[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Wed Oct 19 05:21:30 PDT 2011
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 279 Published: Tue, 18 Oct 2011 19:00:02 GMT
New Fixlets:
============
***************************************************************
Title: ExcelTable Reflected XSS Vulnerability
Severity: Medium
Fixlet ID: 1219701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12197.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1896
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "ExcelTable Reflected XSS Vulnerability."
***************************************************************
Title: Virtual Function Table Corruption Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 1222301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12223.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2001
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability."
***************************************************************
Title: Select Element Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 1269701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12697.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1999
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
***************************************************************
Title: Scroll Event Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 1270501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12705.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1993
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability."
***************************************************************
Title: Null Session Cookie Crash
Severity: Medium
Fixlet ID: 1279901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12799.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2012
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which allows remote attackers to cause a denial of service (IIS outage) via unspecified network traffic, aka "Null Session Cookie Crash."
***************************************************************
Title: OLEAuto32.dll Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 1283801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12838.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1995
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability."
***************************************************************
Title: Option Element Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 1289601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12896.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1996
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."
***************************************************************
Title: Win32k Use After Free Vulnerability
Severity: High
Fixlet ID: 1290401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12904.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2011
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, aka "Win32k Use After Free Vulnerability."
***************************************************************
Title: Access of Unallocated Memory DoS Vulnerability
Severity: Medium
Fixlet ID: 1291501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12915.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2008
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and 2010 allows remote attackers to cause a denial of service (SNA Server service outage) via crafted TCP or UDP traffic, aka "Access of Unallocated Memory DoS Vulnerability."
***************************************************************
Title: Media Center Insecure Library Loading Vulnerability
Severity: High
Fixlet ID: 1293401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12934.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2009
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Untrusted search path vulnerability in Windows Media Center in Microsoft Windows Vista SP2 and Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista, allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Media Center Insecure Library Loading Vulnerability."
***************************************************************
Title: Win32k Null Pointer De-reference Vulnerability
Severity: High
Fixlet ID: 1293501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12935.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1985
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka "Win32k Null Pointer De-reference Vulnerability."
***************************************************************
Title: Unspecified vulnerability in Oracle VM VirtualBox
Severity: Medium
Fixlet ID: 1298301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12983.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2305
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle VM VirtualBox allows local users to affect confidentiality, integrity, and availability via unknown vectors.
***************************************************************
Title: Win32k TrueType Font Type Translation Vulnerability
Severity: Medium
Fixlet ID: 1302401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13024.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2002
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle TrueType fonts, which allows local users to cause a denial of service (system hang) via a crafted font file, aka "Win32k TrueType Font Type Translation Vulnerability."
***************************************************************
Title: Poisoned Cup of Code Execution Vulnerability
Severity: High
Fixlet ID: 1303201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13032.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1969
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a signed Java applet, which allows remote attackers to execute arbitrary code on client machines via unspecified vectors, aka "Poisoned Cup of Code Execution Vulnerability."
***************************************************************
Title: Default Reflected XSS Vulnerability
Severity: Medium
Fixlet ID: 1303901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13039.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1897
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Default Reflected XSS Vulnerability."
***************************************************************
Title: Endless Loop DoS in snabase.exe Vulnerability
Severity: Medium
Fixlet ID: 1304001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13040.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2007
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and 2010 allows remote attackers to cause a denial of service (SNA Server service outage) via crafted TCP or UDP traffic, aka "Endless Loop DoS in snabase.exe Vulnerability."
***************************************************************
Title: ExcelTable Response Splitting XSS Vulnerability
Severity: Medium
Fixlet ID: 1306401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13064.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1895
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: CRLF injection vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via unspecified vectors, aka "ExcelTable Response Splitting XSS Vulnerability."
***************************************************************
Title: .NET Framework Class Inheritance Vulnerability
Severity: High
Fixlet ID: 1306901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13069.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1253
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka ".NET Framework Class Inheritance Vulnerability."
***************************************************************
Title: Body Element Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 1308301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13083.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2000
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability."
***************************************************************
Title: Font Library File Buffer Overrun Vulnerability
Severity: High
Fixlet ID: 1310301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13103.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2003
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .fon file, aka "Font Library File Buffer Overrun Vulnerability."
***************************************************************
Title: Ancillary Function Driver Elevation of Privilege Vulnerability
Severity: High
Fixlet ID: 1311401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13114.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2005
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."
***************************************************************
Title: Active Accessibility Insecure Library Loading Vulnerability
Severity: High
Fixlet ID: 1311601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13116.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1247
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Untrusted search path vulnerability in the Microsoft Active Accessibility component in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Active Accessibility Insecure Library Loading Vulnerability."
***************************************************************
Title: Unspecified vulnerability in Oracle VM VirtualBox related to Guest Additions for Windows
Severity: Low
Fixlet ID: 1314801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13148.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2300
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle VM VirtualBox allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Guest Additions for Windows.
***************************************************************
Title: Jscript9.dll Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 1319901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13199.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1998
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "Jscript9.dll Remote Code Execution Vulnerability."
***************************************************************
Title: OnLoad Event Remote Code Execution Vulnerability
Severity: High
Fixlet ID: 1320401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval13204.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1997
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnLoad Event Remote Code Execution Vulnerability."
More information about the WinVulns-Announcements
mailing list