1. /
  2. Security Response/
  3. Security Updates Detail

Symantec Enterprise Security Manager - Network Assessment Content Update 2008.07.01

July 18, 2008

Description

Description

This update for Symantec ESM Network Assessment detects and reports thirteen additional vulnerabilities.
Use the LiveUpdate feature of Symantec ESM Network Assessment to download this security update.
Note: On the LiveUpdate wizard, the Network Assessment version will now be visible in the following format: Network Assessment <YYYY>.<MM>.<Release_Version>. Here, YYYY is the year of release, MM is the month of release, and Release_Version is the release version of this Network Assessment.

Vulnerability

Bugtraq ID Vulnerability Name
12960Microsoft Jet Database Engine Malformed Database File Buffer Overflow Vulnerability
26468Microsoft Jet Database Engine MDB File Parsing Remote Buffer Overflow Vulnerability
29522Microsoft Windows Bluetooth Stack Remote Code Execution Vulnerability
28379Microsoft Internet Explorer 'setRequestHeader()' Multiple Vulnerabilities
29556Microsoft Internet Explorer HTML Objects 'substringData()' Remote Code Execution Vulnerability
22359Microsoft Windows Speech Components Voice Recognition Command Execution Vulnerability
29578Microsoft DirectX SAMI File Parsing Stack Based Buffer Overflow Vulnerability
29581Microsoft DirectX MJPEG Video Streaming Stack Based Buffer Overflow Vulnerability
29588Microsoft Windows WINS Server Local Privilege Escalation Vulnerability
29584Microsoft Windows Active Directory LDAP Request Validation Remote Denial Of Service Vulnerability
29508Microsoft Windows PGM Invalid Length Remote Denial Of Service Vulnerability
29509Microsoft Windows PGM Invalid Fragment Remote Denial Of Service Vulnerability
30132Microsoft Windows DNS Server Cache Poisoning Vulnerability
* Signature names may have been updated to comply with an updated IPS Signature naming convention. See http://www.symantec.com/business/support/index?page=content&id=TECH152794&key=54619&actp=LIST for more information.
Last modified on: July 18, 2008
Security Response Blog
The State of Spam