06.06.2012, 10:35
aha. To ciekawe , że na pentium4 i 1gb ram, Czyli komputerze , który hm..pochodzi ze średniowiecza program absolutnie lekko funkcjonuje, a na i7 Muli.
Ale co komputer to obyczaj widocznie.
Dodano: 06 cze 2012, 10:35
McAfee aktualizuje się w związku z lukami w produktach Symanteca.
Executive Summary
Since the last McAfee® Labs Security Advisory (June 5),
the following noteworthy event has taken place:
McAfee product coverage has been updated for vulnerabilities in Symantec and IrfanView products.
McAfee product coverage for this event:
================================================== =====
McAfee Product Coverage *
================================================== =====
Threat:MTIS12-091-A
Name:Sym EP RCE 0295
Importance:Medium
DAT:UA
BOP:N/A
Host IPS:Exp
McAfee Network Security Platform: UA
McAfee Vulnerability Manager
end
McAfee Web Gateway:UA
McAfee Remediation Manager:N/A
McAfee Policy Auditor:UA
MNAC:UA
McAfee Firewall Enterprise:UA
McAfee Firewall Enterprise:UA
-------------------------------------------------- -----
Threat:MTIS12-091-B
Name:Sym EP RCE 0294
Importance:Medium
DAT:UA
BOP:N/A
Host IPS:Exp
McAfee Network Security Platform: UA
McAfee Vulnerability Managerend
McAfee Web Gateway:UA
McAfee Remediation Manager:N/A
McAfee Policy Auditor:UA
MNAC:None
McAfee Firewall Enterprise:UA
McAfee Firewall Enterprise:UA
-------------------------------------------------- -----
Threat:MTIS12-091-C
Name:IrfanView PlugIn TTF RCE
Importance:Medium
DAT:UA
BOP:Exp
Host IPS:Exp
McAfee Network Security Platform: UA
McAfee Vulnerability Manager:UA
McAfee Web Gateway:UA
McAfee Remediation Manager:UA
McAfee Policy Auditor:UA
MNAC:UA
McAfee Firewall Enterprise:UA
McAfee Firewall Enterprise:UA
================================================== =====
McAfee Product Coverage Updates *
================================================== =====
Threat:MTIS12-085-B
Name:Sym EP LCE 0589
Importance:Medium
DATend => Yes
BOP:N/A
Host IPS:N/A
McAfee Network Security Platform: UA
McAfee Vulnerability Managerend
McAfee Web Gatewayend => Yes
McAfee Remediation Manager:N/A
McAfee Policy Auditor:UA
MNAC:UA
McAfee Firewall Enterprise:UA
McAfee Application Control:UA
================================================== =============================
[MTIS12-091-A]
Symantec Endpoint Protection File Insertion Remote Code Execution
================================================== =============================
Threat Identifier(s):CVE-2012-0295
Threat Type:Vulnerability
Risk Assessment:Medium
Main Threat Vectors:LAN; WAN; Web
User Interaction Required:No
Description:A vulnerability in some versions of Symantec Endpoint Protection could lead to remote code execution. The flaw lies in the Management Console. Successful exploitation could allow an attacker to insert arbitrary files and execute remote code.
Importance:Medium. On May 23, Symantec released an update to address this vulnerability.
McAfee Product Coverage *
DAT files:Under analysis
VSE BOP:Out of scope
Host IPS:Out of scope
McAfee Network Security Platform: Under analysis
McAfee Vulnerability Manager:The FSL/MVM package of June 6 will include a vulnerability check to assess if your systems are at risk.
McAfee Web Gateway:Under analysis
McAfee Remediation Manager:Out of scope
McAfee Policy Auditor:Under analysis
MNAC:Under analysis
McAfee Firewall Enterprise:Under analysis
McAfee Application Control:Under analysis
Additional Information
Symantec: Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Multiple Issues
================================================== =============================
[MTIS12-091-B]
Symantec Endpoint Protection Directory Transversal Remote Code Execution
================================================== =============================
Threat Identifier(s):CVE-2012-0294
Threat Type:Vulnerability
Risk Assessment:Medium
Main Threat Vectors:LAN; WAN; Web
User Interaction Required:No
Description:A vulnerability in some versions of Symantec Endpoint Protection could lead to remote code execution. The flaw lies in the Management Console. Successful exploitation could allow an attacker to delete selected files.
Importance:Medium. On May 23, Symantec released an update to address this vulnerability.
McAfee Product Coverage *
DAT files:Under analysis
VSE BOP:Out of scope
Host IPS:Out of scope
McAfee Network Security Platform: Under analysis
McAfee Vulnerability Manager:The FSL/MVM package of June 6 will include a vulnerability check to assess if your systems are at risk.
McAfee Web Gateway:Under analysis
McAfee Remediation Manager:Out of scope
McAfee Policy Auditor:Under analysis
MNAC:Under analysis
McAfee Firewall Enterprise:Under analysis
McAfee Application Control:Under analysis
Additional Information
Symantec: Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Multiple Issues
================================================== =============================
[MTIS12-091-C]
IrfanView Formats PlugIn TTF File Buffer Overflow Remote Code Execution
================================================== =============================
Threat Identifier(s):IrfanView Formats RCE
Threat Type:Vulnerability
Risk Assessment:High
Main Threat Vectors:LAN; WAN; Web; Peer-to-Peer Networks
User Interaction Required:Yes
Description:A vulnerability in some versions of IrfanView could lead to remote code execution. The flaw is due to a buffer overflow within the plug-in. Successful exploitation by a remote attacker could result in the execution of arbitrary code.
Importance:Medium. On May 31, IrfanView released an update to address this vulnerability.
McAfee Product Coverage *
DAT files:Under analysis
VSE BOP:Generic buffer overflow protection is expected to cover code execution exploits.
Host IPS:Generic buffer overflow protection is expected to cover code execution exploits.
McAfee Network Security Platform: Under analysis
McAfee Vulnerability Manager:Under analysis
McAfee Web Gateway:Under analysis
McAfee Remediation Manager:Under analysis
McAfee Policy Auditor:Under analysis
MNAC:Under analysis
McAfee Firewall Enterprise:Under analysis
McAfee Application Control:Under analysis
Additional Information
IrfanView: FORMATS PlugIn - 4.34
================================================== =============================
[MTIS12-085-B]
Symantec Endpoint Protection Local Code Execution
================================================== =============================
Threat Identifier(s):CVE-2012-0289
Threat Type:Vulnerability
Risk Assessment:Medium
Main Threat Vectors:LAN; Web; WAN
User Interaction Required:No
Description:A vulnerability in some versions of Symantec Endpoint Protection could lead to remote code execution. The flaw lies in the Management Console. Successful exploitation could allow an attacker to execute remote code. The exploit requires the attacker to have valid credentials to the vulnerable system.
Importance:Medium. On May 23, Symantec released an update to address this vulnerability. Proof-of-concept exploit code is available.
McAfee Product Coverage *
DAT files:Coverage is provided as Exploit-CVE2012-0289 in the 6732 DATs, released June 4.
VSE BOP:Out of scope
Host IPS:Out of scope
McAfee Network Security Platform: Under analysis
McAfee Vulnerability Manager:The FSL/MVM package of June 6 will include a vulnerability check to assess if your systems are at risk.
McAfee Web Gateway:Coverage is provided as Exploit-CVE2012-0289 in the 6732 DATs, released June 4.
McAfee Remediation Manager:Out of scope
McAfee Policy Auditor:Under analysis
MNAC:Under analysis
McAfee Firewall Enterprise:Under analysis
McAfee Application Control:Under analysis
Additional Information
Symantec: Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Multiple Issues
-------------------------------------------------- -------------------------
Detailed descriptions of the Security Advisories can be found in the Users Guide:
For more information on McAfee Labs Security Advisories, see:
For McAfee Technical Support:
McAfee values your feedback on this Security Advisory. Please reply to this mail with your comments
*The information provided is only for the use and convenience of McAfee''s customers in connection with their McAfee products, and applies only to the threats described herein. McAfee product coverage statements are limited to known attack vectors and should not be considered comprehensive. THE INFORMATION PROVIDED HEREIN IS PROVIDED "AS IS" AND IS SUBJECT TO CHANGE WITHOUT NOTICE.
The information contained herein is the property of McAfee, Inc. and may not be reproduced or disseminated without the expressed written consent of McAfee, Inc.
McAfee and/or additional marks herein are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the United States and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.
Ale co komputer to obyczaj widocznie.
Dodano: 06 cze 2012, 10:35
McAfee aktualizuje się w związku z lukami w produktach Symanteca.
Executive SummarySince the last McAfee® Labs Security Advisory (June 5),
the following noteworthy event has taken place:
McAfee product coverage has been updated for vulnerabilities in Symantec and IrfanView products.
McAfee product coverage for this event:
================================================== =====
McAfee Product Coverage *
================================================== =====
Threat:MTIS12-091-A
Name:Sym EP RCE 0295
Importance:Medium
DAT:UA
BOP:N/A
Host IPS:Exp
McAfee Network Security Platform: UA
McAfee Vulnerability Manager
endMcAfee Web Gateway:UA
McAfee Remediation Manager:N/A
McAfee Policy Auditor:UA
MNAC:UA
McAfee Firewall Enterprise:UA
McAfee Firewall Enterprise:UA
-------------------------------------------------- -----
Threat:MTIS12-091-B
Name:Sym EP RCE 0294
Importance:Medium
DAT:UA
BOP:N/A
Host IPS:Exp
McAfee Network Security Platform: UA
McAfee Vulnerability Manager
endMcAfee Web Gateway:UA
McAfee Remediation Manager:N/A
McAfee Policy Auditor:UA
MNAC:None
McAfee Firewall Enterprise:UA
McAfee Firewall Enterprise:UA
-------------------------------------------------- -----
Threat:MTIS12-091-C
Name:IrfanView PlugIn TTF RCE
Importance:Medium
DAT:UA
BOP:Exp
Host IPS:Exp
McAfee Network Security Platform: UA
McAfee Vulnerability Manager:UA
McAfee Web Gateway:UA
McAfee Remediation Manager:UA
McAfee Policy Auditor:UA
MNAC:UA
McAfee Firewall Enterprise:UA
McAfee Firewall Enterprise:UA
================================================== =====
McAfee Product Coverage Updates *
================================================== =====
Threat:MTIS12-085-B
Name:Sym EP LCE 0589
Importance:Medium
DAT
end => YesBOP:N/A
Host IPS:N/A
McAfee Network Security Platform: UA
McAfee Vulnerability Manager
endMcAfee Web Gateway
end => YesMcAfee Remediation Manager:N/A
McAfee Policy Auditor:UA
MNAC:UA
McAfee Firewall Enterprise:UA
McAfee Application Control:UA
================================================== =============================
[MTIS12-091-A]
Symantec Endpoint Protection File Insertion Remote Code Execution
================================================== =============================
Threat Identifier(s):CVE-2012-0295
Threat Type:Vulnerability
Risk Assessment:Medium
Main Threat Vectors:LAN; WAN; Web
User Interaction Required:No
Description:A vulnerability in some versions of Symantec Endpoint Protection could lead to remote code execution. The flaw lies in the Management Console. Successful exploitation could allow an attacker to insert arbitrary files and execute remote code.
Importance:Medium. On May 23, Symantec released an update to address this vulnerability.
McAfee Product Coverage *
DAT files:Under analysis
VSE BOP:Out of scope
Host IPS:Out of scope
McAfee Network Security Platform: Under analysis
McAfee Vulnerability Manager:The FSL/MVM package of June 6 will include a vulnerability check to assess if your systems are at risk.
McAfee Web Gateway:Under analysis
McAfee Remediation Manager:Out of scope
McAfee Policy Auditor:Under analysis
MNAC:Under analysis
McAfee Firewall Enterprise:Under analysis
McAfee Application Control:Under analysis
Additional Information
Symantec: Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Multiple Issues
[Aby zobaczyć linki, zarejestruj się tutaj]
================================================== =============================
[MTIS12-091-B]
Symantec Endpoint Protection Directory Transversal Remote Code Execution
================================================== =============================
Threat Identifier(s):CVE-2012-0294
Threat Type:Vulnerability
Risk Assessment:Medium
Main Threat Vectors:LAN; WAN; Web
User Interaction Required:No
Description:A vulnerability in some versions of Symantec Endpoint Protection could lead to remote code execution. The flaw lies in the Management Console. Successful exploitation could allow an attacker to delete selected files.
Importance:Medium. On May 23, Symantec released an update to address this vulnerability.
McAfee Product Coverage *
DAT files:Under analysis
VSE BOP:Out of scope
Host IPS:Out of scope
McAfee Network Security Platform: Under analysis
McAfee Vulnerability Manager:The FSL/MVM package of June 6 will include a vulnerability check to assess if your systems are at risk.
McAfee Web Gateway:Under analysis
McAfee Remediation Manager:Out of scope
McAfee Policy Auditor:Under analysis
MNAC:Under analysis
McAfee Firewall Enterprise:Under analysis
McAfee Application Control:Under analysis
Additional Information
Symantec: Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Multiple Issues
[Aby zobaczyć linki, zarejestruj się tutaj]
================================================== =============================
[MTIS12-091-C]
IrfanView Formats PlugIn TTF File Buffer Overflow Remote Code Execution
================================================== =============================
Threat Identifier(s):IrfanView Formats RCE
Threat Type:Vulnerability
Risk Assessment:High
Main Threat Vectors:LAN; WAN; Web; Peer-to-Peer Networks
User Interaction Required:Yes
Description:A vulnerability in some versions of IrfanView could lead to remote code execution. The flaw is due to a buffer overflow within the plug-in. Successful exploitation by a remote attacker could result in the execution of arbitrary code.
Importance:Medium. On May 31, IrfanView released an update to address this vulnerability.
McAfee Product Coverage *
DAT files:Under analysis
VSE BOP:Generic buffer overflow protection is expected to cover code execution exploits.
Host IPS:Generic buffer overflow protection is expected to cover code execution exploits.
McAfee Network Security Platform: Under analysis
McAfee Vulnerability Manager:Under analysis
McAfee Web Gateway:Under analysis
McAfee Remediation Manager:Under analysis
McAfee Policy Auditor:Under analysis
MNAC:Under analysis
McAfee Firewall Enterprise:Under analysis
McAfee Application Control:Under analysis
Additional Information
IrfanView: FORMATS PlugIn - 4.34
[Aby zobaczyć linki, zarejestruj się tutaj]
================================================== =============================
[MTIS12-085-B]
Symantec Endpoint Protection Local Code Execution
================================================== =============================
Threat Identifier(s):CVE-2012-0289
Threat Type:Vulnerability
Risk Assessment:Medium
Main Threat Vectors:LAN; Web; WAN
User Interaction Required:No
Description:A vulnerability in some versions of Symantec Endpoint Protection could lead to remote code execution. The flaw lies in the Management Console. Successful exploitation could allow an attacker to execute remote code. The exploit requires the attacker to have valid credentials to the vulnerable system.
Importance:Medium. On May 23, Symantec released an update to address this vulnerability. Proof-of-concept exploit code is available.
McAfee Product Coverage *
DAT files:Coverage is provided as Exploit-CVE2012-0289 in the 6732 DATs, released June 4.
VSE BOP:Out of scope
Host IPS:Out of scope
McAfee Network Security Platform: Under analysis
McAfee Vulnerability Manager:The FSL/MVM package of June 6 will include a vulnerability check to assess if your systems are at risk.
McAfee Web Gateway:Coverage is provided as Exploit-CVE2012-0289 in the 6732 DATs, released June 4.
McAfee Remediation Manager:Out of scope
McAfee Policy Auditor:Under analysis
MNAC:Under analysis
McAfee Firewall Enterprise:Under analysis
McAfee Application Control:Under analysis
Additional Information
Symantec: Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Multiple Issues
[Aby zobaczyć linki, zarejestruj się tutaj]
-------------------------------------------------- -------------------------
Detailed descriptions of the Security Advisories can be found in the Users Guide:
[Aby zobaczyć linki, zarejestruj się tutaj]
For more information on McAfee Labs Security Advisories, see:
[Aby zobaczyć linki, zarejestruj się tutaj]
For McAfee Technical Support:
[Aby zobaczyć linki, zarejestruj się tutaj]
For Multi-National Phone Support :[Aby zobaczyć linki, zarejestruj się tutaj]
McAfee values your feedback on this Security Advisory. Please reply to this mail with your comments
*The information provided is only for the use and convenience of McAfee''s customers in connection with their McAfee products, and applies only to the threats described herein. McAfee product coverage statements are limited to known attack vectors and should not be considered comprehensive. THE INFORMATION PROVIDED HEREIN IS PROVIDED "AS IS" AND IS SUBJECT TO CHANGE WITHOUT NOTICE.
The information contained herein is the property of McAfee, Inc. and may not be reproduced or disseminated without the expressed written consent of McAfee, Inc.
McAfee and/or additional marks herein are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the United States and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.