»Top Protections
Microsoft Outlook Web Access Vulnerability
(Microsoft Security Advisory 2401593, CVE-2010-3213)
Summary: An elevation of privilege vulnerability has been reported in Microsoft Outlook Web Access. Successful exploitation of this issue could allow an attacker to login to the OWA session, leading to elevation of privilege.
Protection: Check Point IPS Software Blade provides immediate network protection in the latest IPS Update by detecting and blocking attempts to exploit this vulnerability. Learn More.
Microsoft Internet Information Services MS10-065 Vulnerabilities
(MS10-065, CVE-2010-2730, CVE-2010-1899, CVE-2010-2731)
Summary: Three vulnerabilities in Microsoft Internet Information Services have been reported:
1. A header buffer overflow issue
2. A Denial of Service (DoS) issue, and
3. A user authentication bypass issue
Protection: Check Point IPS Software Blade and NGX SmartDefense products have provided preemptive protection since 2004 for the CVE-2010-2730 vulnerability by detecting and blocking HTTP requests that attempt to exploit this type of flaw. Check Point IPS Software Blade, IPS-1 and NGX SmartDefense provide protection against the remaining two vulnerabilities in the latest IPS update by detecting and blocking requests and URLs that attempt to exploit these vulnerabilities. Learn More.
Adobe Zero-Day Vulnerability in Reader and Acrobat
(Adobe Security Advisory APSA10-02, CVE-2010-2883)
Summary: Adobe has released a zero-day advisory that addresses a critical vulnerability in the cooltype.dll component used by the Reader and Acrobat products. The flaw, which is already being exploited, allows attackers to execute malicious code on an affected machine via a specially crafted PDF file.
Protection: Check Point IPS Software Blade and NGX SmartDefense provide immediate protection of unpatched systems in the latest IPS update by detecting and blocking the transferal of malicious PDF files over HTTP. Learn More.
In This AdvisorySeptember 14, 2010
» Top Protections
Microsoft Outlook Web Access Vulnerability
Microsoft Internet Information Services MS10-065 Vulnerabilities
Adobe Zero-Day Vulnerability in Reader and Acrobat
» Deployment Tip
Viewing Protection Details From SmartView Tracker’s Log View
» Highlighted Protections
Including Patch Tuesday
Deployment Tip
Best Practice: Viewing Protection Details From SmartView Tracker’s Log View
SmartView Tracker allows you to monitor IPS events so that you can tune your IPS configuration for optimal security and connectivity. Right-clicking on any SmartView Tracker log entry will provide you with several options, including Open Protection. Selecting this option will open a details page that contains information about the protection that triggered the IPS event.
To view the details about a protection:
1. Right click a log entry.
2. Select Open Protection.
The details page will appear, similar to this example:
» Highlighted Protections
This table lists Check Point protections for recently disclosed threats. In some cases, Check Point protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.
SeverityVulnerability DescriptionCheck Point Protection
IssuedIndustry ReferenceCheck Point Reference
NumberCritical
Microsoft Outlook Web Access Crafted POST Request Elevation of Privilege
CVE-2010-321314-Sep-10
Microsoft Security Advisory (2401593)
CPAI-2010-268
Microsoft Print Spooler Service Impersonation Code Execution
CVE-2010-272914-Sep-10
MS10-061
CPAI-2010-264
Adobe Reader and Acrobat TTF SING Table Buffer Overflow
CVE-2010-288312-Sep-10
APSA10-02
CPAI-2010-267
Microsoft Windows Media Player MPEG-4 Codec Code Execution
CVE-2010-081814-Sep-10
MS10-062
CPAI-2010-266
Microsoft Outlook RTF E-mail Parsing Heap Based Buffer Overflow
CVE-2010-272814-Sep-10
MS10-064
CPAI-2010-265
Blocking Embedded Base-64 Encoded TTF Files
CVE-2010-273814-Sep-10
MS10-063
SBP-2010-25
Adobe Reader and Acrobat cooltype.dll Remote Code Execution
CVE-2010-286219-Aug-10
APSB10-17
CPAI-2010-247
Adobe Shockwave Player rcsL Chunk Pointer Offset Heap Overflow
CVE-2010-286725-Aug-10
APSB10-20
CPAI-2010-244
Microsoft IIS Request Header Buffer Overflow
CVE-2010-273010-Jul-04
MS10-065
CPAI-2010-261
Microsoft IIS Directory Authentication Bypass
CVE-2010-273114-Sep-10
MS10-065
CPAI-2010-262
Microsoft IIS Repeated Parameter Request Denial of Service
CVE-2010-189914-Sep-10
MS10-065
CPAI-2010-260
Microsoft Windows LSASS Malformed LDAP Messages Heap Overflow
CVE-2010-082014-Sep-10
MS10-053
CPAI-2010-230
Adobe Shockwave Player DIRAPI.dll Denial of Service
CVE-2010-286525-Aug-10
APSB10-20
CPAI-2010-245
Adobe Shockwave Player rcsL Chunk Symbol Access Violations
CVE-2010-288225-Aug-10
APSB10-20
CPAI-2010-254
Adobe Shockwave Player MCsL Parsing Memory Corruption Vulnerabilities
CVE-2010-286425-Aug-10
APSB10-20
CVE-2010-2881
CPAI-2010-253
Adobe Shockwave Player MMAP Size Memory Corruption
CVE-2010-287025-Aug-10
APSB10-20
CPAI-2010-250
Adobe Shockwave Player MMAP Index Memory Corruption
CVE-2010-288025-Aug-10
APSB10-20
CPAI-2010-249
Suspicious Characters in FTP User Names
CVE-2010-054218-Aug-10
SBP-2010-24
Apple Mac OS X CoreGraphics Heap Overflow
CVE-2010-180129-Aug-10
CPAI-2010-255
More Updates >
Have questions about IPS?
Participate in the IPS User Forum. The IPS Forum is your space for asking questions regarding all IPS features, and to collaborate with other IPS users, worldwide, on IPS related issues. Check Point employees may monitor the forum and provide information on the issues posted.
Know someone who should be getting the Advisories?
» About the Check Point Update Services
Check Point provides ongoing and real-time updates and configuration information to its NGX products through SmartDefense subscriptions, and to Check Point Software Blades products through an update service included with the relevant Software Blade subscriptions. These updates increase the value of your Check Point products and minimize threats by providing defenses that can be used before vendor patches are applied throughout your network. These defenses are developed and distributed by Check Point’s global Research and Response Centers. For more information, visit www.CheckPoint.com.
Read Check Point's Privacy Policy
©2003-2010 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065
Results 1 to 1 of 1
-
2010-09-15 #1
Founder
- Join Date
- 2005-08-11
- Location
- San Francisco, CA
- Posts
- 1,395
- Rep Power
- 19
2010-09-14 Check Point Security Advisory
Barry J. Stiefel ("Stee-ful" or "Shtee-ful")
B.S., MBA, CCSA/CCSE/CCSE+/CCSI
Resilience RCSE/RCSI, Fortinet FCSE
CISSP, MCSE, NSA ISM
Founder of CPUG
Founder of CPUG University
Reply With QuoteSimilar Threads
-
2010-01-12 Check Point Security Advisory
By Barry J. Stiefel in forum Check Point Security Alerts And AdvisoriesReplies: 0Last Post: 2010-08-12, 01:50 -
2010-04-13 Check Point Security Advisory
By Barry J. Stiefel in forum Check Point Security Alerts And AdvisoriesReplies: 0Last Post: 2010-08-12, 01:47 -
2010-05-11 Check Point Security Advisory
By Barry J. Stiefel in forum Check Point Security Alerts And AdvisoriesReplies: 0Last Post: 2010-08-12, 01:46 -
2010-06-08 Check Point Security Advisory
By Barry J. Stiefel in forum Check Point Security Alerts And AdvisoriesReplies: 0Last Post: 2010-08-12, 01:45 -
2010-07-13 Check Point Security Advisory
By Barry J. Stiefel in forum Check Point Security Alerts And AdvisoriesReplies: 0Last Post: 2010-08-12, 01:43
Bookmarks