Check Point IPS Update
- AOL Desktop RTX File Parsing Buffer Overflow Vulnerability
- MIT Kerberos KDC Cross Realm Referral Denial of Service Vulnerability (CVE-2009-3295)
- Microsoft Word mso.dll LsCreateLine Memory Corruption Vulnerability (CVE-2006-3493)
- Improvements to IPS Protections
» AOL Desktop RTX File Parsing Buffer Overflow Vulnerability
Check Point Reference: CPAI-2011-269.
A buffer overflow vulnerability has been discovered in AOL Desktop software. AOL Desktop is an Internet application suite that integrates a web browser, media player, instant messenger client and document editing. RTX (Rich Text Document) is a proprietary document format used by AOL for document creation and editing. A remote attacker could exploit this issue via a malformed RTX file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block the transferring of malformed RTX files over HTTP.
- Security Gateway R75: New protection.
» MIT Kerberos KDC Cross Realm Referral Denial of Service Vulnerability (CVE-2009-3295)
Industry Reference: CVE-2009-3295.
Check Point Reference: CPAI-2011-261.
A denial of service vulnerability has been reported in MIT's Kerberos. Kerberos is a protocol that allows for the negotiation of an authenticated, and optionally encrypted, communication channel between two points on a network. A remote attacker may exploit this vulnerability to create a denial of service condition on an affected system. This protection will detect and block crafted packets sent to the vulnerable KDC.
- Security Gateway R75: New protection.
» Microsoft Word mso.dll LsCreateLine Memory Corruption Vulnerability (CVE-2006-3493)
Industry Reference: CVE-2006-3493.
Check Point Reference: CPAI-2011-270.
A memory corruption vulnerability has been reported in the dynamically-linked library mso.dll which is shipped with Microsoft Word. Microsoft Word is a popular word processing software. A remote attacker could exploit this issue to take complete control of an affected system remotely. This protection will detect and block the transferring of malformed Word files over HTTP.
- Security Gateway R75: New protection.
» Improvements have been made to the following protections:
- CPAI-2011-227: Microsoft .NET Framework x86 JIT Optimizer Stack Corruption Vulnerability (MS11-028)
- CPAI-2011-216: Microsoft Internet Explorer Layouts Handling Memory Corruption Vulnerability (MS11-018)
- CPAI-2011-054: Microsoft Media Player ehtrace.dll Insecure Library Loading Vulnerability (MS11-015)
- CPAI-2011-051: Microsoft Groove 2007 mso.dll Insecure Library Loading Vulnerability (MS11-016)
- CPAI-2010-371: Apache HTTP Server mod_isapi Dangling Pointer Remote Code Execution Vulnerability
- CPAI-2010-094: Microsoft Excel OBJ Record Stack Overflow Vulnerability (MS10-038)
- CPAI-2009-349: Novell Client NetIdentity Agent Remote Pointer Dereference Code Execution Vulnerability
- CPAI-2009-085: IBM Tivoli Storage Manager Agent Client Buffer Overflow Vulnerability
- CPAI-2008-076: Microsoft Windows Media Player SAMI Format Parsing Vulnerability (MS08-033)
- CPAI-2006-295: Microsoft Internet Explorer daxctle.ocx KeyFrame Method Memory Corruption (MS06-067)
- CPAI-2006-200: Apple QuickTime BMP File Handling Heap Overflow Vulnerability
- CPAI-2005-120: Microsoft Windows Plug and Play Vulnerability (MS05-039)
May 24, 2011
Read Check Point's Privacy Policy
©2003-2010 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065