Symantec product detections for Microsoft monthly Security Advisories - February 2009
| Article:TECH138065 | | | Created: 2010-08-19 | | | Updated: 2013-01-09 | | | Article URL http://www.symantec.com/docs/TECH138065 |
Problem
This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Advisories.
Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Solution
February 10, 2009
|
ID and Rating |
Description |
Details |
Intrusion Protection System (IPS) Response |
Other Detections |
|
CAN/CVE ID: CVE-2009-0098 BID: 33134 Microsoft ID: MS09-003 KB – 959239 Microsoft Rating: Critical |
Microsoft Exchange Server TNEF Decoding Remote Command Execution Vulnerability Remote Code Execution Vulnerability This vulnerability affects the following products: Microsoft Exchange Server 2000 SP3 Microsoft Exchange Server 2003 SP2 Microsoft Exchange Server 2007 Microsoft Exchange Server 2007 SP1 |
This is a remote code-execution vulnerability affecting Microsoft Exchange Server due to how it handles Transport Neutral Encapsulation Format (TNEF) data. Attackers can exploit this issue by sending a specially crafted email message to an affected server. A successful exploit will result in the execution of attacker-supplied code in the context of the affected service |
Sig ID: N/A |
AV: N/A Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2009-0099 BID: 33136 Microsoft ID: MS09-003 KB – 959239 Microsoft Rating: Important |
Microsoft Exchange Server EMSMDB2 MAPI Command Remote Denial of Service Vulnerability Denial of Service Vulnerability This vulnerability affects the following products: Microsoft Exchange Server 2000 SP3 Microsoft Exchange Server 2003 SP2 |
This is a denial-of-service vulnerability affecting the EMSMDB32 (Electronic Messaging System Microsoft Data Base, 32 bit build) component of Microsoft Exchange. An attacker can exploit this issue by sending a specially malformed MAPI command to an affected application. A successful exploit will cause the application to stop responding, effectively denying service to legitimate users. |
Sig ID: N/A |
AV: N/A Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2009-0075 BID: 33627 Microsoft ID: MS09-002 KB – 961260 Microsoft Rating: Critical |
Microsoft Internet Explorer Uninitialized Memory Remote Code Execution Vulnerability Remote Code Execution Vulnerability This vulnerability affects the following products: Internet Explorer 7 |
This is a remote code-execution vulnerability affecting Internet Explorer due to how it handles an object that has been deleted. An attacker can exploit this issue by tricking a victim into viewing a web page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user. |
Sig ID: N/A |
AV: N/A Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2009-0076 BID: 33628 Microsoft ID: MS09-002 KB – 961260 Microsoft Rating: Critical |
Microsoft Internet Explorer CSS Memory Corruption Remote Code Execution Vulnerability Remote Code Execution Vulnerability This vulnerability affects the following products: Internet Explorer 7 |
This is a remote code-execution vulnerability affecting Internet Explorer due to how it handles certain styles in a cascading style sheet (CSS). An attacker can exploit this issue by tricking a victim into viewing a web page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user. |
Sig ID: N/A |
AV: Bloodhound.Exploit.225 Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-5416 BID: 32710 Microsoft ID: MS09-004 KB – 959420 Microsoft Rating: Important |
Microsoft SQL Server 'sp_replwritetovarbin' Remote Memory Corruption Vulnerability Remote Code Execution Vulnerability This vulnerability affects the following products: SQL Server 2000 SP4 SQL Server 2000 Itanium-based Edition SP4 SQL Server 2005 SP1 and SP2 SQL Server 2005 x64 Edition SP1 and SP2 SQL Server 2005 with SP1 and SP2 for Itanium-based Systems Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) SP4 Microsoft SQL Server 2005 Express Edition SP1 and SP2 Microsoft SQL Server 2005 Express Edition with Advanced Services SP1 and SP2 Microsoft SQL Server 2000 Desktop Engine (WMSDE) Windows Internal Database (WYukon) SP2 |
This is a previously public remote code-execution vulnerability affecting Microsoft SQL Server. The issue occurs when the server handles the 'sp_replwritetovarbin' extended stored procedure call. By supplying several uninitialized variables as parameters to the call, an attacker can write to a controlled memory location. An attacker needs the ability to execute arbitrary SQL on an affected server to exploit this issue. This could occur through legitimate means or through exploit other latent SQL injection vulnerabilities. Successful exploits will result in the execution of attacker-supplied code in the context of the affected service. |
Sig ID: N/A |
AV: N/A Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2009-0095 BID: 33659 Microsoft ID: MS09-005 KB – 957634 Microsoft Rating: Important |
Microsoft Visio Object Validation Remote Code Execution Vulnerability Remote Code Execution Vulnerability This vulnerability affects the following products: Microsoft Office Visio 2002 SP2 Microsoft Office Visio 2003 SP3 Microsoft Office Visio 2007 Viewer Microsoft Office Visio 2007 Viewer SP1 |
This is a remote code-execution vulnerability affecting Microsoft Visio because it does not properly validate object data when opening a Visio file. An attacker can exploit this issue by tricking a victim into opening a malicious file. Successful attacks will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user. |
Sig ID: N/A |
AV: N/A Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2009-0096 BID: 33660 Microsoft ID: MS09-005 KB – 957634 Microsoft Rating: Important |
Microsoft Visio Object Copy Memory Corruption Remote Code Execution Vulnerability Remote Code Execution Vulnerability This vulnerability affects the following products: Microsoft Office Visio 2002 SP2 Microsoft Office Visio 2003 SP3 Microsoft Office Visio 2007 SP1 |
This is a remote code-execution vulnerability affecting Microsoft Visio because of how it copies object data in memory. An attacker can exploit this issue by tricking a victim into opening a malicious file. Successful attacks will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user. |
Sig ID: N/A |
AV: N/A Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2009-0097 BID: 33661 Microsoft ID: MS09-005 KB – 957634 Microsoft Rating: Important |
Microsoft Visio Memory Corruption Remote Code Execution Vulnerability Remote Code Execution Vulnerability This vulnerability affects the following products: Microsoft Office Visio 2002 SP2 Microsoft Office Visio 2003 SP3 |
This is a remote code-execution vulnerability affecting Microsoft Visio because of a memory handling error when opening a Visio file. An attacker can exploit this issue by tricking a victim into opening a malicious file. Successful attacks will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user. |
Sig ID: N/A |
AV: N/A Sygate IDS: N/A |
|
MSKB: 960715 |
Cumulative Security Update of ActiveX Kill Bits |
Microsoft is releasing a security advisory that sets the kill-bit for a number of third-party components and previously addressed MS issues: Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) Bulletin MS08-070. This is a defense in-depth; setting kill-bits for already addressed issues. |
Sig ID: N/A |
AV: N/A Sygate IDS: N/A |
|
|
Related Articles
Legacy ID
2007010813564748
Article URL http://www.symantec.com/docs/TECH138065
Terms of use for this information are found in Legal Notices
Thank you.