Home / 2008 Advisories Archive

2008 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Medium	29 May 2008	29 May 2008	CPAI-2008-078		CVE-2007-0675	Microsoft Windows Speech Components sapi.dll Code Execution (MS08-032; CVE-2007-0675)
High	8 Apr 2008	8 Apr 2008	CPAI-2008-056		CVE-2008-0623 CVE-2008-0624 CVE-2008-0625	Yahoo! Music Jukebox ActiveX Control Multiple Buffer Overflows (CVE-2008-0623; CVE-2008-0624; CVE-2008-0625)
High	8 Apr 2008	8 Apr 2008	CPAI-2008-057		CVE-2007-6016	Symantec Backup Exec Server Scheduler ActiveX Control Buffer Overflow (CVE-2007-6016)
Critical	8 Apr 2008	8 Apr 2008	CPAI-2008-048		CVE-2008-1088	Microsoft Project Invalid Memory Pointer Code Execution (MS08-018; CVE-2008-1088)
Critical	8 Apr 2008	8 Apr 2008	CPAI-2008-053		CVE-2008-1083	Microsoft Windows GDI Metafile Image Handling Heap Overflow (MS08-021; CVE-2008-1083)
Critical	8 Apr 2008	8 Apr 2008	CPAI-2008-050		CVE-2008-1086	Internet Explorer ActiveX Control hxvz.dll Memory Corruption (MS08-023; CVE-2008-1086)
Critical	8 Apr 2008	8 Apr 2008	CPAI-2008-028		CVE-2008-0083	Microsoft Windows Scripting Engines Script Encoding Code Execution (MS08-022; CVE-2008-0083)
Critical	8 Apr 2008	8 Apr 2008	CPAI-2008-054		CVE-2008-1087	Microsoft Windows GDI EMF Image File Handling Stack Overflow (MS08-021; CVE-2008-1087)
High	1 Feb 2008	20 Mar 2008	CPAI-2008-202	Microsoft Security Bulletin MS06-032 VOIPSEC	CVE-2006-2379 CVE-2007-1594	IPS-1 Protection Updates for Vulnerabilities in Microsoft Windows and Asterisk and IPS-1 Protocol and Protocol Subsystems Updates
N/A	11 Mar 2008	11 Mar 2008	SBP-2008-04		CVE-2008-0112	SYLK Files (CVE-2008-0112)
Critical	12 Feb 2008	12 Feb 2008	CPAI-2008-020		CVE-2007-0065	Microsoft Windows OLE Automation Remote Code Execution (MS08-008; CVE-2007-0065)
Critical	12 Feb 2008	12 Feb 2008	CPAI-2008-024		CVE-2008-0077	Internet Explorer ANIMATEMOTION Memory Corruption (MS08-010; CVE-2008-0077)
Critical	12 Feb 2008	12 Feb 2008	CPAI-2008-025		CVE-2008-0078	Internet Explorer Image Processing Memory Corruption (MS08-010; CVE-2008-0078)
Critical	12 Feb 2008	12 Feb 2008	CPAI-2008-023		CVE-2008-0076	Internet Explorer HTML Rendering Memory Corruption (MS08-010; CVE-2008-0076)
Critical	12 Feb 2008	12 Feb 2008	CPAI-2008-022		CVE-2007-4790	Microsoft Visual FoxPro ActiveX Control Buffer Overflow (MS08-010; CVE-2007-4790)
High	3 Feb 2008	3 Feb 2008	CPAI-2008-008		CVE-2007-6535	Yahoo! Toolbar URL Shortcut ActiveX Control Buffer Overflow (CVE-2007-6535)
High	3 Feb 2008	3 Feb 2008	CPAI-2008-018		CVE-2008-0237	Microsoft Rich Textbox Control Arbitrary File Overwrite (CVE-2008-0237)
High	17 Jan 2008	17 Jan 2008	CPAI-2008-010		CVE-2007-5660	Macrovision InstallShield Update Service ActiveX Control Code Execution (CVE-2007-5660)
Critical	17 Jan 2008	17 Jan 2008	CPAI-2008-011		CVE-2007-3955	LinkedIn Toolbar IEContextMenu Buffer Overflow (CVE-2007-3955)
High	7 Jan 2008	7 Jan 2008	CPAI-2008-002		CVE-2007-5755	AOL Radio AmpX ActiveX Control Buffer Overflow (CVE-2007-5755)
High	4 Feb 2008	1 Jan 2008	CPAI-2008-017	http://www.emsisoft.com/en/malware/?Adware.Win32.Direct.Toolbar http://www.spywareguide.com/spydet_3578_search4top.html		Update Protections against Recent Malware Threats (04-Feb-08)
Medium	24 Jan 2008	1 Jan 2008	CPAI-2008-016	SmartDefense Research Center		Integrity Clientless Security (ICS) Update 3.7.205.0
High	11 Mar 2008	1 Jan 2008	CPAI-2008-040	Microsoft Security Bulletin MS08-014	CVE-2008-0081	Preemptive Protection against Microsoft Excel Macro Validation Remote Code Execution Vulnerability (MS08-014)
Critical	3 Jun 2008	1 Jan 2008	CPAI-2008-212	SECTRACK:1019788 SREASON:3800	CVE-2008-1328	Update Protection against Computer Associates (CA) ARCserve Backup Software for Laptops and Desktops Buffer Overflow Vulnerability
Medium	14 Jan 2008	1 Jan 2008	CPAI-2008-007	SmartDefense Research Center		Integrity Clientless Security (ICS) Update 3.7.201.0
High	31 Oct 2008	1 Jan 2008	CPAI-2008-232	Secunia Advisory: SA29408	CVE-2008-1472	Update Protection against CA Multiple Products ActiveX Control Buffer Overflow Vulnerability
High	17 Nov 2008	1 Jan 2008	CPAI-2008-165	Toolbar: Rediff Adware-BHO.gen.b Trojan Downloader: Chinatxwm Trojan Downloader: Agent.aarm		Update Protections against Recent Malware Threats (17-Nov-08)
Medium	19 Sep 2008	1 Jan 2008	CPAI-2008-226	Secunia Advisory: SA31384	CVE-2008-2939 US-CERT VU#663763	Update protection against Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross Site Scripting
Medium	7 Nov 2008	1 Jan 2008	CPAI-2008-240	Secunia Advisory: SA32497		Update Protection against Apache Struts Security Bypass and Directory Traversal
High	1 Apr 2008	1 Jan 2008	CPAI-2008-051	http://www.enigmasoftware.com/support/?s=mobrules http://spywaredetector.net/spyware_encyclopedia/ToolBar.ZZToolbar.htm http://www.browserdefender.com/file/404730/site/chinarank.org.cn/		Update Protections against Recent Malware Threats (1-Apr-08)
High	15 Aug 2008	1 Jan 2008	SBP-2008-29	CERT Advisory CA-2001-26: Nimda Worm		Security Best Practice: Familiarize Yourself with the General CIFS Worm Catcher
Low	27 Feb 2008	1 Jan 2008	CPAI-2008-206	SmartDefense Research Center		IPS-1 TCP Protocol Updates
Critical	12 Feb 2008	1 Jan 2008	SBP-2008-01	Microsoft Security Bulletin MS08-012	CVE-2008-0102 CVE-2008-0104	Workaround for Multiple Microsoft Publisher Vulnerabilities (MS08-012)
Medium	15 Apr 2008	1 Jan 2008	CPAI-2008-059	SmartDefense Research Center		Integrity Clientless Security (ICS) Update 3.7.220.0
Medium	15 Aug 2008	1 Jan 2008	SBP-2008-26	IPS Research Center		Security Best Practice: Blocking Citrix ICA Vulnerabilities
Medium	9 Dec 2008	1 Jan 2008	SBP-2008-16	Microsoft Security Bulletin MS08-071	CVE-2008-3465	Workaround for Microsoft GDI WMF Heap Overflow Vulnerability (MS08-071)
High	10 Oct 2008	1 Jan 2008	CPAI-2008-225	Secunia: SA32111	CVE-2008-4479	Update Protection against Novell eDirectory SOAP Handling Accept Language Header Overflow
High	15 Aug 2008	1 Jan 2008	SBP-2008-28	IPS Research Center	CVE-2002-0957 CVE-2002-0629	Security Best Practice: Familiarize Yourself with the Network Quota Protection
Medium	16 Jun 2008	1 Jan 2008	CPAI-2008-083	SmartDefense Research Center		Integrity Clientless Security (ICS) Update 3.7.231.0
High	21 Nov 2008	1 Jan 2008	CPAI-2008-242	Security Focus Bugtraq ID: 32281	CVE-2008-0017	Update Protection against Mozilla Firefox nsDirIndexParser Overflow
Medium	11 Feb 2008	1 Jan 2008	CPAI-2008-019	SmartDefense Research Center		Integrity Clientless Security (ICS) Update 3.7.208.0
High	2 Oct 2008	1 Jan 2008	SBP-2008-11	SmartDefense Research Center		Security Best Practice: Adobe Flash Proxy Auto-Discovery DHCP Traffic Inspection
Medium	10 Oct 2008	1 Jan 2008	CPAI-2008-223	OpenLDAP Foundation	CVE-2008-2952	OpenLDAP ber_get_next BER Decoding Denial of Service
Medium	31 Mar 2008	1 Jan 2008	CPAI-2008-047	SmartDefense Research Center		Integrity Clientless Security (ICS) Update 3.7.217.0
High	25 May 2008	1 Jan 2008	CPAI-2008-071	http://www.spywaresignatures.com/details.php?spyware=find.fmtoolbar http://www.spywaresignatures.com/details.php?spyware=ezreward http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453090717		Update Protections against Recent Malware Threats (25-May-08)
High	7 Nov 2008	1 Jan 2008	CPAI-2008-239	Secunia Advisory: SA32005	CVE-2008-3862	Update Protection against Trend Micro OfficeScan CGI Parsing Buffer Overflow Vulnerability
High	14 Nov 2008	1 Jan 2008	CPAI-2008-235	Secunia Advisory:  SA31410	CVE-2008-2234	Update Protection against openwsman HTTP Basic Authentication Buffer Overflow
High	1 Dec 2008	1 Jan 2008	CPAI-2008-166	CashOn CPush Infostealer.Banker.C AntiMalware Guard Trojan-Dropper.Small.rc		Update Protections against Recent Malware Threats (1-Dec-08)
High	26 Mar 2008	1 Jan 2008	CPAI-2008-045	http://www.2squared.com/glossary_details.php?ID=133895 http://spywaresignatures.com/details.php?spyware=kword.interkey http://spywaresignatures.com/details.php?spyware=eclickztoolbar http://www.paretologic.com/resources/definitions.aspx?remove=Locmag%20Toolbar		Update Protections against Recent Malware Threats (26-Mar-08)
High	3 Jul 2008	1 Jan 2008	CPAI-2008-089	Spyware: Zwinky Trojan Downloader: Wintrim.z Spyware: BitRoll 5.0		Update Protections against Recent Malware Threats (3-Jul-08)