[BESAdmin-Announcements] Content Modification: Updates for Kev Content published 2024-07-05
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Fri Jul 5 13:29:25 PDT 2024
Total New Fixlets: 13
Total Updated Fixlets: 211
Total Fixlets in Site: 2415
Total CVEs Covered: 710
Release Date: 2024-07-05
New Fixlets:
30880 Microsoft Forefront TMG Remote Code Execution Vulnerability -
Forefront
30850 Microsoft SharePoint Server Code Injection Vulnerability -
SharePoint
30820 Microsoft Office Memory Corruption Vulnerability - SharePoint
30790 Microsoft SharePoint Remote Code Execution Vulnerability -
SharePoint
30890 Microsoft Outlook Security Feature Bypass Vulnerability -
Outlook
30860 Microsoft Office Memory Corruption Vulnerability - SharePoint
30830 Microsoft Office Object Record Corruption Vulnerability -
SharePoint
30800 Microsoft Word Memory Corruption Vulnerability - SharePoint
30770 Microsoft SharePoint Server Privilege Escalation Vulnerability
- SharePoint
30870 Microsoft PowerPoint Memory Corruption Vulnerability -
SharePoint
30840 Microsoft Office Remote Code Execution Vulnerability -
SharePoint
30810 Microsoft Word Remote Code Execution Vulnerability -
SharePoint
30780 Microsoft .NET Framework, SharePoint, and Visual Studio Remote
Code Execution Vulnerability - SharePoint
Updated Fixlets:
30210 NextGen Healthcare Mirth Connect Deserialization of Untrusted
Data Vulnerability - Any Version of MacOS
4610 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows Server 2008 SP2
1540 Microsoft Windows SMBv1 Information Disclosure Vulnerability -
Windows 8.1
2050 Microsoft Internet Explorer ASLR Bypass Vulnerability - Windows
8.1
4110 Microsoft Windows Graphics Device Interface (GDI) Privilege
Escalation Vulnerability - Windows Vista SP2
26640 RARLAB WinRAR Code Execution Vulnerability - Any Version of
Windows
17430 Adobe Flash Player Remote Code Execution Vulnerability - Any
Version of Linux
18460 Google Chrome Blink Use-After-Free Vulnerability - Any Version
of Linux
10270 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Server 2012
5670 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows 10
2600 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows 7 SP1
2090 Microsoft Windows CLFS Driver Privilege Escalation
Vulnerability - Windows 8.1
16940 Adobe Flash Player Heap-Based Buffer Overflow Vulnerability -
Any Version of Windows
1580 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows 8.1
3630 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Vista SP2
5680 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows 10
19510 Adobe Flash Player Remote Code Execution Vulnerability - Any
Version of MacOS
4150 Microsoft Internet Explorer Use-After-Free Vulnerability -
Windows Vista SP2
8760 Microsoft Win32k Privilege Escalation Vulnerability - Windows
Server 2012 R2
10300 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows Server 2012
18940 Adobe Flash Player Heap-Based Buffer Overflow Vulnerability -
Any Version of Linux
30280 Android Pixel Privilege Escalation Vulnerability - Any Current
Service Pack of Android
3150 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows 7 SP1
26190 Apple iOS Memory Corruption Vulnerability - Apple iOS
20050 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of MacOS
6740 Microsoft Windows Kernel Information Disclosure Vulnerability -
Windows Server 2019
11350 Microsoft Win32k Privilege Escalation Vulnerability - Windows
Server 2008 R2 SP1
8790 Microsoft Internet Explorer Information Disclosure
Vulnerability - Windows Server 2012 R2
10840 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Server 2012
5210 Microsoft XML Core Services Information Disclosure
Vulnerability - Windows Server 2008 SP2
2650 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows 7 SP1
12380 Microsoft XML Core Services Information Disclosure
Vulnerability - Windows Server 2008 R2 SP1
7770 Microsoft Windows Graphics Device Interface (GDI) Privilege
Escalation Vulnerability - Windows Server 2016
9820 Microsoft XML Core Services Information Disclosure
Vulnerability - Windows Server 2012 R2
29790 GitLab Community and Enterprise Editions Improper Access
Control Vulnerability - Any Version of Linux
8800 Microsoft Internet Explorer and Edge Information Disclosure
Vulnerability - Windows Server 2012 R2
18530 Artifex Ghostscript Type Confusion Vulnerability - Any Version
of Linux
26210 Apple iOS WebKit Memory Corruption Vulnerability - Apple iOS
26220 Apple Multiple Products Memory Corruption Vulnerability -
Apple iOS
11380 Microsoft Internet Explorer Information Disclosure
Vulnerability - Windows Server 2008 R2 SP1
13940 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows 11
8310 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Server 2016
5240 Microsoft Windows Open Type Font Remote Code Execution
Vulnerability - Windows Server 2008 SP2
12410 Microsoft Windows TS WebProxy Directory Traversal
Vulnerability - Windows Server 2008 R2 SP1
9850 Microsoft Windows TS WebProxy Directory Traversal Vulnerability
- Windows Server 2012 R2
4220 Microsoft Win32k Privilege Escalation Vulnerability - Windows
Server 2008 SP2
6270 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows 10
11390 Microsoft Internet Explorer and Edge Information Disclosure
Vulnerability - Windows Server 2008 R2 SP1
16510 Google Chrome Blink Use-After-Free Vulnerability - Any Version
of Windows
3710 Microsoft Internet Explorer Messaging API Information
Disclosure Vulnerability - Windows Vista SP2
15490 Adobe Flash Player Use-After-Free Vulnerability - Any Version
of Windows
2180 Microsoft XML Core Services Information Disclosure
Vulnerability - Windows 8.1
13450 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows Server 2022
30350 Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability -
Any Operating System
22670 PaperCut MF/NG Improper Access Control Vulnerability - Any
Version of Windows
12430 Microsoft Windows Open Type Font Remote Code Execution
Vulnerability - Windows Server 2008 R2 SP1
9870 Microsoft Windows Open Type Font Remote Code Execution
Vulnerability - Windows Server 2012 R2
1170 Microsoft Win32k Privilege Escalation Vulnerability - Windows
8.1
22160 Microsoft Internet Explorer ASLR Bypass Vulnerability -
Windows 8 Gold
2200 Microsoft Windows TS WebProxy Directory Traversal Vulnerability
- Windows 8.1
4250 Microsoft Internet Explorer Information Disclosure
Vulnerability - Windows Server 2008 SP2
22170 Microsoft Win32k Privilege Escalation Vulnerability - Windows
8 Gold
7840 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows Server 2016
20130 Adobe Flash Player Use-After-Free Vulnerability - Any Version
of MacOS
14500 Telerik UI for ASP.NET AJAX Unrestricted File Upload
Vulnerability - Any Version of Windows
4260 Microsoft Internet Explorer and Edge Information Disclosure
Vulnerability - Windows Server 2008 SP2
16550 Artifex Ghostscript Type Confusion Vulnerability - Any Version
of Windows
2220 Microsoft Windows Open Type Font Remote Code Execution
Vulnerability - Windows 8.1
1200 Microsoft Internet Explorer Information Disclosure
Vulnerability - Windows 8.1
3760 Microsoft XML Core Services Information Disclosure
Vulnerability - Windows Vista SP2
3250 Microsoft Internet Explorer ASLR Bypass Vulnerability - Windows
7 SP1
10420 Microsoft Windows Graphics Device Interface (GDI) Remote Code
Execution Vulnerability - Windows Server 2012
1210 Microsoft Internet Explorer and Edge Information Disclosure
Vulnerability - Windows 8.1
14010 Microsoft Windows CLFS Driver Privilege Escalation
Vulnerability - Windows 11
5820 Microsoft Windows Graphics Device Interface (GDI) Remote Code
Execution Vulnerability - Windows 10
20670 Adobe Flash Player Heap-Based Buffer Overflow Vulnerability -
Any Version of MacOS
2750 Microsoft Windows Graphics Device Interface (GDI) Remote Code
Execution Vulnerability - Windows 7 SP1
10430 Microsoft Internet Explorer Privilege Escalation Vulnerability
- Windows Server 2012
22210 Microsoft Internet Explorer Use-After-Free Vulnerability -
Windows 8 Gold
8900 Microsoft Windows Graphics Device Interface (GDI) Privilege
Escalation Vulnerability - Windows Server 2012 R2
3780 Microsoft Win32k Privilege Escalation Vulnerability - Windows
Vista SP2
5830 Microsoft Internet Explorer Privilege Escalation Vulnerability
- Windows 10
10950 Microsoft Internet Explorer ASLR Bypass Vulnerability -
Windows Server 2012
2760 Microsoft Internet Explorer Privilege Escalation Vulnerability
- Windows 7 SP1
4810 Microsoft Internet Explorer Messaging API Information
Disclosure Vulnerability - Windows Server 2008 SP2
22220 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows 8 Gold
2770 Microsoft Windows SMBv1 Information Disclosure Vulnerability -
Windows 7 SP1
10450 Microsoft Windows SMBv1 Information Disclosure Vulnerability -
Windows Server 2012
11480 Microsoft Windows Graphics Device Interface (GDI) Privilege
Escalation Vulnerability - Windows Server 2008 R2 SP1
3800 Microsoft Windows TS WebProxy Directory Traversal Vulnerability
- Windows Vista SP2
3290 Microsoft Windows CLFS Driver Privilege Escalation
Vulnerability - Windows 7 SP1
15580 Adobe Flash Player Remote Code Execution Vulnerability - Any
Version of Windows
7390 Microsoft Windows CLFS Driver Privilege Escalation
Vulnerability - Windows Server 2019
12000 Microsoft Internet Explorer Messaging API Information
Disclosure Vulnerability - Windows Server 2008 R2 SP1
5860 Microsoft Windows SMBv1 Information Disclosure Vulnerability -
Windows 10
18150 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of Linux
17640 Adobe Flash Player Use-After-Free Vulnerability - Any Version
of Linux
4330 Microsoft Windows Graphics Device Interface (GDI) Privilege
Escalation Vulnerability - Windows Server 2008 SP2
10990 Microsoft Windows CLFS Driver Privilege Escalation
Vulnerability - Windows Server 2012
9970 Microsoft Internet Explorer Use-After-Free Vulnerability -
Windows Server 2012 R2
5370 Microsoft Internet Explorer Use-After-Free Vulnerability -
Windows Server 2008 SP2
2810 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows 7 SP1
10490 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows Server 2012
6910 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows Server 2019
8450 Microsoft Windows CLFS Driver Privilege Escalation
Vulnerability - Windows Server 2016
6410 Microsoft Windows CLFS Driver Privilege Escalation
Vulnerability - Windows 10
3850 Microsoft Internet Explorer Information Disclosure
Vulnerability - Windows Vista SP2
13580 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows Server 2022
12560 Microsoft Internet Explorer Use-After-Free Vulnerability -
Windows Server 2008 R2 SP1
2320 Microsoft Internet Explorer Use-After-Free Vulnerability -
Windows 8.1
30480 Microsoft Windows CLFS Driver Privilege Escalation
Vulnerability - Windows Server 2008 R2
22800 MinIO Information Disclosure Vulnerability - Any Version of
Linux
1300 Microsoft Windows Graphics Device Interface (GDI) Privilege
Escalation Vulnerability - Windows 8.1
8980 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Server 2012 R2
5910 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows 10
3860 Microsoft Internet Explorer and Edge Information Disclosure
Vulnerability - Windows Vista SP2
7960 Microsoft Internet Explorer Privilege Escalation Vulnerability
- Windows Server 2016
28950 Linux Kernel Privilege Escalation Vulnerability - RHEL
30490 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows Server 2008 R2
22810 Jenkins Script Security Plugin Sandbox Bypass Vulnerability -
Any Version of Linux
29980 Apple iOS WebKit Memory Corruption Vulnerability - Any Version
of Linux
11550 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Server 2008 R2 SP1
4390 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Server 2008 SP2
3880 Microsoft Windows Graphics Device Interface (GDI) Remote Code
Execution Vulnerability - Windows Vista SP2
30510 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows Server 2008 R2
9010 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows Server 2012 R2
3380 Microsoft XML Core Services Information Disclosure
Vulnerability - Windows 7 SP1
5430 Microsoft Windows Kernel Information Disclosure Vulnerability -
Windows 10
7990 Microsoft Windows SMBv1 Information Disclosure Vulnerability -
Windows Server 2016
15160 Drupal Core Remote Code Execution Vulnerability - Any
Operating System
20280 Google Chrome Blink Use-After-Free Vulnerability - Any Version
of MacOS
17720 Linux Kernel Privilege Escalation Vulnerability - Any Version
of Linux
25910 Apple iOS Information Disclosure Vulnerability - Apple iOS
3900 Microsoft Windows Open Type Font Remote Code Execution
Vulnerability - Windows Vista SP2
26950 MinIO Security Feature Bypass Vulnerability - Any Version of
Linux
16200 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of Windows
3400 Microsoft Windows TS WebProxy Directory Traversal Vulnerability
- Windows 7 SP1
11080 Microsoft XML Core Services Information Disclosure
Vulnerability - Windows Server 2012
10060 Microsoft Win32k Privilege Escalation Vulnerability - Windows
Server 2012
14160 InduSoft Web Studio NTWebServer Directory Traversal
Vulnerability - Any Version of Windows
3920 Microsoft Windows SMBv1 Information Disclosure Vulnerability -
Windows Vista SP2
3410 Microsoft Windows Open Type Font Remote Code Execution
Vulnerability - Windows 7 SP1
8530 Microsoft XML Core Services Information Disclosure
Vulnerability - Windows Server 2016
28500 Google Chromium V8 Out-of-Bounds Memory Access Vulnerability -
Any Version of Windows
18260 Adobe Flash Player Use-After-Free Vulnerability - Any Version
of Linux
20310 Artifex Ghostscript Type Confusion Vulnerability - Any Version
of MacOS
4950 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Server 2008 SP2
4440 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows Server 2008 SP2
17750 GitLab Community and Enterprise Editions Remote Code Execution
Vulnerability - Any Version of Linux
26970 Ignite Realtime Openfire Path Traversal Vulnerability - Any
Version of Linux
13660 Microsoft Windows CLFS Driver Privilege Escalation
Vulnerability - Windows Server 2022
8030 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows Server 2016
28510 Google Chromium V8 Out-of-Bounds Memory Access Vulnerability -
Any Version of Linux
9570 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Server 2012 R2
1380 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows 8.1
3940 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Vista SP2
11110 Microsoft Windows TS WebProxy Directory Traversal
Vulnerability - Windows Server 2012
10090 Microsoft Internet Explorer Information Disclosure
Vulnerability - Windows Server 2012
12140 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Server 2008 R2 SP1
28530 Google Chromium V8 Out-of-Bounds Memory Access Vulnerability -
Any Version of MacOS
22900 MinIO Information Disclosure Vulnerability - Any Version of
MacOS
10100 Microsoft Internet Explorer and Edge Information Disclosure
Vulnerability - Windows Server 2012
27000 MinIO Security Feature Bypass Vulnerability - Any Version of
MacOS
8570 Microsoft Windows Open Type Font Remote Code Execution
Vulnerability - Windows Server 2016
11130 Microsoft Windows Open Type Font Remote Code Execution
Vulnerability - Windows Server 2012
5500 Microsoft Internet Explorer Information Disclosure
Vulnerability - Windows 10
22910 PaperCut MF/NG Improper Access Control Vulnerability - Any
Version of MacOS
2430 Microsoft Win32k Privilege Escalation Vulnerability - Windows 7
SP1
7040 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows Server 2019
6530 Microsoft XML Core Services Information Disclosure
Vulnerability - Windows 10
1410 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows 8.1
5510 Microsoft Internet Explorer and Edge Information Disclosure
Vulnerability - Windows 10
15240 WSO2 Multiple Products Unrestrictive Upload of File
Vulnerability - Any Operating System
17290 Adobe Flash Player Use-After-Free Vulnerability - Any Version
of Linux
1940 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows 8.1
2460 Microsoft Internet Explorer Information Disclosure
Vulnerability - Windows 7 SP1
6560 Microsoft Windows Open Type Font Remote Code Execution
Vulnerability - Windows 10
13220 Apple Multiple Products Type Confusion Vulnerability - Any
Version of MacOS
2470 Microsoft Internet Explorer and Edge Information Disclosure
Vulnerability - Windows 7 SP1
14250 Apple Multiple Products Memory Corruption Vulnerability - Any
Version of MacOS
9130 Microsoft Windows Graphics Device Interface (GDI) Remote Code
Execution Vulnerability - Windows Server 2012 R2
16300 Adobe Flash Player Use-After-Free Vulnerability - Any Version
of Windows
27060 Ignite Realtime Openfire Path Traversal Vulnerability - Any
Version of MacOS
9140 Microsoft Internet Explorer Privilege Escalation Vulnerability
- Windows Server 2012 R2
11710 Microsoft Windows Graphics Device Interface (GDI) Remote Code
Execution Vulnerability - Windows Server 2008 R2 SP1
3010 Microsoft Internet Explorer Messaging API Information
Disclosure Vulnerability - Windows 7 SP1
5060 Microsoft Internet Explorer ASLR Bypass Vulnerability - Windows
Server 2008 SP2
4550 Microsoft Windows Graphics Device Interface (GDI) Remote Code
Execution Vulnerability - Windows Server 2008 SP2
11720 Microsoft Internet Explorer Privilege Escalation Vulnerability
- Windows Server 2008 R2 SP1
9160 Microsoft Windows SMBv1 Information Disclosure Vulnerability -
Windows Server 2012 R2
24010 Apple Multiple Products Type Confusion Vulnerability - Any
Version of Linux
10190 Microsoft Windows Graphics Device Interface (GDI) Privilege
Escalation Vulnerability - Windows Server 2012
12240 Microsoft Internet Explorer ASLR Bypass Vulnerability -
Windows Server 2008 R2 SP1
9680 Microsoft Internet Explorer ASLR Bypass Vulnerability - Windows
Server 2012 R2
3540 Microsoft Internet Explorer Use-After-Free Vulnerability -
Windows 7 SP1
30170 NextGen Healthcare Mirth Connect Deserialization of Untrusted
Data Vulnerability - Any Version of Windows
4570 Microsoft Windows SMBv1 Information Disclosure Vulnerability -
Windows Server 2008 SP2
19420 Adobe Flash Player Use-After-Free Vulnerability - Any Version
of MacOS
11740 Microsoft Windows SMBv1 Information Disclosure Vulnerability -
Windows Server 2008 R2 SP1
4060 Microsoft Internet Explorer ASLR Bypass Vulnerability - Windows
Vista SP2
5600 Microsoft Windows Graphics Device Interface (GDI) Privilege
Escalation Vulnerability - Windows 10
5090 Microsoft Windows CLFS Driver Privilege Escalation
Vulnerability - Windows Server 2008 SP2
16360 Trihedral VTScada (formerly VTS) Denial-of-Service
Vulnerability - Any Version of Windows
30190 NextGen Healthcare Mirth Connect Deserialization of Untrusted
Data Vulnerability - Any Version of Linux
1520 Microsoft Windows Graphics Device Interface (GDI) Remote Code
Execution Vulnerability - Windows 8.1
9200 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows Server 2012 R2
11250 Microsoft Internet Explorer Use-After-Free Vulnerability -
Windows Server 2012
2550 Microsoft Windows Graphics Device Interface (GDI) Privilege
Escalation Vulnerability - Windows 7 SP1
9720 Microsoft Windows CLFS Driver Privilege Escalation
Vulnerability - Windows Server 2012 R2
1530 Microsoft Internet Explorer Privilege Escalation Vulnerability
- Windows 8.1
13820 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows 11
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20240705/12275d33/attachment.html>
More information about the Besadmin-announcements
mailing list