New Vulnerability Coverage
| Threat Type: |
Multiple Vulnerabilities |
IPS Definition
Database Versions: |
2.482 - 2.485 |
| Coverage Release Date: |
Mar 20, 2008 - Apr 01, 2008 |
| Published Date: |
Wednesday, April 02, 2008 |
| Version #: |
1 |
| |
| Severity |
Number of
Vulnerabilities |
Active
Exploitation |
| Critical | 7 | 4 |
| High | 17 | 6 |
| Medium | 9 | 4 |
| Low | 4 | 1 |
| Info | 1 | n/a |
| Total | 38 | 15 |
|
Foreword
The FortiGuard Global Threat Research Team has released new security content to cover
multiple vulnerabilities. The FortiGuard Team has observed
15 active exploitations of these vulnerabilities to date.
For more information, visit the FortiGuard Center at
www.fortiguardcenter.com.
Threat Remediation
Fortinet provides coverage for the vulnerabilities described below as of the
2.485 IPS Definitions database update.
A brief description of each vulnerability is provided as follows, in order of severity.
Critical ( 4 )
Description:
This indicates an attempt to exploit a buffer overflow vulnerability in the Adobe PDF reader JavaScript engine.
By passing overly long parameters to the method "Collab.collectEmailInfo()", an attacker can execute arbitrary code on a vulnerable computer. To exploit this the attacker must trick the victim into opening a maliciously crafted PDF document.
Affected Products:
Versions older than Adobe Reader and Acrobat before 8.1.2
Reference IDs:
|
Description:
This indicates an attempt to exploit a buffer overflow vulnerability in FireBird.
The FireBird SQL application contains a stack based buffer overflow vulnerability that is triggered when processing an overly long username. Successful exploition could make it possible for an attacker to execute arbitrary code on a vulnerable system.
Affected Products:
Firebird 1.x
Firebird 2.x
Reference IDs:
|
Description:
This indicates a possible attempt to exploit a memory corruption vulnerability in Microsoft Office Publisher.
The vulnerability is caused by an error that occurs when the software handles a malformed .PUB file. It allows a remote attacker to execute arbitrary code via a crafted .PUB file.
Affected Products:
Microsoft Office 2000 Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 2
Microsoft Office Publisher 2000
Microsoft Office Publisher 2002
Microsoft Office Publisher 2003 Service Pack 2
Reference IDs:
|
Description:
This indicates an attempt to exploit a buffer overflow vulnerability in Sony's ImageStation AxRUploadServer ActiveX Control.
The vulnerability can be exploited by passing an overly long string to the "SetLogging()" method. As a result an attacker can execute arbitrary commands on a victim's computer.
Affected Products:
Sony ImageStation AxRUploadServer.dll version 1.0.0.38
Reference IDs:
|
High ( 2 )
Description:
This indicates an attempt to exploit a buffer overflow vulnerability in Xtacacsd running under freebsd.
The vulnerability is caused by a input parameter check error in the report function. It allows a remote attacker to execute arbitray code on a victim system by sending an excessively long username parameter.
Affected Products:
XTACACSD version 4.1.2 and prior.
|
Description:
This indicates an attempt to exploit one of several vulnerabilities in various implementations of the Session Initiation Protocol (SIP).
The vulnerabilities are a result of deficiencies in the handling of INVITE messages in several vendors' implementations. A remote authenticated attacker can cause a denial of service and possibly execute arbitrary code via crafted INVITE messages.
Affected Products:
Avaya Converged Communication Server Any version
Cisco IOS 12.2T
Cisco IOS 12.2X
Cisco IP Phone 7940
Cisco IP Phone 7960
Cisco PIX Firewall 5.2(1) and later
Columbia University Sipc 1.74
Dymanicsoft Java SIP User Agent 6.0
Dymanicsoft Java SIP User Agent 5.0
Dymanicsoft C++ SIP User Agent
Dymanicsoft AppEngine
GNU osip 0.9.5
IPTel SIP Express Router (ser) 0.8.9 and prior
Nortel Succession Communication Server 2000
Nortel Succession Communication Server 2000 - Compact
partysip partysip 0.5.5 and prior
Reference IDs:
|
Medium ( 2 )
Description:
This indicates an attempt to exploit a denial of service vulnerability in Mozilla products.
The vulnerability may allow remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the following:
(1) nsTableFrame::GetFrameAtOrBefore
(2) nsAccessibilityService::GetAccessible
(3) nsBindingManager::GetNestedInsertionPoint
(4) nsXBLPrototypeBinding::AttributeChanged
(5) nsColumnSetFrame::GetContentInsertionFrame
(6) nsLineLayout::TrimTrailingWhiteSpaceIn methods
(7) and other vectors.
Affected Products:
Multiple Products
Reference IDs:
|
Description:
This indicates an attempt to exploit one of several remote command execution vulnerabilities in Microsoft Office.
The vulnerabilities are caused by an error that occurs when the vulnerable software handles a malicious RTF file. It allows a remote attacker to execute arbitrary code via a crafted RTF file.
Affected Products:
Microsoft Office 2000 Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 2
Microsoft Office 2004 for Mac
Microsoft Word Viewer 2003
Microsoft Works Suite 2004
Microsoft Works Suite 2005
Microsoft Works Suite 2006
Microsoft Word 2007
Reference IDs:
|
 Top of Section
Enhanced Coverage
The FortiGuard Threat Research team updates security content as new
vectors of exploitation are discovered. The table below details the
security content enhanced with this release.
Critical ( 3 )
High ( 18 )
Medium ( 7 )
Low ( 4 )
Top of Section
Active Exploitation
The FortiGuard Threat Research team uses globally distributed probes
to monitor exploit activity. Vulnerabilities can be classified as
active and given a magnitude level. The magnitude level is the rate
of activity across the probes. The value of the magnitude is set to
low, medium or high.
The table below lists the vulnerabilities discussed in this bulletin
and their corresponding exploit activity magnitude. The data below is
as of this writing.
Critical ( 4 of 7 )
High ( 6 of 15 )
Medium ( 4 of 9 )
Low ( 1 of 4 )
Top of Section
Document History
| Revision Date |
Version Number |
|
| Wednesday, April 02, 2008 |
1 |
Initial Documentation. |
About Fortinet ( www.fortinet.com )
Fortinet is the pioneer and leading provider of ASIC-accelerated unified threat management, or UTM, security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, VPN, spyware prevention and anti-spam -- designed to help customers protect against network and content level threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified in six programs by ICSA Labs: (Firewall, Antivirus, IPSec, SSL, Network IPS, and Anti-Spyware). Fortinet is privately held and based in Sunnyvale, California.
Disclaimer
Although Fortinet has attempted to provide accurate information in these materials, Fortinet assumes no legal responsibility for the accuracy or completeness of the information. Please note that no Fortinet statements herein constitute or contain any guarantee, warranty or legally binding representation. All materials contained in this publication are subject to change without notice, and Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
Top of page
|
