[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Sat Aug 21 05:20:10 PDT 2010
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 214 Published: Fri, 20 Aug 2010 18:34:47 GMT
New Fixlets:
============
***************************************************************
Title: Adobe Flash Player and AIR Unspecified Multiple Memory Corruption Vulnerabilities
Severity: High
Fixlet ID: 1098301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval10983.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2213
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216.
***************************************************************
Title: Win32k Bounds Checking Vulnerability
Severity: Medium
Fixlet ID: 1102001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11020.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1887
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Windows Kernel Double Free Vulnerability
Severity: Medium
Fixlet ID: 1104401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11044.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1889
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: SMB Pool Overflow Vulnerability
Severity: High
Fixlet ID: 1110601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11106.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2550
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Denial of Service Vulnerability in Mozilla Firefox 3.0.19 and before, 3.5.x and 3.6.x
Severity: Medium
Fixlet ID: 1119001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11190.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2117
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
***************************************************************
Title: Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control
Severity: High
Fixlet ID: 1130401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11304.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2931
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control allows remote attackers to execute arbitrary code via a long eighth argument (HexString) to the LCDWriteString method.
***************************************************************
Title: Tracing Memory Corruption Vulnerability
Severity: Medium
Fixlet ID: 1142601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11426.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2555
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Adobe Flash Player and AIR Unspecified Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1146101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11461.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0209
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216.
***************************************************************
Title: Word RTF Parsing Buffer Overflow Vulnerability
Severity: High
Fixlet ID: 1147201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11472.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1902
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Word Record Parsing Vulnerability
Severity: High
Fixlet ID: 1149001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11490.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1900
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Adobe Flash Player and AIR Unspecified Click-jacking Vulnerability
Severity: Medium
Fixlet ID: 1153201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11532.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2215
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "click-jacking" issue.
***************************************************************
Title: MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
Severity: High
Fixlet ID: 1158501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11585.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1882
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Word RTF Parsing Engine Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1161201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11612.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1901
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Vulnerability in packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark
Severity: Medium
Fixlet ID: 1165101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11651.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2992
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference.
***************************************************************
Title: Win32k Window Creation Vulnerability (CVE-2010-1897)
Severity: Medium
Fixlet ID: 1166301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11663.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1897
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1173001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11730.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2561
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Win32k Exception Handling Vulnerability
Severity: Medium
Fixlet ID: 1176901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11769.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1894
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Cinepak Codec Decompression Vulnerability
Severity: High
Fixlet ID: 1177301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11773.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2553
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: SChannel Malformed Certificate Request Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 1178701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11787.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2566
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Windows Kernel Improper Validation Vulnerability
Severity: Medium
Fixlet ID: 1178901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11789.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1890
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Apple QuickTime Before 7.6.7 Stack Buffer Overflow Vulnerability
Severity: High
Fixlet ID: 1180001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11800.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1799
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A stack buffer overflow exists in QuickTime's error logging. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution.
***************************************************************
Title: Windows Kernel Data Initialization Vulnerability
Severity: Medium
Fixlet ID: 1182501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11825.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1888
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: HTML Layout Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1183201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11832.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2560
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Win32k Pool Overflow Vulnerability
Severity: Medium
Fixlet ID: 1184401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11844.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1895
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: IPv6 Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1184501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11845.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1892
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Race Condition Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1185301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11853.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2558
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Event Handler Cross-Domain Vulnerability
Severity: Medium
Fixlet ID: 1195401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11954.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1258
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Uninitialized Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1196801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11968.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2557
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Adobe Flash Player and AIR Unspecified Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1197101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11971.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2214
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2216.
***************************************************************
Title: Adobe Flash Player and AIR Unspecified Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1197701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11977.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2216
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2214.
***************************************************************
Title: Uninitialized Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1198401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11984.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2559
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Uninitialized Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1199401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11994.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2556
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Win32k User Input Validation Vulnerability
Severity: Medium
Fixlet ID: 1200601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12006.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1896
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Movie Maker Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1201101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12011.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2564
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: SMB Variable Validation Vulnerability
Severity: High
Fixlet ID: 1201501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12015.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2551
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Vulnerability in IPMI dissector in Wireshark
Severity: Medium
Fixlet ID: 1203101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12031.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2993
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
***************************************************************
Title: Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability
Severity: High
Fixlet ID: 1203301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12033.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1898
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Word HTML Linked Objects Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1203901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12039.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1903
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark
Severity: High
Fixlet ID: 1204701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12047.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2994
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression.
***************************************************************
Title: Vulnerability in SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark
Severity: High
Fixlet ID: 1204901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12049.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2995
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, a different vulnerability than CVE-2010-2287.
***************************************************************
Title: SMB Stack Exhaustion Vulnerability
Severity: High
Fixlet ID: 1207201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12072.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2552
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Tracing Registry Key ACL Vulnerability
Severity: Medium
Fixlet ID: 1208201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12082.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2554
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Integer Overflow in Windows Networking Vulnerability
Severity: Medium
Fixlet ID: 1208701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12087.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1893
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
***************************************************************
Title: Excel Memory Corruption Vulnerability (CVE-2010-2562)
Severity: High
Fixlet ID: 1208801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12088.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2562
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
More information about the WinVulns-Announcements
mailing list