23.05.2012, 11:41
Jakaś aktualizacja w związku z Firefoxem:
Executive Summary
Since the last McAfee® Labs Security Advisory (May 19),
the following noteworthy event has taken place:
McAfee product coverage has been updated for vulnerabilities in Mozilla Firefox.
McAfee product coverage for this event:
================================================== =====
McAfee Product Coverage Updates *
================================================== =====
Threat:MTIS11-236-F
Name:Mozilla FF RCE 3658
Importance:Medium
DAT:UA => Part
BOP:Exp
Host IPS:Exp
McAfee Network Security Platform: UA
McAfee Vulnerability Manager:Yes
McAfee Web Gateway:UA => Part
McAfee Remediation Manager
end => Yes
McAfee Policy Auditor:UA
MNAC:UA
McAfee Firewall Enterprise:UA
McAfee Application Control:Exp
-------------------------------------------------- -----
Threat:MTIS12-018-E
Name:Mozilla FF RCE 3659
Importance:Medium
DAT:UA => Part
BOP:Exp
Host IPS:Exp
McAfee Network Security Platform: UA
McAfee Vulnerability Manager:Yes
McAfee Web Gateway:UA => Part
McAfee Remediation Manager:Yes
McAfee Policy Auditor:UA
MNAC:UA
McAfee Firewall Enterprise:UA
McAfee Application Control:Exp
================================================== =============================
[MTIS11-236-F]
Mozilla Firefox nsSVGValue Out-of-Bounds Access Remote Code Execution
================================================== =============================
Threat Identifier(s):CVE-2011-3658
Threat Type:Vulnerability
Risk Assessment:High
Main Threat Vectors:Web
User Interaction Required:Yes
Description:A vulnerability in some versions of Mozilla Firefox, Thunderbird, and SeaMonkey could lead to remote code execution. The flaw is due to the DOMAttrModified event handlers, which do not properly interact with the application''s SVG implementation. Successful exploitation could result in the execution of arbitrary code or a denial of service condition.
Importance:Medium. On December 20, 2011, Mozilla released an update to address this vulnerability.
McAfee Product Coverage *
DAT files:The 6709 DAT files, released on May 12, provide coverage when using the following scanners while scanning with heuristics enabled: GS, PS, SIG, SMG, SWG, TOPS Email, VSE Email, and VSO Email.
VSE BOP:Generic buffer overflow protection is expected to cover code execution exploits.
Host IPS:Generic buffer overflow protection is expected to cover code execution exploits.
McAfee Network Security Platform: Under analysis
McAfee Vulnerability Manager:The FSL/MVM package of January 4 includes a vulnerability check to assess if your systems are at risk.
McAfee Web Gateway:Coverage is provided in the 6709 DAT files (with heuristics enabled), released in the May 12 Gateway Anti-Malware Database Update.
McAfee Remediation Manager:The V-Flash release of January 10 contains a remedy for this issue.
McAfee Policy Auditor:Under analysis
MNAC:Under analysis
McAfee Firewall Enterprise:Under analysis
McAfee Application Control:Run-Time Control locks down systems and provides protection in the form of Execution Control (only authorized programs can run) and Memory Protection (protection against remote code execution).
Additional Information
Mozilla: Mozilla Foundation Security Advisory 2011-55
================================================== =============================
[MTIS12-018-E]
Mozilla Firefox Use-After-Free nsDOMAttribute Remote Code Execution
================================================== =============================
Threat Identifier(s):CVE-2011-3659
Threat Type:Vulnerability
Risk Assessment:High
Main Threat Vectors:Web
User Interaction Required:Yes
Description:A vulnerability in some versions of Mozilla Firefox could lead to remote code execution. The flaw lies in the nsDOMAttribute child nodes. Successful exploitation could allow an attacker to execute remote code. The exploit requires the user to visit a malicious website.
Importance:Medium. On January 31, Mozilla released an update to address this vulnerability.
McAfee Product Coverage *
DAT files:The 6713 DAT files, released on May 16, provide coverage when using the following scanners while scanning with heuristics enabled: GS, PS, SIG, SMG, SWG, TOPS Email, VSE Email, and VSO Email.
VSE BOP:Generic buffer overflow protection is expected to cover code execution exploits.
Host IPS:Generic buffer overflow protection is expected to cover code execution exploits.
McAfee Network Security Platform: Under analysis
McAfee Vulnerability Manager:The FSL/MVM package of February 15 includes a vulnerability check to assess if your systems are at risk.
McAfee Web Gateway:Coverage is provided in the 6709 DAT files (with heuristics enabled), released in the May 12 Gateway Anti-Malware Database Update.
McAfee Remediation Manager:The V-Flash release of February 3 contains a remedy for this issue.
McAfee Policy Auditor:Under analysis
MNAC:Under analysis
McAfee Firewall Enterprise:Under analysis
McAfee Application Control:Run-Time Control locks down systems and provides protection in the form of Execution Control (only authorized programs can run) and Memory Protection (protection against remote code execution).
Additional Information
Mozilla: Mozilla Foundation Security Advisory 2012-04
-------------------------------------------------- -------------------------
Detailed descriptions of the Security Advisories can be found in the Users Guide:
For more information on McAfee Labs Security Advisories, see:
For McAfee Technical Support:
McAfee values your feedback on this Security Advisory. Please reply to this mail with your comments
*The information provided is only for the use and convenience of McAfee''s customers in connection with their McAfee products, and applies only to the threats described herein. McAfee product coverage statements are limited to known attack vectors and should not be considered comprehensive. THE INFORMATION PROVIDED HEREIN IS PROVIDED "AS IS" AND IS SUBJECT TO CHANGE WITHOUT NOTICE.
The information contained herein is the property of McAfee, Inc. and may not be reproduced or disseminated without the expressed written consent of McAfee, Inc.
McAfee and/or additional marks herein are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the United States and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.
McAfee, Inc. 3965 Freedom Circle, Santa Clara, CA 95054 888.847.8766
© 2012 McAfee, Inc. All rights reserved.
Executive Summary
Since the last McAfee® Labs Security Advisory (May 19),
the following noteworthy event has taken place:
McAfee product coverage has been updated for vulnerabilities in Mozilla Firefox.
McAfee product coverage for this event:
================================================== =====
McAfee Product Coverage Updates *
================================================== =====
Threat:MTIS11-236-F
Name:Mozilla FF RCE 3658
Importance:Medium
DAT:UA => Part
BOP:Exp
Host IPS:Exp
McAfee Network Security Platform: UA
McAfee Vulnerability Manager:Yes
McAfee Web Gateway:UA => Part
McAfee Remediation Manager
end => YesMcAfee Policy Auditor:UA
MNAC:UA
McAfee Firewall Enterprise:UA
McAfee Application Control:Exp
-------------------------------------------------- -----
Threat:MTIS12-018-E
Name:Mozilla FF RCE 3659
Importance:Medium
DAT:UA => Part
BOP:Exp
Host IPS:Exp
McAfee Network Security Platform: UA
McAfee Vulnerability Manager:Yes
McAfee Web Gateway:UA => Part
McAfee Remediation Manager:Yes
McAfee Policy Auditor:UA
MNAC:UA
McAfee Firewall Enterprise:UA
McAfee Application Control:Exp
================================================== =============================
[MTIS11-236-F]
Mozilla Firefox nsSVGValue Out-of-Bounds Access Remote Code Execution
================================================== =============================
Threat Identifier(s):CVE-2011-3658
Threat Type:Vulnerability
Risk Assessment:High
Main Threat Vectors:Web
User Interaction Required:Yes
Description:A vulnerability in some versions of Mozilla Firefox, Thunderbird, and SeaMonkey could lead to remote code execution. The flaw is due to the DOMAttrModified event handlers, which do not properly interact with the application''s SVG implementation. Successful exploitation could result in the execution of arbitrary code or a denial of service condition.
Importance:Medium. On December 20, 2011, Mozilla released an update to address this vulnerability.
McAfee Product Coverage *
DAT files:The 6709 DAT files, released on May 12, provide coverage when using the following scanners while scanning with heuristics enabled: GS, PS, SIG, SMG, SWG, TOPS Email, VSE Email, and VSO Email.
VSE BOP:Generic buffer overflow protection is expected to cover code execution exploits.
Host IPS:Generic buffer overflow protection is expected to cover code execution exploits.
McAfee Network Security Platform: Under analysis
McAfee Vulnerability Manager:The FSL/MVM package of January 4 includes a vulnerability check to assess if your systems are at risk.
McAfee Web Gateway:Coverage is provided in the 6709 DAT files (with heuristics enabled), released in the May 12 Gateway Anti-Malware Database Update.
McAfee Remediation Manager:The V-Flash release of January 10 contains a remedy for this issue.
McAfee Policy Auditor:Under analysis
MNAC:Under analysis
McAfee Firewall Enterprise:Under analysis
McAfee Application Control:Run-Time Control locks down systems and provides protection in the form of Execution Control (only authorized programs can run) and Memory Protection (protection against remote code execution).
Additional Information
Mozilla: Mozilla Foundation Security Advisory 2011-55
[Aby zobaczyć linki, zarejestruj się tutaj]
================================================== =============================
[MTIS12-018-E]
Mozilla Firefox Use-After-Free nsDOMAttribute Remote Code Execution
================================================== =============================
Threat Identifier(s):CVE-2011-3659
Threat Type:Vulnerability
Risk Assessment:High
Main Threat Vectors:Web
User Interaction Required:Yes
Description:A vulnerability in some versions of Mozilla Firefox could lead to remote code execution. The flaw lies in the nsDOMAttribute child nodes. Successful exploitation could allow an attacker to execute remote code. The exploit requires the user to visit a malicious website.
Importance:Medium. On January 31, Mozilla released an update to address this vulnerability.
McAfee Product Coverage *
DAT files:The 6713 DAT files, released on May 16, provide coverage when using the following scanners while scanning with heuristics enabled: GS, PS, SIG, SMG, SWG, TOPS Email, VSE Email, and VSO Email.
VSE BOP:Generic buffer overflow protection is expected to cover code execution exploits.
Host IPS:Generic buffer overflow protection is expected to cover code execution exploits.
McAfee Network Security Platform: Under analysis
McAfee Vulnerability Manager:The FSL/MVM package of February 15 includes a vulnerability check to assess if your systems are at risk.
McAfee Web Gateway:Coverage is provided in the 6709 DAT files (with heuristics enabled), released in the May 12 Gateway Anti-Malware Database Update.
McAfee Remediation Manager:The V-Flash release of February 3 contains a remedy for this issue.
McAfee Policy Auditor:Under analysis
MNAC:Under analysis
McAfee Firewall Enterprise:Under analysis
McAfee Application Control:Run-Time Control locks down systems and provides protection in the form of Execution Control (only authorized programs can run) and Memory Protection (protection against remote code execution).
Additional Information
Mozilla: Mozilla Foundation Security Advisory 2012-04
[Aby zobaczyć linki, zarejestruj się tutaj]
-------------------------------------------------- -------------------------
Detailed descriptions of the Security Advisories can be found in the Users Guide:
[Aby zobaczyć linki, zarejestruj się tutaj]
For more information on McAfee Labs Security Advisories, see:
[Aby zobaczyć linki, zarejestruj się tutaj]
For McAfee Technical Support:
[Aby zobaczyć linki, zarejestruj się tutaj]
For Multi-National Phone Support :[Aby zobaczyć linki, zarejestruj się tutaj]
McAfee values your feedback on this Security Advisory. Please reply to this mail with your comments
*The information provided is only for the use and convenience of McAfee''s customers in connection with their McAfee products, and applies only to the threats described herein. McAfee product coverage statements are limited to known attack vectors and should not be considered comprehensive. THE INFORMATION PROVIDED HEREIN IS PROVIDED "AS IS" AND IS SUBJECT TO CHANGE WITHOUT NOTICE.
The information contained herein is the property of McAfee, Inc. and may not be reproduced or disseminated without the expressed written consent of McAfee, Inc.
McAfee and/or additional marks herein are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the United States and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.
McAfee, Inc. 3965 Freedom Circle, Santa Clara, CA 95054 888.847.8766
[Aby zobaczyć linki, zarejestruj się tutaj]
© 2012 McAfee, Inc. All rights reserved.