[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Sat Nov 20 05:20:16 PST 2010
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 229 Published: Sat, 20 Nov 2010 00:26:45 GMT
New Fixlets:
============
***************************************************************
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1131001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11310.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3639
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
***************************************************************
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1163601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11636.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3650
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3652.
***************************************************************
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1166001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11660.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3644
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
***************************************************************
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1184201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11842.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3648
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
***************************************************************
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1187201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11872.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3649
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3650, and CVE-2010-3652.
***************************************************************
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1190501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11905.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3645
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
***************************************************************
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1192201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11922.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3646
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
***************************************************************
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1196501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11965.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3652
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3650.
***************************************************************
Title: Unspecified vulnerability in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: Medium
Fixlet ID: 1197901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11979.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3638
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Mac OS X, when Safari is used, allows attackers to obtain sensitive information via unknown vectors.
***************************************************************
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1206501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12065.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3642
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
***************************************************************
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1209501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12095.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3647
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
***************************************************************
Title: Vulnerability in parsing of a cross-domain policy file in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1214201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12142.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3636
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors.
***************************************************************
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1215101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12151.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3643
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
***************************************************************
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1215401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12154.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3641
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
***************************************************************
Title: Unspecified vulnerability which cause a denial of service (memory corruption) in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1217901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12179.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3640
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
***************************************************************
Title: Unspecified ActiveX control vulnerability in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Severity: High
Fixlet ID: 1225901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12259.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3637
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 (Flash10h.ocx) on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FLV video.
More information about the WinVulns-Announcements
mailing list