From winvulns-announcements at bigmail.bigfix.com  Fri Aug  1 05:20:21 2014
From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages)
Date: Fri, 1 Aug 2014 05:20:21 -0700
Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets
	Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Message-ID: <mailman.5945.1406895631.4558.winvulns-announcements@bigmail.bigfix.com>

Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 387	Published: Thu, 31 Jul 2014 19:22:55  GMT

New Fixlets:
============

***************************************************************
Title: Apache Subversion vulnerability 1.8.0 through 1.8.2 in VisualSVN Server
Severity: Low
Fixlet ID: 2334001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23340.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4262
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity (CVE-2014-4208)
Severity: Low
Fixlet ID: 2472901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24729.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4208
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4220.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4262)
Severity: High
Fixlet ID: 2480601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24806.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4262
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality (CVE-2014-4268)
Severity: Medium
Fixlet ID: 2482701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24827.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4268
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity (CVE-2014-4218)
Severity: Medium
Fixlet ID: 2482801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24828.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4218
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (CVE-2014-4223)
Severity: High
Fixlet ID: 2487301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24873.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4223
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-2483.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (CVE-2014-2483)
Severity: High
Fixlet ID: 2498501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24985.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2483
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July 2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper restriction of the "use of privileged annotations."

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity (CVE-2014-4263)
Severity: Medium
Fixlet ID: 2506601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25066.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4263
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4219)
Severity: High
Fixlet ID: 2509201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25092.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4219
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity (CVE-2014-4220)
Severity: Medium
Fixlet ID: 2510401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25104.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4220
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4208.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity (CVE-2014-4209)
Severity: Medium
Fixlet ID: 2513601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25136.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4209
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4247)
Severity: High
Fixlet ID: 2514901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25149.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4247
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability
Severity: High
Fixlet ID: 2515401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25154.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2490
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4216)
Severity: High
Fixlet ID: 2516001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25160.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4216
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity (CVE-2014-4266)
Severity: Medium
Fixlet ID: 2520201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25202.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4266
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect integrity (CVE-2014-4265)
Severity: Medium
Fixlet ID: 2520301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25203.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4265
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect availability (CVE-2014-4264)
Severity: Medium
Fixlet ID: 2521601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25216.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4264
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect availability via unknown vectors related to Security.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity (CVE-2014-4244)
Severity: Medium
Fixlet ID: 2522401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25224.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4244
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4227)
Severity: High
Fixlet ID: 2525001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25250.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4227
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality (CVE-2014-4252)
Severity: Medium
Fixlet ID: 2527301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25273.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4252
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Security.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality (CVE-2014-4221)
Severity: Medium
Fixlet ID: 2528101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25281.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4221
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.


From winvulns-announcements at bigmail.bigfix.com  Fri Aug  1 05:36:07 2014
From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages)
Date: Fri, 1 Aug 2014 08:36:07 -0400
Subject: [Winvulns-announcements] AUTO: Tim Hollerbush is out of the office.
	(returning 08/11/2014)
Message-ID: <mailman.5948.1406896569.4558.winvulns-announcements@bigmail.bigfix.com>


I am out of the office until 08/11/2014.

I will respond to your message when I return.  If it
is an emergency please contact the DRMS Helpdesk 207-591-3294


Note: This is an automated response to your message
"[Winvulns-announcements] BES Auto Notification: New Fixlets	Published
in Fixlet Site: 'Vulnerabilities to Windows Systems'" sent on 08/01/2014
8:20:21 AM.

This is the only notification you will receive while this person is away.

**********************************************************************
This e-mail message and all attachments transmitted with it may contain legally privileged and/or confidential information intended solely for the use of the addressee(s). If the reader of this message is not the intended recipient, you are hereby notified that any reading, dissemination, distribution, copying, forwarding or other use of this message or its attachments is strictly prohibited. If you have received this message in error, please notify the sender immediately and delete this message and all copies and backups thereof. Thank you.

From winvulns-announcements at bigmail.bigfix.com  Wed Aug 20 05:20:20 2014
From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages)
Date: Wed, 20 Aug 2014 05:20:20 -0700
Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets
	Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Message-ID: <mailman.2517.1408537232.5330.winvulns-announcements@bigmail.bigfix.com>

Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 394	Published: Tue, 19 Aug 2014 18:05:08  GMT

New Fixlets:
============

***************************************************************
Title: Internet Explorer memory corruption vulnerability (CVE-2014-0325) - MS14-018
Severity: High
Fixlet ID: 2623401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26234.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0325
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that triggers improper processing of CElement objects, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1751 and CVE-2014-1755.  NOTE: MS14-018 originally had a typo of CVE-2014-0235 for this.

***************************************************************
Title: Microsoft Internet Explorer contains a flaw that may allow bypassing the elevation policy checks in the Enhanced Protected Mode and Protected Mode mechanisms - CVE-2013-4015 (MS13-055)
Severity: Medium
Fixlet ID: 2635501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26355.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4015
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 6 through 10 allows local users to bypass the elevation policy check in the (1) Protected Mode or (2) Enhanced Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-2782) - MS14-035
Severity: High
Fixlet ID: 2637601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26376.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2782
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.


From winvulns-announcements at bigmail.bigfix.com  Wed Aug 20 05:35:50 2014
From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages)
Date: Wed, 20 Aug 2014 08:35:50 -0400
Subject: [Winvulns-announcements] AUTO: Tim Hollerbush is out of the office.
	(returning 08/25/2014)
Message-ID: <mailman.2518.1408538155.5330.winvulns-announcements@bigmail.bigfix.com>


I am out of the office until 08/25/2014.

I will respond to your message when I return.  If it
is an emergency please contact the DRMS Helpdesk 207-591-3294


Note: This is an automated response to your message
"[Winvulns-announcements] BES Auto Notification: New Fixlets	Published
in Fixlet Site: 'Vulnerabilities to Windows Systems'" sent on 08/20/2014
8:20:20 AM.

This is the only notification you will receive while this person is away.

**********************************************************************
This e-mail message and all attachments transmitted with it may contain legally privileged and/or confidential information intended solely for the use of the addressee(s). If the reader of this message is not the intended recipient, you are hereby notified that any reading, dissemination, distribution, copying, forwarding or other use of this message or its attachments is strictly prohibited. If you have received this message in error, please notify the sender immediately and delete this message and all copies and backups thereof. Thank you.

From winvulns-announcements at bigmail.bigfix.com  Fri Aug 29 05:20:17 2014
From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages)
Date: Fri, 29 Aug 2014 05:20:17 -0700
Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets
	Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Message-ID: <mailman.4088.1409314827.5330.winvulns-announcements@bigmail.bigfix.com>

Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 396	Published: Thu, 28 Aug 2014 18:26:34  GMT

New Fixlets:
============

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2823 (MS14-051)
Severity: High
Fixlet ID: 2595401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25954.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2823
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, and CVE-2014-4057.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2808 (MS14-051)
Severity: High
Fixlet ID: 2596201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25962.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2808
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2825, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2820 (MS14-051)
Severity: High
Fixlet ID: 2599701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25997.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2820
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2826, CVE-2014-2827, and CVE-2014-4063.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2811 (MS14-051)
Severity: High
Fixlet ID: 2600101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26001.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2811
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2822, CVE-2014-2823, and CVE-2014-4057.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2824 (MS14-051)
Severity: High
Fixlet ID: 2604301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26043.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2824
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4057 (MS14-051)
Severity: High
Fixlet ID: 2607301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26073.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4057
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, and CVE-2014-2823.

***************************************************************
Title: OneNote remote code execution vulnerability - CVE-2014-2815 (MS14-048)
Severity: High
Fixlet ID: 2608901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26089.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2815
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4051 (MS14-051)
Severity: High
Fixlet ID: 2609201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26092.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4051
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2784.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2827 (MS14-051)
Severity: High
Fixlet ID: 2610901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26109.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2827
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2826, and CVE-2014-4063.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4063 (MS14-051)
Severity: High
Fixlet ID: 2612001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26120.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4063
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2826, and CVE-2014-2827.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2826 (MS14-051)
Severity: High
Fixlet ID: 2612101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26121.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2826
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2827, and CVE-2014-4063.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4067 (MS14-051)
Severity: High
Fixlet ID: 2612701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26127.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4067
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, and CVE-2014-4055.

***************************************************************
Title: Windows kernel pool allocation vulnerability - CVE-2014-4064 (MS14-045)
Severity: Medium
Fixlet ID: 2613601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26136.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4064
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly handle use of the paged kernel pool for allocation of uninitialized memory, which allows local users to obtain sensitive information about kernel addresses via a crafted application, aka "Windows Kernel Pool Allocation Vulnerability."

***************************************************************
Title: SQL master data services XSS vulnerability - CVE-2014-1820 (MS14-044)
Severity: Medium
Fixlet ID: 2614501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26145.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1820
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Cross-site scripting (XSS) vulnerability in Master Data Services (MDS) in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "SQL Master Data Services XSS Vulnerability."

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2825 (MS14-051)
Severity: High
Fixlet ID: 2615801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26158.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2825
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4055 (MS14-051)
Severity: High
Fixlet ID: 2616401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26164.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4055
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, and CVE-2014-4067.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2796 (MS14-051)
Severity: High
Fixlet ID: 2622701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26227.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2796
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067.

***************************************************************
Title: LRPC ASLR Bypass Vulnerability - CVE-2014-0316 (MS14-047)
Severity: High
Fixlet ID: 2624201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26242.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0316
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Memory leak in the Local RPC (LRPC) server implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (memory consumption) and bypass the ASLR protection mechanism via a crafted client that sends messages with an invalid data view, aka "LRPC ASLR Bypass Vulnerability."

***************************************************************
Title: CSyncBasePlayer use after free vulnerability - CVE-2014-4060 (MS14-043)
Severity: Medium
Fixlet ID: 2627501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26275.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4060
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center TV Pack for Windows Vista, Windows 7 SP1, and Windows Media Center for Windows 8 and 8.1 allows remote attackers to execute arbitrary code via a crafted Office document that triggers deletion of a CSyncBasePlayer object, aka "CSyncBasePlayer Use After Free Vulnerability."

***************************************************************
Title: Microsoft SQL Server stack overrun vulnerability - CVE-2014-4061 (MS14-044)
Severity: Medium
Fixlet ID: 2628701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26287.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4061
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft SQL Server 2008 SP3, 2008 R2 SP2, and 2012 SP1 does not properly control use of stack memory for processing of T-SQL batch commands, which allows remote authenticated users to cause a denial of service (daemon hang) via a crafted T-SQL statement, aka "Microsoft SQL Server Stack Overrun Vulnerability."

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4050 (MS14-051)
Severity: High
Fixlet ID: 2628801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26288.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4050
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4055, and CVE-2014-4067.

***************************************************************
Title: SharePoint Page Content Vulnerability (CVE-2014-2816) - MS14-050
Severity: High
Fixlet ID: 2630001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26300.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2816
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain privileges via a Trojan horse app that executes a custom action in the context of the SharePoint extensibility model, aka "SharePoint Page Content Vulnerability."

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2819 (MS14-051)
Severity: Medium
Fixlet ID: 2630501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26305.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2819
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2817 (MS14-051)
Severity: Medium
Fixlet ID: 2630601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26306.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2817
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4052 (MS14-051)
Severity: High
Fixlet ID: 2632101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26321.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4052
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

***************************************************************
Title: Font Double-Fetch vulnerability - CVE-2014-1819 (MS14-045)
Severity: High
Fixlet ID: 2632201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26322.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1819
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly control access to objects associated with font files, which allows local users to gain privileges via a crafted file, aka "Font Double-Fetch Vulnerability."

***************************************************************
Title: Windows installer repair vulnerability - CVE-2014-1814 (MS14-049)
Severity: High
Fixlet ID: 2634101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26341.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1814
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that invokes the repair feature for a different application, aka "Windows Installer Repair Vulnerability."

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2821 (MS14-051)
Severity: High
Fixlet ID: 2635801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26358.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2821
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4058 (MS14-051)
Severity: High
Fixlet ID: 2639401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26394.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4058
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2822 (MS14-051)
Severity: High
Fixlet ID: 2639801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26398.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2822
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2823, and CVE-2014-4057.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2810 (MS14-051)
Severity: High
Fixlet ID: 2639901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26399.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2810
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2811, CVE-2014-2822, CVE-2014-2823, and CVE-2014-4057.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2784 (MS14-051)
Severity: High
Fixlet ID: 2640001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26400.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2784
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4051.

***************************************************************
Title: Win32k Elevation of Privilege vulnerability - CVE-2014-0318 (MS14-045)
Severity: High
Fixlet ID: 2644201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26442.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0318
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly control access to thread-owned objects, which allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2818 (MS14-051)
Severity: High
Fixlet ID: 2645201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26452.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2818
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

***************************************************************
Title: .NET ASLR vulnerability - CVE-2014-4062 (MS14-046)
Severity: Medium
Fixlet ID: 2646501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26465.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4062
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, and 3.5.1 does not properly implement the ASLR protection mechanism, which allows remote attackers to obtain sensitive address information via a crafted web site, aka ".NET ASLR Vulnerability."

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2774 (MS14-051)
Severity: High
Fixlet ID: 2646701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26467.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2774
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2820, CVE-2014-2826, CVE-2014-2827, and CVE-2014-4063.

***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4056 (MS14-051)
Severity: High
Fixlet ID: 2647901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26479.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4056
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."