[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Wed Jul 16 05:20:18 PDT 2014
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 374 Published: Tue, 15 Jul 2014 18:54:33 GMT
New Fixlets:
============
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2806 (MS14-037)
Severity: High
Fixlet ID: 2428001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24280.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2806
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2795 (MS14-037)
Severity: High
Fixlet ID: 2449601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24496.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2795
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Ancillary Function Driver Elevation of Privilege Vulnerability - CVE-2014-1767 (MS14-040)
Severity: High
Fixlet ID: 2459201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24592.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1767
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2789 (MS14-037)
Severity: High
Fixlet ID: 2474401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24744.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2789
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK and Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors
Severity: High
Fixlet ID: 2478301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24783.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0539
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2785 (MS14-037)
Severity: High
Fixlet ID: 2480501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24805.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2785
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Windows journal remote code execution vulnerability - CVE-2014-1824 (MS14-038)
Severity: High
Fixlet ID: 2487101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24871.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1824
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2798 (MS14-037)
Severity: High
Fixlet ID: 2489501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24895.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2798
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2794 (MS14-037)
Severity: High
Fixlet ID: 2490401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24904.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2794
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2792 (MS14-037)
Severity: High
Fixlet ID: 2491001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24910.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2792
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2790 (MS14-037)
Severity: High
Fixlet ID: 2491501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24915.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2790
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2788 (MS14-037)
Severity: High
Fixlet ID: 2491701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24917.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2788
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK and Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors
Severity: High
Fixlet ID: 2493101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24931.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0537
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2813 (MS14-037)
Severity: High
Fixlet ID: 2496701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24967.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2813
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Extended Validation (EV) Certificate Security Feature Bypass Vulnerability - CVE-2014-2783 (MS14-037)
Severity: Medium
Fixlet ID: 2499001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24990.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2783
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-1763 (MS14-037)
Severity: High
Fixlet ID: 2501201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25012.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1763
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Use-after-free vulnerability in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2809 (MS14-037)
Severity: High
Fixlet ID: 2503401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25034.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2809
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2791 (MS14-037)
Severity: High
Fixlet ID: 2504801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25048.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2791
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2787 (MS14-037)
Severity: High
Fixlet ID: 2506301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25063.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2787
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-1765 (MS14-037)
Severity: High
Fixlet ID: 2509601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25096.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1765
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2803 (MS14-037)
Severity: High
Fixlet ID: 2510501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25105.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2803
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: DirectShow Elevation of Privilege Vulnerability - CVE-2014-2780 (MS14-041)
Severity: Medium
Fixlet ID: 2511201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25112.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2780
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2804 (MS14-037)
Severity: High
Fixlet ID: 2514301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25143.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2804
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2797 (MS14-037)
Severity: High
Fixlet ID: 2516501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25165.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2797
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2807 (MS14-037)
Severity: High
Fixlet ID: 2518201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25182.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2807
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Service Bus Denial of Service Vulnerability - CVE-2014-2814 (MS14-042)
Severity: Medium
Fixlet ID: 2518401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25184.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2814
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2786 (MS14-037)
Severity: High
Fixlet ID: 2519001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25190.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2786
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK and Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors
Severity: Medium
Fixlet ID: 2519101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25191.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4671
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2800 (MS14-037)
Severity: High
Fixlet ID: 2520701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25207.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2800
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2802 (MS14-037)
Severity: High
Fixlet ID: 2520801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25208.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2802
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Win32k Elevation of Privilege Vulnerability - CVE-2014-2781 (MS14-039)
Severity: High
Fixlet ID: 2521301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25213.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2781
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2801 (MS14-037)
Severity: High
Fixlet ID: 2521901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25219.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2801
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
More information about the WinVulns-Announcements
mailing list