CERT-In Advisory CIAD-2009-07
Multiple Vulnerabilities in Microsoft Exchange Server, SQL Server, Internet Explorer and Office Visio
Original issue date:
February 11, 2009
Systems Affected
- Microsoft Exchange Server
- Microsoft SQL Server
- Microsoft Internet Explorer
- Microsoft Office Visio
Overview
Multiple vulnerabilities have been reported in various Microsoft products and components such as Microsoft Exchange Server, SQL Server, Internet Explorer and Office Visio.
Description
The vulnerability notes released by CERT-In with reference to Microsoft Security Bulletins are given below:
| Microsoft Security Bulletin |
Severity |
CERT-In Vulnerability Notes |
| MS09-02: Cumulative Security Update for Internet Explorer |
High |
CIVN-2009-23:
Microsoft Internet Explorer Memory corruption Vulnerabilities
|
| MS09-03: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution |
High |
CIVN-2009-24:
Multiple Vulnerabilities in Microsoft Exchange
|
| MS09-04: Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution |
Medium |
CIVN-2008-192:
Updated:February 11, 2009
Microsoft SQL Server sp_replwritetovarbin limited memory overwrite vulnerability
|
| MS09-05: Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution |
High |
CIVN-2009-25:
Multiple vulnerabilities in Microsoft Office Visio
|
Solution
Apply appropriate patches as mentioned in Microsoft Security Bulletin February 2009
http://www.microsoft.com/technet/security/bulletin/ms09-feb.mspx
Vendor Information
Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms09-feb.mspx
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
