[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'

Thu Oct 4 05:23:59 PDT 2012

Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 319	Published: Wed, 03 Oct 2012 17:56:47  GMT

New Fixlets:
============

***************************************************************
Title: Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 via vectors related to the Google V8 bindings
Severity: Medium
Fixlet ID: 1491601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14916.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2886
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Google V8 bindings, aka "Universal XSS (UXSS)."

***************************************************************
Title: Google Chrome before 22.0.1229.79 does not properly handle plug-ins
Severity: High
Fixlet ID: 1492001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14920.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2881
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 22.0.1229.79 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via unknown vectors.

***************************************************************
Title: Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79
Severity: High
Fixlet ID: 1503401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15034.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2876
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

***************************************************************
Title: Layout Use After Free Vulnerability - MS12-063
Severity: High
Fixlet ID: 1544901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15449.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2548
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Layout Use After Free Vulnerability."

***************************************************************
Title: The IPC implementation in Google Chrome before 22.0.1229.79 allows attackers to obtain potentially sensitive information about memory addresses via unspecified vectors
Severity: Medium
Fixlet ID: 1548401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15484.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2891
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The IPC implementation in Google Chrome before 22.0.1229.79 allows attackers to obtain potentially sensitive information about memory addresses via unspecified vectors.

***************************************************************
Title: Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors
Severity: Medium
Fixlet ID: 1550701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15507.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2884
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

***************************************************************
Title: Double free vulnerability in Google Chrome before 22.0.1229.79 via vectors related to application exit
Severity: High
Fixlet ID: 1556101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15561.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2885
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Double free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to application exit.

***************************************************************
Title: Use-after-free vulnerability in Google Chrome before 22.0.1229.79 via vectors involving SVG text references.
Severity: High
Fixlet ID: 1561201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15612.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2888
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG text references.

***************************************************************
Title: Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 22.0.1229.79
Severity: High
Fixlet ID: 1562701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15627.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2875
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 22.0.1229.79 allow remote attackers to have an unknown impact via a crafted document.

***************************************************************
Title: Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document
Severity: Medium
Fixlet ID: 1563401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15634.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2879
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document.

***************************************************************
Title: Event Listener Use After Free Vulnerability - MS12-063
Severity: High
Fixlet ID: 1565201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15652.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2546
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Event Listener Use After Free Vulnerability."

***************************************************************
Title: FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers
Severity: Medium
Fixlet ID: 1568801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15688.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2882
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "wild pointer" issue.

***************************************************************
Title: Double free vulnerability in libxslt as used in Google Chrome before 22.0.1229.79
Severity: Medium
Fixlet ID: 1571401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15714.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2893
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms.

***************************************************************
Title: execCommand Use After Free Vulnerability - MS12-063
Severity: High
Fixlet ID: 1572901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15729.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4969
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.

***************************************************************
Title: cloneNode Use After Free Vulnerability - MS12-063
Severity: High
Fixlet ID: 1574501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15745.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2557
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "cloneNode Use After Free Vulnerability."

***************************************************************
Title: Use-after-free vulnerability in the PDF functionality in Google Chrome before 22.0.1229.79
Severity: Medium
Fixlet ID: 1576601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15766.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2890
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in the PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

***************************************************************
Title: Vulnerability in Skia, as used in Google Chrome before 22.0.1229.79, via vectors that trigger an out-of-bounds write operation
Severity: High
Fixlet ID: 1577201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15772.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2883
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2874.

***************************************************************
Title: The PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations
Severity: Medium
Fixlet ID: 1577301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15773.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2895
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.

***************************************************************
Title: Race condition in Google Chrome before 22.0.1229.79 via vectors related to the plug-in paint buffer
Severity: High
Fixlet ID: 1577601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15776.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2880
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Race condition in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the plug-in paint buffer.

***************************************************************
Title: XSS Vulnerability - MS12-061
Severity: Medium
Fixlet ID: 1577901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15779.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1892
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Cross-site scripting (XSS) vulnerability in Microsoft Visual Studio Team Foundation Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "XSS Vulnerability."

***************************************************************
Title: Reflected XSS Vulnerability - MS12-062
Severity: Medium
Fixlet ID: 1578101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15781.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2536
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Cross-site scripting (XSS) vulnerability in Microsoft Systems Management Server 2003 SP3 and System Center Configuration Manager 2007 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Reflected XSS Vulnerability."

***************************************************************
Title: Use-after-free vulnerability in Google Chrome before 22.0.1229.79 via vectors related to plug-in handling
Severity: High
Fixlet ID: 1578301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15783.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2878
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.

***************************************************************
Title: Use-after-free vulnerability in Google Chrome before 22.0.1229.79 via vectors involving onclick events
Severity: High
Fixlet ID: 1579701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15797.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2887
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving onclick events.

***************************************************************
Title: Unspecified vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to bypass the pop-up blocker via unknown vectors
Severity: Medium
Fixlet ID: 1580701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15807.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2892
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to bypass the pop-up blocker via unknown vectors.

***************************************************************
Title: Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 via vectors involving frames
Severity: Medium
Fixlet ID: 1582901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15829.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2889
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors involving frames, aka "Universal XSS (UXSS)."

***************************************************************
Title: OnMove Use After Free Vulnerability - MS12-063
Severity: High
Fixlet ID: 1585201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15852.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1529
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "OnMove Use After Free Vulnerability."

***************************************************************
Title: Google Chrome before 22.0.1229.79 does not properly handle graphics-context data structures
Severity: Medium
Fixlet ID: 1585501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15855.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2894
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 22.0.1229.79 does not properly handle graphics-context data structures, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.

***************************************************************
Title: Vulnerability in Skia, as used in Google Chrome before 22.0.1229.79, via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883.
Severity: High
Fixlet ID: 1585601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15856.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2874
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883.

***************************************************************
Title: The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs
Severity: Medium
Fixlet ID: 1585701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15857.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2877
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.