Need more info? CONTACT US
Sourcefire VRT Advisory

Multiple Vulnerabilities Affecting Microsoft Products

Synopsis:

The Sourcefire VRT is aware of multiple vulnerabilities affecting Microsoft products.

Details:

Microsoft Security Advisory MS08-041:
The Microsoft Access Snapshot Viewer ActiveX control contains a vulnerability that may allow a remote attacker to execute code on an affected system.

Previously released rules will detect attacks targeting this vulnerability and are identified with GID 1, SIDs 7981 and 7982 and GID 3, SIDs 13903 through 13910.

Microsoft Security Advisory MS08-043:
Microsoft Excel contains programming errors that may allow a remote attacker to execute code on an affected system.

Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 3, SIDs 13972 and 13973.

Microsoft Security Advisory MS08-044:
Microsoft Office Filters contain programming errors that may allow a remote attacker to execute code on an affected system.

Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 3, SIDs 13946, 13947, 13958, 13970 and 13979.

Microsoft Security Advisory MS08-045:
Microsoft Internet Explorer contains multiple vulnerabilities that may allow an attacker to execute code on an affected system.

Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 3, SIDs 13960, 13961, 13963, 13964, 13974 and 13980.

Microsoft Security Advisory MS08-046:
The Microsoft Windows Image Color Management System contains a programming error that may allow a remote attacker to execute code on an affected system via a malformed image file.

A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 3, SID 13954.

Microsoft Security Advisory MS08-048:
Microsoft Outlook Express and Windows Mail contain a programming error that may result in information disclosure while viewing HTML files.

A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 3, SID 13962.

Microsoft Security Advisory MS08-049:
The Microsoft Windows Event System contains multiple vulnerabilities that may allow a remote attacker to execute code on an affected system.

Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 3, SIDs 13975 through 13979.

Microsoft Security Advisory MS08-050:
Microsoft Windows Messenger contains a programming error that may result in information disclosure via the scripting of an ActiveX control.

Rules to detect attacks targeting this vulnerability are included in this release and are identified with GID 3, SIDs 13965 through 13968.

Microsoft Security Advisory MS08-051:
Microsoft PowerPoint and Microsoft Office PowerPoint Viewer contain programming errors that may allow a remote attacker to execute code on an affected system via a malformed PowerPoint file.

Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 3, SIDs 13969 and 13971.

For Assistance: