[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Tue Apr 22 05:20:17 PDT 2014
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 358 Published: Mon, 21 Apr 2014 21:04:50 GMT
New Fixlets:
============
***************************************************************
Title: Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors
Severity: High
Fixlet ID: 2396301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23963.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4995
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.
***************************************************************
Title: Cross-site scripting vulnerability in Adobe Flash Player which less then 12.0.0.77 and less then 11.7.700.275 and Adobe AIR before 13.0.0.83
Severity: Medium
Fixlet ID: 2436801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24368.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0509
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows, Adobe AIR before 13.0.0.83 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
***************************************************************
Title: Vulnerability in Adobe Flash Player which less then 12.0.0.77 and less then 11.7.700.275 and Adobe AIR before 13.0.0.83
Severity: Medium
Fixlet ID: 2456101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24561.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0508
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows, Adobe AIR before 13.0.0.83 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
***************************************************************
Title: Buffer overflow vulnerability in Adobe Flash Player which less then 12.0.0.77 and less then 11.7.700.275 and Adobe AIR before 13.0.0.83
Severity: High
Fixlet ID: 2461301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24613.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0507
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows, Adobe AIR before 13.0.0.83 allows attackers to execute arbitrary code via unspecified vectors.
More information about the WinVulns-Announcements
mailing list