[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Wed Jun 16 05:20:13 PDT 2010
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 201 Published: Tue, 15 Jun 2010 22:48:45 GMT
New Fixlets:
============
***************************************************************
Title: WebKit Dragging or Pasting Cross Domain Scripting Vulnerability
Severity: Medium
Fixlet ID: 664901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6649.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1389
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Malformed URL Handling Cross-site Scripting Vulnerability
Severity: Medium
Fixlet ID: 665601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6656.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0544
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
Severity: Medium
Fixlet ID: 669301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6693.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1850
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
***************************************************************
Title: WebKit Marquee Event 'SelectionController' Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 670901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6709.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1399
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit JavaScript 'execCommand' Vulnerability
Severity: Medium
Fixlet ID: 673901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6739.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1421
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Apple Safari URL Obfuscation Vulnerability
Severity: Medium
Fixlet ID: 681201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6812.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1384
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Common IRC Service Port Blacklist Exclusion
Severity: Medium
Fixlet ID: 683601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6836.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1409
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Fonts Handling Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 686201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6862.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1771
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit 'src' Attribute Cross-site Scripting Vulnerability
Severity: Medium
Fixlet ID: 687101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6871.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1418
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit CSS-Styled HTML Handling Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 687601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6876.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1417
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit UTF-7 Encoded Data Cross Site Scripting Vulnerability
Severity: Medium
Fixlet ID: 688801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6888.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1390
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit 'DOCUMENT_POSITION_DISCONNECTED' Attribute Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 691201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6912.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1397
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit 'first-letter' CSS Style Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 698101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6981.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1401
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit 'Node.normalize' Method Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 700501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7005.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1759
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit HTML Button Use After Free Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 702401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7024.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1392
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Caption Element Handling Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 703101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7031.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1400
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit 'removeChild()' Remote Code Execution Vulnerability
Severity: Medium
Fixlet ID: 703701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7037.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1119
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Safari on Apple iPhone OS allows remote attackers to read the SMS database or other data via unknown vectors, as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010.
***************************************************************
Title: WebKit 'removeChild' DOM Method Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 704101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7041.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1414
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit 'ConditionEventListener' Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 707101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7071.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1402
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Path Traversal Vulnerability
Severity: Medium
Fixlet ID: 708201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7082.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1391
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit IBM1147 Character Set Text Transform Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 709901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7099.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1770
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Adobe Flash Player, Acrobat Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 711601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7116.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1297
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player 9.0.x through 9.0.262 and 10.x through 10.0.45.2, and authplay.dll in Adobe Reader and Acrobat 9.x through 9.3.2, allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in June 2010.
***************************************************************
Title: Apple Safari Window Management Vulnerability
Severity: High
Fixlet ID: 714301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7143.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1750
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit SVG 'use' Element Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 715001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7150.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1410
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit HTML Document Subtrees Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 715701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7157.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1761
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit SVG 'RadialGradient' Attribute Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 718001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7180.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1749
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit HTTPS Referer Header Passing Vulnerability
Severity: Medium
Fixlet ID: 719701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7197.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1406
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Apple Safari PDF Handling Vulnerability
Severity: High
Fixlet ID: 719901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7199.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1385
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability
Severity: Medium
Fixlet ID: 721001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7210.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1848
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
***************************************************************
Title: WebKit Custom Vertical Positioning Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 725201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7252.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1405
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Plain Text NTLM Credentials Passing Vulnerability
Severity: Medium
Fixlet ID: 725501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7255.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1413
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Option Element 'ContentEditable' Attribute Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 728801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7288.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1396
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Non-default TCP Port Handling Vulnerability
Severity: Medium
Fixlet ID: 729501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7295.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1408
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Use After Free Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 731401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7314.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1419
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability
Severity: Medium
Fixlet ID: 732801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7328.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1849
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
***************************************************************
Title: WebKit DOM Range Objects Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 733501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7335.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1758
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit CSS Handling Vulnerability
Severity: Medium
Fixlet ID: 734601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7346.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1393
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit HTTP Redirect Vulnerability
Severity: Medium
Fixlet ID: 734701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7347.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1764
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit 'libxml' Context Handling Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 737401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7374.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1415
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit SVG Cross-site Scripting Vulnerability
Severity: Medium
Fixlet ID: 740101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7401.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1416
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit DOM Constructor Cross Site Scripting Vulnerability
Severity: Medium
Fixlet ID: 746401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7464.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1395
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit HTML Tables Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 747601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7476.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1774
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Option Recursive Use Element Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 749701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7497.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1404
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: ColorSync in Apple Safari Heap Buffer Overflow Vulnerability
Severity: High
Fixlet ID: 749901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7499.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1726
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile.
***************************************************************
Title: WebKit HTML Document textarea Remote Code Execution Vulnerability
Severity: Medium
Fixlet ID: 750301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7503.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1762
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit SVG 'use' Element Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 751901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7519.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1403
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit HTML Fragment Cross Site Scripting Vulnerability
Severity: Medium
Fixlet ID: 755201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7552.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1394
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Editable Containers Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 755601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7556.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1398
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Keyboard Focus Vulnerability
Severity: Medium
Fixlet ID: 759101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7591.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1422
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: WebKit Hover Event Handling Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 760601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval7606.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1412
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
More information about the WinVulns-Announcements
mailing list