does not require authentication for an unspecified interface, which allows remote attackers to cause a denial of service (process exit) via unknown vectors.	2012-11-23	7.8	CVE-2012-5758
ibm -- websphere_datapower_xc10_appliance	The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2 allows remote authenticated users to bypass intended administrative-role requirements and perform arbitrary JMX operations via unspecified vectors.	2012-11-23	9.0	CVE-2012-5759
irods -- irods	Multiple unspecified vulnerabilities in iRODS before 3.1 have unknown impact and attack vectors.	2012-11-17	10.0	CVE-2012-5895
mozilla -- firefox	Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.	2012-11-21	9.3	CVE-2012-4202
mozilla -- firefox	The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.	2012-11-21	10.0	CVE-2012-4204
mozilla -- firefox	The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet.	2012-11-21	9.3	CVE-2012-4210
mozilla -- firefox	Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.	2012-11-21	10.0	CVE-2012-4212
mozilla -- firefox	Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.	2012-11-21	10.0	CVE-2012-4213
mozilla -- firefox	Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840.	2012-11-21	10.0	CVE-2012-4214
mozilla -- firefox	Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.	2012-11-21	10.0	CVE-2012-4215
mozilla -- firefox	Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.	2012-11-21	10.0	CVE-2012-4216
mozilla -- firefox	Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.	2012-11-21	10.0	CVE-2012-4217
mozilla -- firefox	Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.	2012-11-21	10.0	CVE-2012-4218
mozilla -- firefox	The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter.	2012-11-21	10.0	CVE-2012-5833
mozilla -- firefox	Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data.	2012-11-21	10.0	CVE-2012-5835
mozilla -- firefox	Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text.	2012-11-21	10.0	CVE-2012-5836
mozilla -- firefox	The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via large image dimensions.	2012-11-21	10.0	CVE-2012-5838
mozilla -- firefox	Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.	2012-11-21	10.0	CVE-2012-5839
mozilla -- firefox	Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214.	2012-11-21	10.0	CVE-2012-5840
mozilla -- firefox	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.	2012-11-21	10.0	CVE-2012-5842
mozilla -- firefox	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.	2012-11-21	10.0	CVE-2012-5843
munin-monitoring -- munin	Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.	2012-11-21	7.2	CVE-2012-3512
munin-monitoring -- munin	munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command.	2012-11-21	9.3	CVE-2012-3513
mybb -- mybb	SQL injection vulnerability in admin/modules/user/users.php in MyBB (aka MyBulletinBoard) 1.6.6 allows remote attackers to execute arbitrary SQL commands via the conditions[usergroup][] parameter in a search action to admin/index.php.	2012-11-17	7.5	CVE-2012-5909
novell -- file_reporter	Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record.	2012-11-18	10.0	CVE-2012-4956
novell -- file_reporter	Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.	2012-11-18	7.8	CVE-2012-4957
novell -- file_reporter	Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.	2012-11-18	7.8	CVE-2012-4958
novell -- file_reporter	Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.	2012-11-18	10.0	CVE-2012-4959
nvidia -- unix_graphic_driver	NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows local users to write to arbitrary physical memory locations and gain privileges by modifying the VGA window using /dev/nvidia0.	2012-11-19	7.2	CVE-2012-4225
pico -- picopublisher	Multiple SQL injection vulnerabilities in PicoPublisher 2.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) page.php or (2) single.php.	2012-11-17	7.5	CVE-2012-5912
quest -- intrust	The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not properly implement the Add method, which allows remote attackers to execute arbitrary code via a memory address in the first argument, related to an "uninitialized pointer."	2012-11-17	10.0	CVE-2012-5896
samedia -- landshop	Multiple SQL injection vulnerabilities in SAMEDIA LandShop 0.9.2 allow remote attackers to execute arbitrary SQL commands via the (1) OB_ID parameter in a single action to admin/action/objects.php, (2) AREA_ID parameter in a single action to admin/action/areas.php, or (3) start parameter in a show action to admin/action/pdf.php.	2012-11-17	7.5	CVE-2012-5900
sinapsitech -- esolar_duo_photovoltaic_system_monitor	Multiple SQL injection vulnerabilities on the Sinapsi eSolar Light Photovoltaic System Monitor (aka Schneider Electric Ezylog photovoltaic SCADA management server), Sinapsi eSolar, and Sinapsi eSolar DUO with firmware before 2.0.2870_2.2.12 allow remote attackers to execute arbitrary SQL commands via (1) the inverterselect parameter in a primo action to dettagliinverter.php or (2) the lingua parameter to changelanguagesession.php.	2012-11-23	7.5	CVE-2012-5861
sinapsitech -- esolar_duo_photovoltaic_system_monitor	login.php on the Sinapsi eSolar Light Photovoltaic System Monitor (aka Schneider Electric Ezylog photovoltaic SCADA management server), Sinapsi eSolar, and Sinapsi eSolar DUO with firmware before 2.0.2870_2.2.12 establishes multiple hardcoded accounts, which makes it easier for remote attackers to obtain administrative access by leveraging a (1) cleartext password or (2) password hash contained in this script, as demonstrated by a password of astridservice or 36e44c9b64.	2012-11-23	10.0	CVE-2012-5862
sinapsitech -- esolar_duo_photovoltaic_system_monitor	ping.php on the Sinapsi eSolar Light Photovoltaic System Monitor (aka Schneider Electric Ezylog photovoltaic SCADA management server), Sinapsi eSolar, and Sinapsi eSolar DUO with firmware before 2.0.2870_2.2.12 allows remote attackers to execute arbitrary commands via shell metacharacters in the ip_dominio parameter.	2012-11-23	10.0	CVE-2012-5863
sinapsitech -- esolar_duo_photovoltaic_system_monitor	The management web pages on the Sinapsi eSolar Light Photovoltaic System Monitor (aka Schneider Electric Ezylog photovoltaic SCADA management server), Sinapsi eSolar, and Sinapsi eSolar DUO with firmware before 2.0.2870_2.2.12 do not require authentication, which allows remote attackers to obtain administrative access via a direct request, as demonstrated by a request to ping.php.	2012-11-23	10.0	CVE-2012-5864