Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Zscaler Provides Immediate Vulnerability Protection During Microsoft’s Patch Cycle

November 2010 by Zscaler

Zscaler, working with Microsoft through their MAPPs program has proactively deployed protections for six Microsoft Office and three Forefront Unified Access Gateway web based, client-side vulnerabilities included the November 2010 Microsoft security bulletins. Zscaler customers licensed for the Advanced Threat Protection service are shielded from attack without the need to take further action. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections as necessary.

MS10-088 – Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2293386)
Severity: Important
Affected Software
 Microsoft Office XP
 Microsoft Office 2003
 Microsoft Office 2004 for Mac
 Microsoft PowerPoint Viewer

CVE-2010-2572 PowerPoint Parsing Buffer Overflow Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles specially crafted PowerPoint 95 files.

CVE-2010-2573 PowerPoint Integer Underflow Causes Heap Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles specially crafted PowerPoint files.

MS10-089 – Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Elevation of Privilege (2316074)
Severity: Important
Affected Software
 Forefront Unified Access Gateway 2010

CVE-2010-2733 UAG XSS EOP Vulnerability
Description: A cross-site scripting (XSS) vulnerability exists in Forefront Unified Access Gateway (UAG) that could allow specially crafted script code to run under the guise of the server. This is a non-persistent cross-site scripting vulnerability that could allow an attacker to issue commands to the UAG server in the context of the targeted user.

CVE-2010-2734 XSS Issue on UAG Mobile Portal Website in Forefront Unified Access Gateway Vulnerability
Description: A cross-site scripting (XSS) vulnerability exists in Forefront Unified _ Access Gateway (UAG) that could allow specially crafted script code to run under the guise of the server. This is a non-persistent cross-site scripting vulnerability that could allow an attacker to issue commands to the UAG server in the context of the targeted user.

CVE-2010-3936 XSS in Signurl.asp Vulnerability
Description: A cross-site scripting (XSS) vulnerability exists in Forefront Unified Access Gateway (UAG) that could allow specially crafted script code to run under the guise of the server. This is a non-persistent cross-site scripting vulnerability that could allow an attacker to issue commands to the UAG server in the context of the targeted user.

MS10-087 – Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930)
Severity: Critical
Affected Software
 Microsoft Office XP
 Microsoft Office 2003
 Microsoft Office 2007
 Microsoft Office 2010
 Microsoft Office 2004 for Mac
 Microsoft Office 2008 for Mac
 Microsoft Office 2011 for Mac
 Open XML File Format Converter for Mac

CVE-2010-3333 RTF Stack Buffer Overflow Vulnerability
Description: A remote code execution vulnerability exists in the way that affected Microsoft Office software parses specially crafted Rich Text Format (RTF) formatted data.

CVE-2010-3334 Office Art Drawing Records Vulnerabilities
Description: A remote code execution vulnerability exists in the way that Microsoft Office software parses specially crafted Office files.

CVE-2010-3335 Drawing Exception Handling Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft Office software parses specially crafted Office files.

CVE-2010-3336 MSO Large SPID Read AV Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft Office software parses specially crafted Office files.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts