[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Fri Aug 13 05:20:08 PDT 2010
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 212 Published: Thu, 12 Aug 2010 21:15:40 GMT
New Fixlets:
============
***************************************************************
Title: Array Indexing Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1152501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11525.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0558
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Array index error in Excel in Microsoft Office 2000 SP3 and Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac, allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Array Indexing Memory Corruption Vulnerability." "
***************************************************************
Title: Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3
Severity: High
Fixlet ID: 1169301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11693.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2862
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table.
More information about the WinVulns-Announcements
mailing list