Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Internet Explorer Null Byte Information Disclosure (MS12-010; CVE-2012-0012)

Subscribe

Check Point Reference: CPAI-2012-050
Date Published:
Severity:
Source: Microsoft Security Bulletin MS12-010
Industry Reference(s): CVE-2012-0012
Protection Provided by: Security Gateway
  • R75
  • R71
  • R70
IPS-1
  • IPS-1
  • IPS-1 NGX R65
Who is Vulnerable?
Microsoft Internet Explorer 9
Vulnerability Description
An information disclosure vulnerability has been reported in Internet Explorer.
Update/Patch Available
Apply patches from: MS12-010
Vulnerability Details
The vulnerability occurs during certain processes, in which Internet Explorer incorrectly allows attackers to view content from the process memory. A remote attacker may exploit this issue by enticing target users to open a specially crafted web-page. Successful exploitation could allow an attacker to view content from the Internet Explorer process memory.

Protection Overview
This protection will detect and block attempts to open a specially crafted web-page.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.

To configure the defense, select your product from the list below and follow the related protection steps.

Security Gateway R75 / R71 / R70

How Can I Protect My Network?

  1. In the IPS tab, click Protections and find the Internet Explorer Null Byte Information Disclosure (MS12-010) protection using the Search tool and Edit the protection's settings.
  2. Install policy on all modules.

How Do I Know if My Network is Under Attack?
SmartView Tracker will log the following entries:
Attack Name: Web Client Enforcement Violation
Attack Information: Internet Explorer Null Byte information disclosure (MS12-010)

IPS-1 NGX R65 & IPS-1

How Can I Protect My Network?

  1. In the IPS-1 Policy Manager, click on the Protection tab.
  2. In the Protection tree, click Web Intelligence > HTML , and select the Internet Explorer protection group.
  3. Click " Internet Explorer Null Byte Information Disclosure (MS12-010) ".
  4. In the configuration pane, under Settings, check Active.
  5. Click on Install Policy.

How Do I Know if My Network is Under Attack?
Upon attack, the following entries will be logged:

Alert Name: Internet Explorer Vulnerabilities.
Description: Internet Explorer Null Byte Information Disclosure (MS12-010) .