Security Hero Rotating Header Image

Microsoft Security Bulletin for November 2008

Microsoft Security Bulletin for November 2008

The table below lists the Microsoft vulnerabilities for November 2008.

MS Bulletin Number

Microsoft Bulletin Title

Severity

Impact of Vulnerability

Affected Software

CVE ID

MS08-069

Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

Critical

Remote Code Execution

Microsoft Windows

CVE-2007-0099,CVE-2008-4029,CVE-2008-4033

MS08-068

Vulnerability in SMB Could Allow Remote Code Execution (957097)

Important

Remote Code Execution

Microsoft Windows

CVE-2008-4037

Threat Remediation

Fortinet provides coverage on Microsoft vulnerabilities in November 2008.

CVE Number

Signature Name

CVE-2007-0099

XML.Nested.Tags.Handling.Race.Condition.Memory.Corruption

CVE-2008-4029

MS.MSXML.DTD.Cross.Domain.Scripting

CVE-2008-4033

MS.XML.Core.Services.Information.Disclosure

For more information on new and enhanced signatures, visit theIPS Service Update History.If you require more information, contact the FortiGuard Team using ourContact Us web page.

Document History

Revision Date Version Number  
Tuesday, November 11, 2008 1 Initial Documentation.
Wednesday, November 11, 2008 2 Signature for “XML.Nested.Tags.Handling.Race.Condition.Memory.Corruption” has been on IPS Definition 2.565 previously named “Mozilla.Firefox.Javascript.Handler.Memory.Corruption”

Wednesday, November 14, 2008 3 Signature for “MS.MSXML.DTD.Cross.Domain.Scripting” and “MS.XML.Core.Services.Information.Disclosure” have been released on IPS Definition 2.567 previously in beta state.

Reference:

URL: http://www.fortiguardcenter.com/advisory/FGA-2008-27.html

Leave a Reply

Your email address will not be published. Required fields are marked *