From winvulns-announcements at bigmail.bigfix.com Fri Jan 3 05:20:29 2014 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Fri, 3 Jan 2014 05:20:29 -0800 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 343 Published: Thu, 02 Jan 2014 19:25:32 GMT New Fixlets: ============ *************************************************************** Title: Apple Quicktime Picture Viewer DLL Search Path Vulnerability Severity: High Fixlet ID: 674701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6747.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1819 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. *************************************************************** Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-3140) MS13-037 Severity: High Fixlet ID: 1583001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15830.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3140 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted CMarkup object, aka "Internet Explorer Use After Free Vulnerability." *************************************************************** Title: Integer overflow in Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 and Adobe AIR before 3.4.0.2540 on Windows, allows attackers to execute arbitrary code via unspecified vectors Severity: High Fixlet ID: 1994901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval19949.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4167 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Integer overflow in Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allows attackers to execute arbitrary code via unspecified vectors. *************************************************************** Title: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 1997001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval19970.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5252 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. *************************************************************** Title: Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 and Adobe AIR before 3.5.0.880 on Windows, allows attackers to execute arbitrary code via unspecified vectors Severity: High Fixlet ID: 1999401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval19994.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5677 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differe Severity: High Fixlet ID: 2003501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20035.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5256 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. *************************************************************** Title: Oracle Outside In Contains Multiple Exploitable Vulnerabilities (CVE-2013-5791) - MS13-105 Severity: Low Fixlet ID: 2008301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20083.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5791 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2014801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20148.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5266 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Internet Explorer Elevation of Privilege Vulnerability (CVE-2013-5045) - MS13-097 Severity: Medium Fixlet ID: 2021601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20216.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5045 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability." *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 and Adobe AIR before 3.5.0.600 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-527 Severity: High Fixlet ID: 2027401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20274.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5275 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280. *************************************************************** Title: Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content Severity: High Fixlet ID: 2031801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20318.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1535 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document. *************************************************************** Title: Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 and Adobe AIR before 3.5.0.600 on Windows allow attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors Severity: High Fixlet ID: 2032301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20323.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5278 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 and Adobe AIR before 3.5.0.880 on Windows, allows attackers to execute arbitrary code via unspecified vectors Severity: High Fixlet ID: 2039501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20395.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5676 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors. *************************************************************** Title: Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 and Adobe AIR before 3.3.0.3610 on Windows, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability t Severity: High Fixlet ID: 2042401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20424.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2037 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034. *************************************************************** Title: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 2043401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20434.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5263 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. *************************************************************** Title: Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 and Adobe AIR before 3.3.0.3610 on Windows, allows attackers to execute arbitrary code via unspecified vectors Severity: High Fixlet ID: 2045901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20459.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2035 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors. *************************************************************** Title: Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability" Severity: High Fixlet ID: 2047201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20472.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0779 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability," as exploited in the wild in May 2012. *************************************************************** Title: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 2051001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20510.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5269 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. *************************************************************** Title: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 and Adobe AIR before 3.4.0.2540 on Windows, allow attackers to cause a denial of service (application crash) by leveraging a logic error during handling of Firefox dialogs Severity: Medium Fixlet ID: 2055601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20556.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4171 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to cause a denial of service (application crash) by leveraging a logic error during handling of Firefox dialogs. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2055901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20559.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5249 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Unspecified vulnerability in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows has unknown impact and attack vectors Severity: High Fixlet ID: 2058901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20589.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5673 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 has unknown impact and attack vectors. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2060701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20607.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5248 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2013-5047) - MS13-097 Severity: High Fixlet ID: 2061401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20614.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5047 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-5048. *************************************************************** Title: Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 and Adobe AIR before 3.3.0.3610 on Windows, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors Severity: Medium Fixlet ID: 2063201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20632.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2038 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. *************************************************************** Title: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 and Adobe AIR before 3.4.0.2540 on Windows, allow remote attackers to read content from a different domain via a crafted web site Severity: Medium Fixlet ID: 2065101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20651.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4168 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow remote attackers to read content from a different domain via a crafted web site. *************************************************************** Title: OWA XSS Vulnerability (CVE-2013-5072) - MS13-105 Severity: Medium Fixlet ID: 2065301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20653.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5072 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Cross-site scripting (XSS) vulnerability in Outlook Web Access in Microsoft Exchange Server 2010 SP2 and SP3 and 2013 Cumulative Update 2 and 3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability." *************************************************************** Title: Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 and Adobe AIR before 3.3.0.3610 on Windows, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability t Severity: High Fixlet ID: 2065401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20654.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2034 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2065601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20656.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5265 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2067401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20674.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5250 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 and Adobe AIR before 3.3.0.3610 on Windows, allows local users to gain privileges via a Trojan horse executable file in an unspecifi Severity: High Fixlet ID: 2068201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20682.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2040 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2068801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20688.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5255 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 and Adobe AIR before 3.4.0.2540 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 2069301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20693.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4163 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4164 and CVE-2012-4165. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2070101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20701.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5286 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 2072701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20727.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5258 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. *************************************************************** Title: Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 and Adobe AIR before 3.5.0.600 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors Severity: High Fixlet ID: 2073901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20739.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5279 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2013-5052) - MS13-097 Severity: High Fixlet ID: 2075701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20757.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5052 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." *************************************************************** Title: Use-After-Free Vulnerability in Microsoft Scripting Runtime Object Library (CVE-2013-5056) - MS13-099 Severity: High Fixlet ID: 2076001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20760.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5056 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that is visited with Internet Explorer, aka "Use-After-Free Vulnerability in Microsoft Scripting Runtime Object Library." *************************************************************** Title: SharePoint Page Content Vulnerabilities (CVE-2013-5059) - MS13-100 Severity: Medium Fixlet ID: 2076901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20769.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5059 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft SharePoint Server 2010 SP1 and SP2 and 2013, and Office Web Apps 2013, allows remote attackers to execute arbitrary code via crafted page content, aka "SharePoint Page Content Vulnerabilities." *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2077001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20770.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5254 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 and Adobe AIR before 3.5.0.880 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors Severity: High Fixlet ID: 2077201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20772.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5678 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. *************************************************************** Title: Internet Explorer Elevation of Privilege Vulnerability (CVE-2013-5046) - MS13-097 Severity: Medium Fixlet ID: 2077601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20776.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5046 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 7 through 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability." *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2013-5051) - MS13-097 Severity: High Fixlet ID: 2077901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20779.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5051 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." *************************************************************** Title: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 2078901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20789.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5272 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. *************************************************************** Title: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 and Adobe AIR before 3.4.0.2540 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 2079501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20795.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4164 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4163 and CVE-2012-4165. *************************************************************** Title: SignalR XSS Vulnerability (CVE-2013-5042) - MS13-103 Severity: Medium Fixlet ID: 2079801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20798.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5042 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR 1.1.x before 1.1.4 and 2.0.x before 2.0.1, and Visual Studio Team Foundation Server 2013, allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport protocol data, aka "SignalR XSS Vulnerability." *************************************************************** Title: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 2079901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20799.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5268 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. *************************************************************** Title: TrueType Font Parsing Vulnerability (CVE-2013-3903) - MS13-101 Severity: Medium Fixlet ID: 2082901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20829.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3903 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to cause a denial of service (reboot) via a crafted TrueType font (TTF) file, aka "TrueType Font Parsing Vulnerability." *************************************************************** Title: Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 and Adobe AIR before 3.3.0.3610 on Windows, allows attackers to execute arbitrary code via unspecified vectors Severity: High Fixlet ID: 2083801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20838.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2036 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors. *************************************************************** Title: Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 and Adobe AIR before 3.3.0.3610 on Windows, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors Severity: High Fixlet ID: 2084001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20840.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2039 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2084401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20844.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5287 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 and Adobe AIR before 3.5.0.600 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-527 Severity: High Fixlet ID: 2084601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20846.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5277 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5280. *************************************************************** Title: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 2085901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20859.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5267 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. *************************************************************** Title: WinVerifyTrust Signature Validation Vulnerability (CVE-2013-3900) - MS13-098 Severity: High Fixlet ID: 2087201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20872.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3900 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability." *************************************************************** Title: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 and Adobe AIR before 3.4.0.2540 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 2087301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20873.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4165 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4163 and CVE-2012-4164. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2087601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20876.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5251 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 2087901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20879.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5261 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. *************************************************************** Title: Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 and Adobe AIR before 3.4.0.2540 on Windows, allow attackers to cause a denial of service (application crash) by levera Severity: High Fixlet ID: 2088001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20880.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5054 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 and Adobe AIR before 3.5.0.600 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5275, CVE-2012-527 Severity: High Fixlet ID: 2089201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20892.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5274 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2089301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20893.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5260 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 and Adobe AIR before 3.5.0.600 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-527 Severity: High Fixlet ID: 2090401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20904.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5280 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5277. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2091501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20915.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5253 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Win32k Use After Free Vulnerability (CVE-2013-3902) - MS13-101 Severity: High Fixlet ID: 2092001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20920.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3902 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1 and Windows 7 SP1 on 64-bit platforms allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability." *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2092501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20925.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5262 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 and Adobe AIR before 3.5.0.600 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-527 Severity: High Fixlet ID: 2092801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20928.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5276 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5277, and CVE-2012-5280. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2093401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20934.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5264 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Win32k Memory Corruption Vulnerability (CVE-2013-3899) - MS13-101 Severity: High Fixlet ID: 2095101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20951.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3899 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate addresses, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability." *************************************************************** Title: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 2095401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20954.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5270 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. *************************************************************** Title: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability th Severity: High Fixlet ID: 2095801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20958.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5271 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2096301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20963.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5285 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2096401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20964.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5259 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 and Adobe AIR before 3.4.0.2710 on Windows, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer Severity: High Fixlet ID: 2096801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20968.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5257 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. *************************************************************** Title: Win32k Integer Overflow Vulnerability (CVE-2013-5058) - MS13-101 Severity: Medium Fixlet ID: 2097401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20974.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5058 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges via a crafted application, aka "Win32k Integer Overflow Vulnerability." *************************************************************** Title: HXDS ASLR Vulnerability (CVE-2013-5057) - MS13-106 Severity: Medium Fixlet ID: 2098001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20980.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5057 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted COM component on a web site that is visited with Internet Explorer, as exploited in the wild in December 2013, aka "HXDS ASLR Vulnerability." *************************************************************** Title: Microsoft Graphics Component Memory Corruption Vulnerability (CVE-2013-3906) - MS13-096 Severity: High Fixlet ID: 2101901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21019.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3906 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2013-5048) - MS13-097 Severity: High Fixlet ID: 2102601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21026.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5048 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-5047. *************************************************************** Title: Token Hijacking Vulnerability (CVE-2013-5054) - MS13-104 Severity: Medium Fixlet ID: 2103001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21030.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5054 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Office 2013 and 2013 RT allows remote attackers to discover authentication tokens via a crafted response to a file-open request for an Office file on a web site, as exploited in the wild in 2013, aka "Token Hijacking Vulnerability." *************************************************************** Title: Port-Class Driver Double Fetch Vulnerability (CVE-2013-3907) - MS13-101 Severity: High Fixlet ID: 2103301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21033.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3907 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: portcls.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Port-Class Driver Double Fetch Vulnerability." *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2013-5049) - MS13-097 Severity: High Fixlet ID: 2105301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21053.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5049 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." *************************************************************** Title: Oracle Outside In Contains Multiple Exploitable Vulnerabilities (CVE-2013-5763) - MS13-105 Severity: Low Fixlet ID: 2105801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21058.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5763 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Maintenance. NOTE: the original disclosure of this issue erroneously mapped it to CVE-2013-3624. *************************************************************** Title: LRPC Client Buffer Overrun Vulnerability (CVE-2013-3878) - MS13-102 Severity: Medium Fixlet ID: 2107001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21070.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3878 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges by operating an LRPC server that sends a crafted LPC port message, aka "LRPC Client Buffer Overrun Vulnerability." From winvulns-announcements at bigmail.bigfix.com Wed Jan 8 05:20:14 2014 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Wed, 8 Jan 2014 05:20:14 -0800 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 344 Published: Tue, 07 Jan 2014 20:38:34 GMT New Fixlets: ============ *************************************************************** Title: The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote atta Severity: Medium Fixlet ID: 2055201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20552.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6636 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors involving the document.write method. *************************************************************** Title: Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors Severity: High Fixlet ID: 2061001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20610.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6637 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. *************************************************************** Title: Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of Severity: Medium Fixlet ID: 2086301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20863.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6635 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of a node during processing of the DOM tree, related to CompositeEditCommand.cpp and ReplaceSelectionCommand.cpp. *************************************************************** Title: Google Chrome before 31.0.1650.57 allows remote attackers to bypass intended sandbox restrictions by leveraging access to a renderer process, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a different vulnerability than CVE-2013-6632 Severity: Medium Fixlet ID: 2088301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20883.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6802 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Google Chrome before 31.0.1650.57 allows remote attackers to bypass intended sandbox restrictions by leveraging access to a renderer process, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a different vulnerability than CVE-2013-6632. *************************************************************** Title: The OneClickSigninHelper::ShowInfoBarIfPossible function in browser/ui/sync/one_click_signin_helper.cc in Google Chrome before 31.0.1650.63 uses an incorrect URL during realm validation, which allows remote attackers to conduct session fixation attacks an Severity: Medium Fixlet ID: 2091801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20918.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6634 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The OneClickSigninHelper::ShowInfoBarIfPossible function in browser/ui/sync/one_click_signin_helper.cc in Google Chrome before 31.0.1650.63 uses an incorrect URL during realm validation, which allows remote attackers to conduct session fixation attacks and hijack web sessions by triggering improper sync after a 302 (aka Found) HTTP status code. *************************************************************** Title: Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array Severity: High Fixlet ID: 2093701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20937.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6638 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the (1) Runtime_TypedArrayInitialize and (2) Runtime_TypedArrayInitializeFromArrayLike functions. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability - CVE-2013-3846 (MS13-055) Severity: High Fixlet ID: 2096501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20965.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3846 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3143 and CVE-2013-3161. *************************************************************** Title: Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013 Severity: High Fixlet ID: 2098901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20989.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6632 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013. *************************************************************** Title: The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that sets a Severity: High Fixlet ID: 2099701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20997.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6640 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that sets a variable to the value of an array element with a crafted index. *************************************************************** Title: The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified ot Severity: High Fixlet ID: 2105101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21051.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6639 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the value of an array element with a crafted index. From winvulns-announcements at bigmail.bigfix.com Tue Jan 21 05:20:15 2014 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Tue, 21 Jan 2014 05:20:15 -0800 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 345 Published: Mon, 20 Jan 2014 20:33:36 GMT New Fixlets: ============ *************************************************************** Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknow Severity: High Fixlet ID: 2029201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20292.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5610 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. *************************************************************** Title: The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a Severity: Medium Fixlet ID: 2033801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20338.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7112 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. *************************************************************** Title: Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or c Severity: High Fixlet ID: 2067801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20678.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5616 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners. *************************************************************** Title: Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK and Compiler before 3.9.0.1380 allow attackers to execute arbitrary code or cau Severity: High Fixlet ID: 2073801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20738.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5332 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. *************************************************************** Title: The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, whic Severity: High Fixlet ID: 2080001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20800.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5615 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors. *************************************************************** Title: Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK and Compiler before 3.9.0.1380 allow remote attackers to execute arbitrary code Severity: High Fixlet ID: 2087101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20871.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5331 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow remote attackers to execute arbitrary code via crafted .swf content that leverages an unspecified "type confusion," as exploited in the wild in December 2013. *************************************************************** Title: epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Severity: Medium Fixlet ID: 2090301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20903.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7113 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. *************************************************************** Title: Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted Severity: Medium Fixlet ID: 2093201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20932.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5614 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site. *************************************************************** Title: Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation. Severity: Medium Fixlet ID: 2098201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval20982.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5611 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation. *************************************************************** Title: Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a de Severity: High Fixlet ID: 2101501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21015.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5613 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function. *************************************************************** Title: Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL serve Severity: Medium Fixlet ID: 2102401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21024.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6673 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user. *************************************************************** Title: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset param Severity: Medium Fixlet ID: 2104701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21047.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5612 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header. *************************************************************** Title: Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified oth Severity: Medium Fixlet ID: 2109101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21091.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5619 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. *************************************************************** Title: The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered lis Severity: High Fixlet ID: 2111001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21110.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6671 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. *************************************************************** Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and applicat Severity: High Fixlet ID: 2112201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21122.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5609 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. *************************************************************** Title: The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table Severity: Medium Fixlet ID: 2115201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21152.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6630 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. *************************************************************** Title: Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application cras Severity: Medium Fixlet ID: 2122701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21227.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7114 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet. *************************************************************** Title: The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segmen Severity: Medium Fixlet ID: 2123601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21236.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6629 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. From winvulns-announcements at bigmail.bigfix.com Tue Jan 28 05:20:14 2014 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Tue, 28 Jan 2014 05:20:14 -0800 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 346 Published: Mon, 27 Jan 2014 22:23:00 GMT New Fixlets: ============ *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Install) Severity: Medium Fixlet ID: 2138401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21384.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5905 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Install). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE. *************************************************************** Title: Vulnerability in Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) Severity: Medium Fixlet ID: 2141801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21418.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5904 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE. *************************************************************** Title: Unspecified vulnerability in the VirtualBox component in Oracle Virtualization VirtualBox 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability Severity: Low Fixlet ID: 2143801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21438.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0405 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core. *************************************************************** Title: Word Memory Corruption Vulnerability (CVE-2014-0260) - MS14-001 Severity: High Fixlet ID: 2144301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21443.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0260 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." *************************************************************** Title: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) Severity: Medium Fixlet ID: 2148801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21488.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0418 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE. *************************************************************** Title: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) Severity: High Fixlet ID: 2165301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21653.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0424 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE. *************************************************************** Title: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) Severity: Medium Fixlet ID: 2176801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21768.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0375 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data. *************************************************************** Title: Win32k window handle vulnerability in Microsoft Windows (CVE-2014-0262) - MS14-003 Severity: High Fixlet ID: 2177901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21779.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0262 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Server 2008 R2 SP1 does not properly consider thread-owned objects during the processing of window handles, which allows local users to gain privileges via a crafted application, aka "Win32k Window Handle Vulnerability." *************************************************************** Title: Unspecified vulnerability in the VirtualBox component in Oracle Virtualization VirtualBox 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability Severity: Low Fixlet ID: 2188301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21883.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0407 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core. *************************************************************** Title: Vulnerability in Java SE 7u45 and JavaFX 2.2.45 component of Oracle Java SE (subcomponent: JavaFX) Severity: Medium Fixlet ID: 2196201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21962.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5870 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 7u45 and JavaFX 2.2.45 component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE 7u45 and JavaFX 2.2.45. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE, JavaFX accessible data as well as read access to a subset of Java SE, JavaFX accessible data and ability to cause a partial denial of service (partial DOS) of Java SE, JavaFX. *************************************************************** Title: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) Severity: Medium Fixlet ID: 2197701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21977.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5888 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment). Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE. *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R27.7.7, JRockit R28.2.9 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Beans) Severity: Medium Fixlet ID: 2197901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21979.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0423 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R27.7.7, JRockit R28.2.9 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Beans). Easily exploitable vulnerability allows successful authenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java SE, JRockit, Java SE Embedded accessible data and ability to cause a partial denial of service (partial DOS) of Java SE, JRockit, Java SE Embedded. *************************************************************** Title: Vulnerability in Java SE component of Oracle Java SE 6u65 and Java SE 7u45 (subcomponent: Deployment) Severity: High Fixlet ID: 2198901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21989.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0410 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE component of Oracle Java SE 6u65 and Java SE 7u45 (subcomponent: Deployment). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JavaFX 2.2.45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: 2D) Severity: High Fixlet ID: 2203401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22034.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0417 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JavaFX 2.2.45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: 2D). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. *************************************************************** Title: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) Severity: Medium Fixlet ID: 2206601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22066.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5899 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. *************************************************************** Title: Vulnerability in Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Libraries) Severity: High Fixlet ID: 2207301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22073.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5893 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Libraries). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R27.7.7, JRockit R28.2.9 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JSSE) Severity: Medium Fixlet ID: 2209601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22096.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0411 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R27.7.7, JRockit R28.2.9 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JSSE). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE, JRockit, Java SE Embedded accessible data as well as read access to a subset of Java SE, JRockit, Java SE Embedded accessible data. *************************************************************** Title: Vulnerability in Java SE 6u65, Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) Severity: High Fixlet ID: 2210601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22106.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5889 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. *************************************************************** Title: Vulnerability in Java SE 7u45 and JavaFX 2.2.45 component of Oracle Java SE (subcomponent: JavaFX) Severity: Medium Fixlet ID: 2211801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22118.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0382 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 7u45 and JavaFX 2.2.45 component of Oracle Java SE (subcomponent: JavaFX). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JavaFX. *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R27.7.7, Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: 2D) Severity: High Fixlet ID: 2217001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22170.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5907 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R27.7.7, Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: 2D). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. *************************************************************** Title: Vulnerability in Java SE component of Oracle Java SE 6u65 and Java SE 7u45 (subcomponent: Deployment) Severity: High Fixlet ID: 2219201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22192.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0415 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE component of Oracle Java SE 6u65 and Java SE 7u45 (subcomponent: Deployment). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Install) Severity: Medium Fixlet ID: 2220001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22200.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5906 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Install). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE. *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JAAS) Severity: Medium Fixlet ID: 2221401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22214.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0416 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JAAS). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE, Java SE Embedded accessible data. *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: CORBA) Severity: Medium Fixlet ID: 2222701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22227.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5884 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: CORBA). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. *************************************************************** Title: Word Memory Corruption Vulnerability (CVE-2014-0258) - MS14-001 Severity: High Fixlet ID: 2223101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22231.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0258 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: CORBA) Severity: High Fixlet ID: 2223301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22233.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0428 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: CORBA). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. *************************************************************** Title: Vulnerability in Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Security) Severity: High Fixlet ID: 2224501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22245.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5878 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Security). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE, Java SE Embedded accessible data as well as read access to a subset of Java SE, Java SE Embedded accessible data and ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. *************************************************************** Title: Vulnerability in Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Security) Severity: Medium Fixlet ID: 2225801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22258.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5910 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Security). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE, Java SE Embedded accessible data. *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JAXP) Severity: Medium Fixlet ID: 2227001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22270.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0376 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JAXP). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE, Java SE Embedded accessible data. *************************************************************** Title: Kernel NDProxy Vulnerability (CVE-2013-5065) - MS14-002 Severity: High Fixlet ID: 2228801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22288.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5065 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013. *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Networking) Severity: Medium Fixlet ID: 2228901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22289.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0368 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Networking). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Serviceability) Severity: High Fixlet ID: 2230401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22304.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0373 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Serviceability). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE. *************************************************************** Title: Word Memory Corruption Vulnerability (CVE-2014-0259) - MS14-001 Severity: High Fixlet ID: 2231501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22315.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0259 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." *************************************************************** Title: Vulnerability in Java SE 7u45 and JavaFX 2.2.45 component of Oracle Java SE (subcomponent: JavaFX) Severity: Medium Fixlet ID: 2231701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22317.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5895 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 7u45 and JavaFX 2.2.45 component of Oracle Java SE (subcomponent: JavaFX). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java SE, JavaFX accessible data. *************************************************************** Title: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) Severity: Medium Fixlet ID: 2233001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22330.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0403 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data. *************************************************************** Title: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) Severity: Medium Fixlet ID: 2234901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22349.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5902 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE. *************************************************************** Title: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) Severity: Medium Fixlet ID: 2236301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22363.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5898 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data. *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: CORBA) Severity: Medium Fixlet ID: 2237201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22372.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5896 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: CORBA). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. *************************************************************** Title: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) Severity: Medium Fixlet ID: 2237701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22377.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5887 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment). Easily exploitable vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. *************************************************************** Title: Unspecified vulnerability in the VirtualBox component in Oracle Virtualization VirtualBox 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability, a different vulnerability than CVE-2014-0406 Severity: Low Fixlet ID: 2239101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22391.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0404 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0406. *************************************************************** Title: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JNDI) Severity: High Fixlet ID: 2240201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22402.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0422 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JNDI). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. *************************************************************** Title: Unspecified vulnerability in the VirtualBox component in Oracle Virtualization VirtualBox 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability, a different vulnerability than CVE-2014-0404 Severity: Low Fixlet ID: 2243401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22434.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0406 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0404.