Executive Summary
Summary | |
---|---|
Title | Microsoft Updates for Multiple Vulnerabilities |
Informations | |||
---|---|---|---|
Name | TA09-251A | First vendor Publication | 2009-09-08 |
Vendor | US-CERT | Last vendor Modification | 2009-09-08 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft has released updates to address vulnerabilities in Microsoft Windows, and Windows Server I. Description Microsoft has released multiple security bulletins for critical vulnerabilities in Windows, and Windows Server. These bulletins are described in the Microsoft Security Bulletin Summary for September II. Impact A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a vulnerable application to crash. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for September 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA09-251A.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
71 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
14 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
14 % | CWE-16 | Configuration |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:18890 | |||
Oval ID: | oval:org.mitre.oval:def:18890 | ||
Title: | CRITICAL PATCH UPDATE JULY 2012 | ||
Description: | The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4609 | Version: | 3 |
Platform(s): | Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5531 | |||
Oval ID: | oval:org.mitre.oval:def:5531 | ||
Title: | Windows Media Playback Memory Corruption Vulnerability | ||
Description: | Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory corruption, aka "Windows Media Playback Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2499 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 Windows Media Format Runtime 11 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6257 | |||
Oval ID: | oval:org.mitre.oval:def:6257 | ||
Title: | Windows Media Header Parsing Invalid Free Vulnerability | ||
Description: | Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2498 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 Windows Media Format Runtime 11 Microsoft Media Services 9.1 Microsoft Media Services 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6271 | |||
Oval ID: | oval:org.mitre.oval:def:6271 | ||
Title: | DHTML Editing Component ActiveX Control Vulnerability | ||
Description: | The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to execute arbitrary code via a crafted web site that triggers "system state" corruption, aka "DHTML Editing Component ActiveX Control Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2519 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6316 | |||
Oval ID: | oval:org.mitre.oval:def:6316 | ||
Title: | JScript Remote Code Execution Vulnerability | ||
Description: | The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, aka "JScript Remote Code Execution Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-1920 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | JScript Scripting Engine |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6389 | |||
Oval ID: | oval:org.mitre.oval:def:6389 | ||
Title: | Wireless Frame Parsing Remote Code Execution Vulnerability | ||
Description: | Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka Wlansvc) in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed wireless frame, aka "Wireless Frame Parsing Remote Code Execution Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-1132 | Version: | 3 |
Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-12-06 | Name : Microsoft Wireless LAN AutoConfig Service Remote Code Execution Vulnerabilit... File : nvt/gb_ms09-049.nasl |
2009-09-10 | Name : Microsoft JScript Scripting Engine Remote Code Execution Vulnerability (971961) File : nvt/secpod_ms09-045.nasl |
2009-09-10 | Name : Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability... File : nvt/secpod_ms09-046.nasl |
2009-09-10 | Name : Microsoft Windows Media Format Remote Code Execution Vulnerability (973812) File : nvt/secpod_ms09-047.nasl |
2009-09-10 | Name : Microsoft Windows TCP/IP Remote Code Execution Vulnerability (967723) File : nvt/secpod_ms09-048.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
62144 | F5 Multiple Products TCP/IP Implementation Queue Connection Saturation TCP St... |
61133 | Citrix Multiple Products TCP/IP Implementation Queue Connection Saturation TC... |
59482 | Blue Coat Multiple Products TCP/IP Implementation Queue Connection Saturation... |
58614 | McAfee Email and Web Security Appliance TCP/IP Implementation Queue Connectio... |
58321 | Check Point Multiple Products TCP/IP Implementation Queue Connection Saturati... |
58189 | Yamaha RT Series Routers TCP/IP Implementation Queue Connection Saturation TC... |
57993 | Solaris TCP/IP Implementation Queue Connection Saturation TCP State Table Rem... |
57806 | Microsoft Windows Wireless LAN AutoConfig Service (wlansvc) Frame Parsing Arb... The vulnerability is caused due to an unspecified error in the Wireless LAN AutoConfig Service (wlansvc) when parsing certain wireless network frames. This can be exploited to cause a heap-based buffer overflow via a specially crafted frame received on the wireless network interface. |
57804 | Microsoft JScript Scripting Engine Memory Corruption Arbitrary Code Execution |
57803 | Microsoft Windows Media MP3 File Handling Memory Corruption |
57802 | Microsoft Windows Media ASF Header Parsing Invalid Free Arbitrary Code Execution |
57798 | Microsoft Windows DHTML Editing Component ActiveX Arbitrary Code Execution |
57797 | Microsoft Windows TCP/IP Orphaned Connection Handling Remote DoS Microsoft Windows contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a series of TCP sessions with pending data, and will result in loss of availability for the platform. |
57796 | Microsoft Windows TCP/IP Packet State Information Handling Remote Code Execution |
57795 | Microsoft Windows TCP/IP Implementation Queue Connection Saturation TCP State... |
57794 | Multiple BSD TCP/IP Implementation Queue Connection Saturation TCP State Tabl... |
57793 | Multiple Linux TCP/IP Implementation Queue Connection Saturation TCP State Ta... |
50286 | Cisco TCP/IP Implementation Queue Connection Saturation TCP State Table Remot... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-09-10 | IAVM : 2009-A-0078 - Microsoft Wireless LAN AutoConfig Service Vulnerability Severity : Category I - VMSKEY : V0019913 |
2009-09-10 | IAVM : 2009-A-0074 - Microsoft JScript Scripting Engine Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0019914 |
2009-09-10 | IAVM : 2009-A-0075 - Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0019915 |
2009-09-10 | IAVM : 2009-A-0076 - Multiple Vulnerabilities in Microsoft Windows Media Format Severity : Category II - VMSKEY : V0019916 |
2009-09-10 | IAVM : 2009-A-0077 - Multiple Microsoft TCP/IP Remote Code Execution Vulnerabilities Severity : Category I - VMSKEY : V0019917 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-09-05 | Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt RuleID : 50893 - Revision : 1 - Type : FILE-MULTIMEDIA |
2019-09-05 | Microsoft Windows mp3 file malformed ID3 APIC header code execution attempt RuleID : 50892 - Revision : 1 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Internet Explorer DHTML Editing ActiveX clsid access RuleID : 4148 - Revision : 23 - Type : BROWSER-PLUGINS |
2016-03-14 | Microsoft Internet Explorer DHTML Editing ActiveX clsid access RuleID : 36783 - Revision : 3 - Type : BROWSER-PLUGINS |
2016-03-14 | Microsoft Internet Explorer DHTML Editing ActiveX clsid access RuleID : 36782 - Revision : 3 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Windows Media encryption sample ID header RCE attempt RuleID : 23576 - Revision : 5 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media encryption sample ID header RCE attempt RuleID : 23575 - Revision : 5 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media pixel aspect ratio header RCE attempt RuleID : 23574 - Revision : 5 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media content type header RCE attempt RuleID : 23573 - Revision : 5 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media file name header RCE attempt RuleID : 23572 - Revision : 5 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media Timecode header RCE attempt RuleID : 23571 - Revision : 5 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media sample duration header RCE attempt RuleID : 23570 - Revision : 5 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media encryption sample ID header RCE attempt RuleID : 19450 - Revision : 13 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media encryption sample ID header RCE attempt RuleID : 19449 - Revision : 13 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media pixel aspect ratio header RCE attempt RuleID : 19448 - Revision : 13 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media content type header RCE attempt RuleID : 19447 - Revision : 13 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media file name header RCE attempt RuleID : 19446 - Revision : 13 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media Timecode header RCE attempt RuleID : 19445 - Revision : 13 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media sample duration header RCE attempt RuleID : 19444 - Revision : 12 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media extended stream properties object RCE attempt RuleID : 16338 - Revision : 5 - Type : WEB-CLIENT |
2014-01-10 | Microsoft Windows TCP stack zero window size exploit attempt RuleID : 16294 - Revision : 15 - Type : OS-WINDOWS |
2014-01-10 | DHTML Editing ActiveX function call unicode access RuleID : 15925 - Revision : 8 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DHTML Editing ActiveX clsid access RuleID : 15924 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | DHTML Editing ActiveX clsid unicode access RuleID : 15923 - Revision : 8 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft mp3 malformed APIC header RCE attempt RuleID : 15920 - Revision : 10 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media encryption sample ID header RCE attempt RuleID : 15919 - Revision : 6 - Type : WEB-CLIENT |
2014-01-10 | Microsoft Windows Media pixel aspect ratio header RCE attempt RuleID : 15918 - Revision : 6 - Type : WEB-CLIENT |
2014-01-10 | Microsoft Windows Media content type header RCE attempt RuleID : 15917 - Revision : 6 - Type : WEB-CLIENT |
2014-01-10 | Microsoft Windows Media file name header RCE attempt RuleID : 15916 - Revision : 6 - Type : WEB-CLIENT |
2014-01-10 | Microsoft Windows Media Timecode header RCE attempt RuleID : 15915 - Revision : 6 - Type : WEB-CLIENT |
2014-01-10 | Microsoft Windows Media sample duration header RCE attempt RuleID : 15914 - Revision : 6 - Type : WEB-CLIENT |
2014-01-10 | Microsoft Windows javascript arguments keyword override rce attempt RuleID : 15913 - Revision : 10 - Type : OS-WINDOWS |
2014-01-10 | TCP window closed before receiving data RuleID : 15912 - Revision : 10 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL10509.nasl - Type : ACT_GATHER_INFO |
2010-09-01 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20090908-tcp24http.nasl - Type : ACT_GATHER_INFO |
2009-09-08 | Name : Arbitrary code can be executed on the remote host through the web or email cl... File : smb_nt_ms09-045.nasl - Type : ACT_GATHER_INFO |
2009-09-08 | Name : Arbitrary code can be executed on the remote host through an ActiveX control. File : smb_nt_ms09-046.nasl - Type : ACT_GATHER_INFO |
2009-09-08 | Name : Arbitrary code can be executed on the remote host through opening a Windows M... File : smb_nt_ms09-047.nasl - Type : ACT_GATHER_INFO |
2009-09-08 | Name : Multiple vulnerabilities in the Windows TCP/IP implementation could lead to d... File : smb_nt_ms09-048.nasl - Type : ACT_GATHER_INFO |
2009-09-08 | Name : Arbitrary code can be executed on the remote host through the Wireless LAN Au... File : smb_nt_ms09-049.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2013-11-11 12:41:38 |
|