IBM Internet Security Systems Internet Threat Information

IBM Internet Security Systems Internet Threat Information http://www.iss.net en 2007 IBM Internet Security Systems. All rights reserved worldwide. Microsoft Windows TrueType code execution http://www.iss.net/threats/449.html A vulnerability exists in code responsible for parsing TrueType fonts in Microsoft Windows' win32k.sys kernel module. Tue, 08 May 2012 00:00:00 -0400 SAMBA RPC Memory Corruption and Code Execution http://www.iss.net/threats/448.html Samba could allow a remote attacker to execute arbitrary code on the system, caused by an error within the Network Data Representation (NDR) marshalling functionality. An attacker could exploit this vulnerability using a specially-crafted RPC call to execute arbitrary code on the system with root privileges. Fri, 20 Apr 2012 00:00:00 -0400 Java AtomicReferenceArray Sandbox Evasion and Code Execution http://www.iss.net/threats/447.html The Java Runtime Environment (JRE) versions 7 update 2 and previous as well as version 6 update 30 and previous contain a vulnerability that can be exploited for sandbox evasion and remote code execution in the context of the current user.  The vulnerability is in the implementation of the AtomicReferenceArray class that allows type safety checks to be circumvented to bypass the Java sandbox.  Publicly exploits for this vulnerability are available and it is being actively exploited in the wild.  This vulnerability was fixed in the February 2012 update to the JRE and a April 6th update for Mac OS.  All Java installations should immediately apply this update if they have not done so already. Note:In order for this signature to be detected the tuning parameter "pam.content.jar.decompress" must be enabled in order to analyze code inside JAR files. Fri, 20 Apr 2012 00:00:00 -0400 Microsoft Windows ActiveX Control Code Execution http://www.iss.net/threats/445.html A privately disclosed vulnerability in the widely deployed Microsoft Common Controls ActiveX control (MSCOMCTL.OCX) can be exploited for remote code execution. Tue, 10 Apr 2012 00:00:00 -0400 Adobe Flash Player for Chrome Sandbox Bypass Vulnerabilities http://www.iss.net/threats/446.html The sandbox feature of Adobe Flash Player for Chrome has two vulnerabilities which could result in privilege escalation. Tue, 10 Apr 2012 00:00:00 -0400 Microsoft Windows Remote Desktop Protocol Code Execution http://www.iss.net/threats/444.html A vulnerability exists in the Microsoft Remote Desktop protocol (RDP) that allows for exploitation of the RDP/Terminal  Server service to achieve remote code execution. Thu, 15 Mar 2012 00:00:00 -0400