Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Check Point Threat Center

Breaking News

14-Jun-2013: June 2013's monthly product update rollup from Microsoft includes one Critical and four Important updates that affect Internet Explorer, Windows, and Office. The IE update addresses nineteen vulnerabilities in the browser; Windows gets two kernel-mode issues fixed; a privilege escalation vulnerability in the Windows Print Spooler is fixed; and a remote code execution issue in Office is addressed.

Top Protections

Check Point Update Services Overview

In a constantly changing threat environment, defenses must evolve with or ahead of threats. Check Point Update Services provide real-time defense updates and configuration advice for IPS, URL Filtering, Antivirus & Anti-Malware, Anti-Spam & Email Security Security Service Software Blades. Also covered by Update Services are SmartDefense in NGX VPN-1, VSX, IPS-1, Connectra, Endpoint Security On Demand, and Endpoint Security products.

Key Benefits

  • Pre-emptive Protection - Keep your defenses current between your regularly-scheduled product upgrades and security patches.
  • Easy Management - Update your whole system in minutes. Each update comes with full configuration instructions and information about the associated threat.
  • IPS, Web security, Antivirus, Anti-Malware, Web filtering, and Anti-Spam protection - Get the latest signatures and detection methods.
  • Program Advisor - Update Check Point Endpoint Security with recommendations for application control for your endpoint computers.
  • 24x7 Threat Coverage - Check Point Security products are supported by multiple Check Point Research and Response Centers around the globe that provided the best Microsoft vulnerability threat coverage amongst leading security vendors.

Malware Resources

Protect Better!

Protect Better!

12 easy steps for boosting your organization's protection against malware

Malware Removal Resources

Malware Removal Resources

Malware-fighting utilities and recommendations on how to use them

Have an Infected Machine?

Have an Infected Machine?

Find out how to identify and clean up malware and bot-infected computers

Get the Rescue CD Get the Rescue CD – designed to scan, disinfect and restore infected machines that can't be disinfected with conventional malware removal tools

Latest Protections

Severity Date Check Point
Reference
Industry
Reference
Description

Updated
CPAI-2014-1622 CVE-2014-0322
CVE-2014-0502
CVE-2013-1347
CVE-2014-1776
CVE-2013-2423
CVE-2013-2465
Infinity Exploit Kit Remote Code Execution

Updated
CPAI-2014-1596 CVE-2014-1775
Microsoft Internet Explorer Memory Corruption (MS14-035; CVE-2014-1775)

Updated
CPAI-2014-1728   PDF Containing Encrypted Data

Updated
CPAI-2014-1695 CVE-2014-0519
Adobe Flash Player Sandbox Security Bypass (APSB14-14; CVE-2014-0519)

Updated
CPAI-2014-1694 CVE-2014-1806
Microsoft .NET Framework TypeFilterLevel Code Execution (MS14-026; CVE-2014-1806)

Updated
CPAI-2014-1672   Expiro User-Agent

Updated
CPAI-2014-1715 CVE-2007-2189
Web Servers mxBB MX Smartor Remote File Inclusion (CVE-2007-2189)

Updated
CPAI-2014-1714 CVE-2002-1878
Web Servers W-Agora Remote File Inclusion (CVE-2002-1878)

Updated
CPAI-2014-1713 CVE-2006-1503
Web Servers VWar Remote File Inclusion (CVE-2006-1503)

Updated
CPAI-2014-1709 CVE-2007-2969
Web Servers WAnewsletter Remote File Inclusion (CVE-2007-2969)

Updated
CPAI-2014-1707 CVE-2006-3294
Web Servers CBSMS Mambo Remote File Inclusion (CVE-2006-3294)

Updated
CPAI-2014-1704 CVE-2006-4044
Web Servers PHPCodeCabinet Remote File Inclusion (CVE-2006-4044)

Updated
CPAI-2014-1703 CVE-2007-2936
Web Servers Frequency Clock Remote File Inclusion (CVE-2007-2936)

Updated
CPAI-2014-1702 CVE-2007-2317
Web Servers Tosmo Mambo Remote File Inclusion (CVE-2007-2317)

Updated
CPAI-2014-1701 CVE-2007-2364
Web Servers BurnCMS Remote File Inclusion (CVE-2007-2364)

Updated
CPAI-2014-1700 CVE-2006-4644
Web Servers PHPFullAnnu Remote File Inclusion (CVE-2006-4644)

Updated
CPAI-2014-1693   ZmEu Security Scanner

Updated
CPAI-2014-1690   Multiple PHP Servers WeevelyShell Backdoor Command Execution

Updated
CPAI-2014-1686   Multiple PHP Servers DQ99shell Backdoor Command Execution

Updated
CPAI-2014-1684   Multiple PHP Servers C100shell Backdoor Command Execution

Updated
CPAI-2014-1683   Wordpress Timthumb WebShot Vulnerability Code Execution

Updated
CPAI-2014-1682   Multiple PHP Servers C99shell Backdoor Command Execution

Updated
CPAI-2014-1676   Fiesta Exploit Kit Redirection

Updated
CPAI-2014-1675   Web Servers Malicious Encoding Directory Traversal

Updated
CPAI-2014-1673 CVE-2014-1761
Microsoft Word RTF listoverridecount Memory Corruption (MS14-017; CVE-2014-1761)

Updated
CPAI-2014-1670   JPEG Files Containing Suspicious Comments

Updated
CPAI-2014-1668 CVE-2014-3214
ISC BIND Recursive Nameservers Prefetch Denial of Service (CVE-2014-3214)

Updated
CPAI-2014-1664 CVE-2014-0517
Adobe Flash Player and AIR Security Bypass (APSB14-14; CVE-2014-0517)

Updated
CPAI-2014-1661 CVE-2014-0768
Advantech WebAccess SCADA webvact.ocx AccessCode2 Buffer Overflow (CVE-2014-0768)

Updated
CPAI-2014-1659 CVE-2014-0535
Adobe Flash Player and AIR Security Bypass (APSB14-16; CVE-2014-0535)

Updated
CPAI-2014-1658   RIG Exploit Kit Website Redirection

Updated
CPAI-2014-1656 CVE-2014-0536
Adobe Flash Player Memory Corruption (APSB14-16; CVE-2014-0536)

Updated
CPAI-2014-1652 CVE-2014-2210
CA ERwin Web Portal ConfigServiceProvider Remote File Creation (CVE-2014-2210)

Updated
CPAI-2014-1651 CVE-2014-0429
Oracle Java awt_setPixels Information Disclosure (CVE-2014-0429)

Updated
CPAI-2014-1649 CVE-2014-3457
SAP Sybase Event Stream Processor esp_parse Remote Code Execution (CVE-2014-3457)

Updated
CPAI-2014-1641 CVE-2014-0766
Advantech WebAccess SCADA webvact.ocx NodeName2 Buffer Overflow (CVE-2014-0766)

Updated
CPAI-2014-1635 CVE-2014-0765
Advantech WebAccess SCADA webvact.ocx GotoCmd Buffer Overflow (CVE-2014-0765)

Updated
CPAI-2014-1645 CVE-2014-0767
Advantech WebAccess SCADA webvact.ocx AccessCode Buffer Overflow (CVE-2014-0767)

Updated
CPAI-2014-1706 CVE-2014-2415
Oracle Data Quality PostcardPreviewInt onclose Untrusted Pointer Dereference (CVE-2014-2415)

Updated
CPAI-2014-1698 CVE-2014-0528
Adobe Acrobat and Reader Memory Corruption (APSB14-15; CVE-2014-0528)

Updated
CPAI-2014-1699 CVE-2014-2418
Oracle Data Quality FileChooserDlg onChangeDirectory Untrusted Pointer Dereference (CVE-2014-2418)

Updated
CPAI-2014-1689   HP Release Control Authenticated Privilege Escalation

Updated
CPAI-2014-1644 CVE-2014-2417
Oracle Data Quality DscXB onloadstatechange Untrusted Pointer Dereference (CVE-2014-2417)

Updated
CPAI-2014-1687 CVE-2013-2465
LightsOut/Hello Exploit Kit (CVE-2013-2465)

Updated
CPAI-2014-1680 CVE-2014-2787
Microsoft Internet Explorer Memory Corruption (MS14-037; CVE-2014-2787)

Updated
CPAI-2014-1679 CVE-2014-1765
Microsoft Internet Explorer Memory Corruption (MS14-037; CVE-2014-1765)

Updated
CPAI-2014-1677 CVE-2014-2804
Microsoft Internet Explorer Memory Corruption (MS14-037; CVE-2014-2804)

Updated
CPAI-2014-1667 CVE-2014-2795
Microsoft Internet Explorer Memory Corruption (MS14-037; CVE-2014-2795)

Updated
CPAI-2014-1666 CVE-2014-2797
Microsoft Internet Explorer Memory Corruption (MS14-037; CVE-2014-2797)

Updated
CPAI-2014-1665 CVE-2014-2801
Microsoft Internet Explorer Memory Corruption (MS14-037; CVE-2014-2801)

Updated
CPAI-2014-0868 CVE-2014-0282
Microsoft Internet Explorer Memory Corruption (MS14-035; CVE-2014-0282)

Updated
CPAI-2014-1655 CVE-2013-0140
CVE-2013-0141
McAfee ePolicy Orchestrator Remote Code Execution (CVE-2013-0140; CVE-2013-0141)

Updated
CPAI-2014-1650 CVE-2014-3789
Cogent DataHub Web Server GetPermissions.asp Command Injection (CVE-2014-3789)

Updated
CPAI-2014-1648 CVE-2014-2416
Oracle Data Quality DateTimeWrapper onchange Remote Code Execution (CVE-2014-2416)

Updated
CPAI-2014-1646 CVE-2014-2856
Apple CUPS Web Interface URL Handling Cross-Site Scripting (CVE-2014-2856)

Updated
CPAI-2014-1643   Microsoft Internet Explorer Crafted URL Remote Code Execution

Updated
CPAI-2014-1642 CVE-2014-0521
Adobe Reader Javascript API Information Disclosure (APSB14-15; CVE-2014-0521)

Updated
CPAI-2014-1639   eScan Web Management Console Command Injection

Updated
CPAI-2014-1638   Simple E-Document upload Remote Code Execution

Updated
CPAI-2014-1637 CVE-2013-4152
CVE-2013-6429
CVE-2014-0002
Multiple Products XML System External Entity Information Disclosure (CVE-2013-4152; CVE-2013-6429; CVE-2014-0002)

Archives

Microsoft Security

Microsoft Security Bulletins 2012 in Check Point Advisories

Microsoft Security Bulletin MS12-002

  1. CPAI-2012-016
    Microsoft Windows Object Packager Insecure Executable Launching (MS12-002; CVE-2012-0009)

Microsoft Security Bulletin MS12-004

  1. CPAI-2012-014
    Microsoft Windows Media Player MIDI Code Execution (MS12-004; CVE-2012-0003)
  2. CPAI-2012-019
    Microsoft Windows DirectShow Filters Remote Code Execution (MS12-004; CVE-2012-0004)

Microsoft Security Bulletin MS12-005

  1. CPAI-2012-018
    Microsoft Windows Assembly Execution Vulnerability (MS12-005; CVE-2012-0013)
  2. CPAI-2013-1338
    Microsoft Windows Assembly Execution Vulnerability (MS12-005; CVE-2012-0013) - High Confidence

Microsoft Security Bulletin MS12-006

  1. CPAI-2012-020
    Preemptive Protection against SSL and TLS Protocols Information Disclosure (MS12-006; CVE-2011-3389)

Microsoft Security Bulletin MS12-007

  1. CPAI-2012-017
    Microsoft AntiXSS Library Bypass Information Disclosure (MS12-007; CVE-2012-0007)

Microsoft Security Bulletin MS12-008

  1. CPAI-2012-013
    Microsoft Windows Win32k.sys Malformed IFrame Memory Corruption (MS12-008; CVE-2011-5046)

Microsoft Security Bulletin MS12-010

  1. CPAI-2012-050
    Internet Explorer Null Byte Information Disclosure (MS12-010; CVE-2012-0012)
  2. CPAI-2012-053
    Internet Explorer HtmlLayout Remote Code Execution (MS12-010; CVE-2012-0011)
  3. CPAI-2012-054
    Internet Explorer VML Remote Code Execution (MS12-010; CVE-2012-0155)
  4. CPAI-2012-237
    Microsoft Internet Explorer Copy And Paste Information Disclosure (MS12-010; CVE-2012-0010)

Microsoft Security Bulletin MS12-011

  1. CPAI-2012-047
    Microsoft SharePoint inplview.aspx Cross-Site Scripting (MS12-011; CVE-2012-0017)
  2. CPAI-2012-048
    Microsoft SharePoint themeweb.aspx Cross-Site Scripting (MS12-011; CVE-2012-0144)
  3. CPAI-2012-049
    Microsoft SharePoint wizardlist.aspx Cross-Site Scripting (MS12-011; CVE-2012-0145)

Microsoft Security Bulletin MS12-012

  1. CPAI-2012-051
    Microsoft Color Control Panel Insecure Library Loading (MS12-012; CVE-2010-5082)

Microsoft Security Bulletin MS12-013

  1. CPAI-2012-060
    Microsoft Windows msvcrt.dll Media File Code Execution (MS12-013; CVE-2012-0150)

Microsoft Security Bulletin MS12-014

  1. CPAI-2012-061
    Microsoft Windows Indeo Codec Insecure Library Loading (MS12-014; CVE-2010-3138)

Microsoft Security Bulletin MS12-015

  1. CPAI-2012-052
    Microsoft Visio Viewer File Format Code Execution (MS12-015; CVE-2012-0020)
  2. CPAI-2012-055
    Microsoft Visio Viewer VSD File Format Memory Corruption (MS12-015; CVE-2012-0019)
  3. CPAI-2012-057
    Microsoft Visio Viewer File Format Code Execution (MS12-015; CVE-2012-0136)
  4. CPAI-2012-058
    Microsoft Visio Viewer File Format Code Execution (MS12-015; CVE-2012-0137)
  5. CPAI-2012-059
    Microsoft Visio Viewer File Format Code Execution (MS12-015; CVE-2012-0138)

Microsoft Security Bulletin MS12-016

  1. CPAI-2013-1295
    Adobe Flash Player malformed SWF file information disclosure (APSB13-05; CVE-2013-0637)
  2. CPAI-2012-056
    Microsoft.NET and Silevrlight Unmanaged Objects Code Execution (MS12-016; CVE-2012-0014)

Microsoft Security Bulletin MS12-017

  1. CPAI-2012-087
    Microsoft DNS Server Denial of Service (MS12-017; CVE-2012-0006)
  2. CPAI-2013-1308
    Microsoft DNS Server Denial of Service - Specific (MS12-017; CVE-2012-0006)

Microsoft Security Bulletin MS12-020

  1. CPAI-2012-084
    Microsoft Windows Remote Desktop Protocol Code Execution (MS12-020; CVE-2012-0002)
  2. CPAI-2012-099
    Preemptive Protection against Microsoft Terminal Server Denial of Service (MS12-020; CVE-2012-0152)

Microsoft Security Bulletin MS12-021

  1. CPAI-2012-085
    Microsoft Visual Studio Add-In Insecure Library Loading (MS12-021; CVE-2012-0008)
  2. CPAI-2013-1332
    Internet Explorer CElement Use After Free Code Execution (MS13-021; CVE-2013-0091)

Microsoft Security Bulletin MS12-022

  1. CPAI-2012-086
    Microsoft Expression Design Insecure Library Loading (MS12-022; CVE-2012-0016)

Microsoft Security Bulletin MS12-023

  1. CPAI-2012-124
    Internet Explorer OnReadyStateChange Remote Code Execution (MS12-023; CVE-2012-0170)
  2. CPAI-2012-125
    Internet Explorer SelectAll Remote Code Execution (MS12-023; CVE-2012-0171)
  3. CPAI-2012-127
    Internet Explorer VML Style Remote Code Execution (MS12-023; CVE-2012-0172)

Microsoft Security Bulletin MS12-024

  1. CPAI-2012-123
    Microsoft Windows Signature Validation Remote Code Execution (MS12-024; CVE-2012-0151)

Microsoft Security Bulletin MS12-025

  1. CPAI-2012-304
    Microsoft .NET Framework Parameter Validation Code Execution (MS12-025; CVE-2012-0163)

Microsoft Security Bulletin MS12-027

  1. CPAI-2012-129
    Microsoft MSCOMCTL.OCX ActiveX Control Remote Code Execution (MS12-027; CVE-2012-0158)
  2. CPAI-2012-130
    MSCOMCTL.OCX Killbit: 9181DC5F-E07D-418A-ACA6-8EEA1ECB8E9E (MS12-027; CVE-2012-0158)
  3. CPAI-2012-131
    MSCOMCTL.OCX Killbit: C74190B6-8589-11d1-B16A-00C0F0283628 (MS12-027; CVE-2012-0158)
  4. CPAI-2012-132
    MSCOMCTL.OCX Killbit: 996BF5E0-8044-4650-ADEB-0B013914E99C (MS12-027; CVE-2012-0158)
  5. CPAI-2012-133
    MSCOMCTL.OCX Killbit: bdd1f04b-858b-11d1-b16a-00c0f0283628 (MS12-027; CVE-2012-0158)

Microsoft Security Bulletin MS12-028

  1. CPAI-2012-128
    Microsoft Office WPS Converter Heap Overflow (MS12-028; CVE-2012-0177)

Microsoft Security Bulletin MS12-029

  1. CPAI-2012-189
    Microsoft Office RTF Mismatch Memory Corruption (MS12-029; CVE-2012-0183)

Microsoft Security Bulletin MS12-030

  1. CPAI-2012-178
    Microsoft Excel MergeCells Record Heap Overflow (MS12-030; CVE-2012-0185)
  2. CPAI-2012-179
    Microsoft Excel File Format OBJECTLINK Record Memory Corruption (MS12-030; CVE-2012-0142)
  3. CPAI-2012-194
    Microsoft Excel File Format Code Execution (MS12-030; CVE-2012-0141)
  4. CPAI-2012-195
    Microsoft Excel Record Structure Memory Corruption (MS12-030; CVE-2012-0143)
  5. CPAI-2012-197
    Microsoft Excel SXLI Record Memory Corruption (MS12-030; CVE-2012-0184)
  6. CPAI-2012-215
    Microsoft Excel SERIES Record Parsing Code Execution (MS12-030; CVE-2012-1847)

Microsoft Security Bulletin MS12-031

  1. CPAI-2012-261
    Microsoft Visio Viewer VSD File Attributes Validation Error (MS12-031; CVE-2012-0018)

Microsoft Security Bulletin MS12-034

  1. CPAI-2012-180
    Microsoft Windows GDI+ Record Type Code Execution (MS12-034; CVE-2012-0165)
  2. CPAI-2012-190
    Microsoft Windows GDI+ EMF Heap Overflow (MS12-034; CVE-2012-0167)
  3. CPAI-2012-198
    Microsoft Windows Malformed TrueType Font Remote Code Execution (MS12-034; CVE-2012-0159)
  4. CPAI-2012-199
    Microsoft Silverlight Double-Free Remote Code Execution (MS12-034; CVE-2012-0176)
  5. CPAI-2012-200
    Microsoft .NET Framework XBAP Buffer Allocation Code Execution (MS12-034; CVE-2012-0162)

Microsoft Security Bulletin MS12-035

  1. CPAI-2012-241
    Microsoft .NET Framework Serialization Code Execution (MS12-035; CVE-2012-0161)
  2. CPAI-2012-242
    Microsoft .NET Framework Serialization Data Validation Error (MS12-035; CVE-2012-0160)

Microsoft Security Bulletin MS12-037

  1. CPAI-2012-248
    Internet Explorer Same ID Property Remote Code Execution (MS12-037; CVE-2012-1875)
  2. CPAI-2012-249
    Internet Explorer Process Memory Information Disclosure (MS12-037; CVE-2012-1873)
  3. CPAI-2012-251
    Internet Explorer Col Element Remote Code Execution (MS12-037; CVE-2012-1876)
  4. CPAI-2012-252
    Internet Explorer OnRowsInserted Event Remote Code Execution (MS12-037; CVE-2012-1881)
  5. CPAI-2012-253
    Internet Explorer insertRow Remote Code Execution (MS12-037; CVE-2012-1880)
  6. CPAI-2012-256
    Internet Explorer Title Element Change Remote Code Execution (MS12-037; CVE-2012-1877)
  7. CPAI-2012-257
    Internet Explorer OnBeforeDeactivate Event Remote Code Execution (MS12-037; CVE-2012-1878)
  8. CPAI-2012-258
    Internet Explorer insertAdjacentText Remote Code Execution (MS12-037; CVE-2012-1879)
  9. CPAI-2012-262
    Internet Explorer Center Element Remote Code Execution (MS12-037; CVE-2012-1523)
  10. CPAI-2012-264
    Internet Explorer Developer Toolbar Remote Code Execution (MS12-037; CVE-2012-1874)

Microsoft Security Bulletin MS12-038

  1. CPAI-2012-259
    Microsoft .NET Framework Function Pointer Remote Code Execution (MS12-038; CVE-2012-1855)

Microsoft Security Bulletin MS12-039

  1. CPAI-2012-254
    Microsoft Lync Insecure Library Loading Code Execution (MS12-039; CVE-2012-1849)
  2. CPAI-2012-255
    Internet Explorer HTML Sanitization Information Disclosure (MS12-039; CVE-2012-1858)

Microsoft Security Bulletin MS12-040

  1. CPAI-2012-260
    Microsoft Dynamic AX Enterprise Portal Cross-site Scripting (MS12-040; CVE-2012-1857)

Microsoft Security Bulletin MS12-043

  1. CPAI-2012-308
    Preemptive Protection against Microsoft XML Uninitialized Memory Corruption (MS12-043; CVE-2012-1889)

Microsoft Security Bulletin MS12-044

  1. CPAI-2012-301
    Internet Explorer Cached Object Remote Code Execution (MS12-044; CVE-2012-1522)
  2. CPAI-2012-305
    Internet Explorer Attribute Remove Remote Code Execution (MS12-044; CVE-2012-1524)

Microsoft Security Bulletin MS12-045

  1. CPAI-2012-303
    Microsoft Data Access Components ADO Cachesize Heap Overflow (MS12-045; CVE-2012-1891)

Microsoft Security Bulletin MS12-046

  1. CPAI-2012-263
    Microsoft Visual Basic for Applications Insecure Library Loading (MS12-046; CVE-2012-1854)

Microsoft Security Bulletin MS12-048

  1. CPAI-2012-307
    Microsoft Windows File and Directory Name Command Injection (MS12-048; CVE-2012-0175)

Microsoft Security Bulletin MS12-050

  1. CPAI-2012-302
    Microsoft SharePoint Reflected List Parameter XSS (MS12-050; CVE-2012-1863)
  2. CPAI-2012-306
    Microsoft SharePoint XSS scriptresx.ashx Elevation of Privilege (MS12-050; CVE-2012-1859)
  3. CPAI-2012-309
    Preemptive Protection against Microsoft SharePoint HTML Sanitization Cross-site Scripting (MS12-050; CVE-2012-1858)
  4. CPAI-2012-310
    Microsoft SharePoint Script in Username Cross-site Scripting (MS12-050; CVE-2012-1861)

Microsoft Security Bulletin MS12-052

  1. CPAI-2012-340
    Internet Explorer Layout Memory Corruption (MS12-052; CVE-2012-1526)
  2. CPAI-2012-342
    Internet Explorer NULL Object Access Remote Code Execution (MS12-052; CVE-2012-2521)
  3. CPAI-2012-343
    Internet Explorer Virtual Function Table Corruption Remote Code Execution (MS12-052; CVE-2012-2522)

Microsoft Security Bulletin MS12-053

  1. CPAI-2012-350
    Microsoft Remote Desktop Protocol Freed Memory Access (MS12-053; CVE-2012-2526)

Microsoft Security Bulletin MS12-054

  1. CPAI-2012-339
    Microsoft Remote Administration Protocol Denial of Service (MS12-054; CVE-2012-1850)
  2. CPAI-2012-349
    Microsoft Windows Print Spooler Format String Code Execution (MS12-054; CVE-2012-1851)
  3. CPAI-2012-351
    Microsoft Remote Administration Protocol Heap and Stack Overflow (MS12-054; CVE-2012-1852, CVE-2012-1853)

Microsoft Security Bulletin MS12-056

  1. CPAI-2012-341
    Internet Explorer JavaScript Integer Overflow Remote Code Execution (MS12-056; CVE-2012-2523)

Microsoft Security Bulletin MS12-057

  1. CPAI-2012-397
    Preemptive protection against Microsoft CGM File Format Memory Corruption (MS12-057; CVE-2012-2524)

Microsoft Security Bulletin MS12-059

  1. CPAI-2012-348
    Microsoft Visio DXF File Parsing Code Execution (MS12-059; CVE-2012-1888)

Microsoft Security Bulletin MS12-060

  1. CPAI-2012-347
    Microsoft Windows Common Controls Remote Code Execution (MS12-060; CVE-2012-1856)

Microsoft Security Bulletin MS12-061

  1. CPAI-2012-409
    Microsoft Visual Studio Team Foundation Server XSS (MS12-061; CVE-2012-1892)

Microsoft Security Bulletin MS12-062

  1. CPAI-2012-405
    Microsoft SCCM Reflected Cross-site Scripting (MS12-062; CVE-2012-2536)

Microsoft Security Bulletin MS12-063

  1. CPAI-2012-604
    Internet Explorer OnMove Use After Free Remote Code Execution (MS12-063; CVE-2012-1529)
  2. CPAI-2012-605
    Internet Explorer Event Listener Remote Code Execution (MS12-063; CVE-2012-2546)
  3. CPAI-2012-606
    Internet Explorer Layout Use After Free Remote Code Execution (MS12-063; CVE-2012-2548)
  4. CPAI-2012-607
    Internet Explorer cloneNode Use After Free Remote Code Execution (MS12-063; CVE-2012-2557)

Microsoft Security Bulletin MS12-064

  1. CPAI-2012-611
    Microsoft Word PAPX Section Corruption Remote Code Execution (MS12-064; CVE-2012-0182)
  2. CPAI-2012-629
    Microsoft Office RTF File listid Use-After-Free Code Execution (MS12-064; CVE-2012-2528)

Microsoft Security Bulletin MS12-065

  1. CPAI-2012-630
    Microsoft Works RTF Heap Remote Code Execution (MS12-065; CVE-2012-2550)

Microsoft Security Bulletin MS12-069

  1. CPAI-2012-642
    Microsoft Kerberos NULL Dereference Denial of Service (MS12-069; CVE-2012-2551)

Microsoft Security Bulletin MS12-070

  1. CPAI-2012-631
    Microsoft SQL Server Report Manager Elevation of Privilege (MS12-070; CVE-2012-2552)

Microsoft Security Bulletin MS12-071

  1. CPAI-2012-803
    Microsoft Internet Explorer CTreePos Use After Free (MS12-071; CVE-2012-1539)
  2. CPAI-2012-805
    Microsoft Internet Explorer CFormElement Use After Free (MS12-071; CVE-2012-1538)
  3. CPAI-2012-807
    Microsoft Internet Explorer CTreeNode Use After Free (MS12-071; CVE-2012-4775)

Microsoft Security Bulletin MS12-072

  1. CPAI-2012-808
    Microsoft Windows Briefcase Integer Underflow (MS12-072; CVE-2012-1527; CVE-2012-1528)

Microsoft Security Bulletin MS12-074

  1. CPAI-2012-793
    Microsoft .NET Framework Insecure Library Loading Code Execution (MS12-074; CVE-2012-2519)
  2. CPAI-2012-804
    Microsoft .Net Framework Web Proxy Auto-Discovery Code Execution (MS12-074; CVE-2012-4776)

Microsoft Security Bulletin MS12-075

  1. CPAI-2012-806
    Microsoft Windows Font Parsing Remote Code Execution (MS12-075; CVE-2012-2897)

Microsoft Security Bulletin MS12-076

  1. CPAI-2012-790
    Microsoft Excel Malformed File Memory Corruption (MS12-076; CVE-2012-1886)
  2. CPAI-2012-795
    Microsoft Excel Modified Data Structure Stack Overflow (MS12-076; CVE-2012-2543)
  3. CPAI-2012-802
    Microsoft Excel SST Invalid Length Use After Free (MS12-076; CVE-2012-1887)
  4. CPAI-2012-402
    Microsoft Excel SerAuxErrBar Heap Overflow (MS12-076; CVE-2012-1885)

Microsoft Security Bulletin MS12-077

  1. CPAI-2012-1252
    Internet Explorer Improper Ref Counting Use After Free (MS12-077; CVE-2012-4787)

Microsoft Security Bulletin MS12-078

  1. CPAI-2012-1279
    Microsoft Windows OpenType Font Parsing Remote Code Execution (MS12-078; CVE-2012-2556)
  2. CPAI-2012-1291
    Microsoft Windows TrueType Font Parsing Remote Code Execution (MS12-078; CVE-2012-4786)

Microsoft Security Bulletin MS12-079

  1. CPAI-2012-1139
    Microsoft Word RTF listoverridecount Remote Code Execution (MS12-079; CVE-2012-2539; CVE-2014-1761)

Microsoft Security Bulletin MS12-081

  1. CPAI-2012-788
    Microsoft Windows Filename Parsing Remote Code Execution (MS12-081; CVE-2012-4774)

Microsoft Security Bulletin MS12-082

  1. CPAI-2012-1254
    Microsoft DirectPlay CLSID_DP8SP_MODEM (MS12-082; CVE-2012-1537)
  2. CPAI-2012-1256
    Microsoft DirectPlay CLSID_DP8SP_SERIAL (MS12-082; CVE-2012-1537)
  3. CPAI-2012-1257
    Microsoft DirectPlay CLSID_DirectPlay8Peer (MS12-082; CVE-2012-1537)
  4. CPAI-2012-1258
    Microsoft DirectPlay CLSID_DirectPlay8Client (MS12-082; CVE-2012-1537)
  5. CPAI-2012-1259
    Microsoft DirectPlay CLSID_DirectPlay8LobbyClient (MS12-082; CVE-2012-1537)
  6. CPAI-2012-1260
    Microsoft DirectPlay CLSID_DirectPlay8LobbiedApplication (MS12-082; CVE-2012-1537)
  7. CPAI-2012-1261
    Microsoft DirectPlay CLSID_DirectPlay8Address (MS12-082; CVE-2012-1537)
  8. CPAI-2013-016
    Microsoft DirectPlay Office File Handling Invalid Memory Free (MS12-082; CVE-2012-1537)