From winvulns-announcements at bigmail.bigfix.com Tue Mar 4 05:20:18 2014 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Tue, 4 Mar 2014 05:20:18 -0800 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 351 Published: Tue, 04 Mar 2014 02:43:09 GMT New Fixlets: ============ *************************************************************** Title: The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and m Severity: Medium Fixlet ID: 2204701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22047.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3137 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force password guessing attacks, aka "stealth password cracking vulnerability." *************************************************************** Title: Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500 Severity: High Fixlet ID: 2237301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22373.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0501 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500. *************************************************************** Title: Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0501 Severity: High Fixlet ID: 2242301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22423.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0500 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0501. *************************************************************** Title: Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK and Compiler before 4.0.0.1628 do not prevent access to address information, which makes it easier for attacke Severity: High Fixlet ID: 2244501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22445.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0499 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK and Compiler before 4.0.0.1628 do not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors. *************************************************************** Title: Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK and Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via u Severity: High Fixlet ID: 2256801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22568.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0498 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK and Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors. From winvulns-announcements at bigmail.bigfix.com Tue Mar 4 05:37:08 2014 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Tue, 4 Mar 2014 07:37:08 -0600 Subject: [Winvulns-announcements] AUTO: Kevin Ryan is out of office. Message-ID: I am out of the office until 03/04/2014. I am currently out and will respond to your message when I return Note: This is an automated response to your message "[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'" sent on 03/04/2014 7:20:18 AM. This is the only notification you will receive while this person is away. ********************************************************************** This e-mail message and all attachments transmitted with it may contain legally privileged and/or confidential information intended solely for the use of the addressee(s). If the reader of this message is not the intended recipient, you are hereby notified that any reading, dissemination, distribution, copying, forwarding or other use of this message or its attachments is strictly prohibited. If you have received this message in error, please notify the sender immediately and delete this message and all copies and backups thereof. Thank you. From winvulns-announcements at bigmail.bigfix.com Thu Mar 13 05:20:33 2014 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Thu, 13 Mar 2014 05:20:33 -0700 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 352 Published: Wed, 12 Mar 2014 21:46:20 GMT New Fixlets: ============ *************************************************************** Title: Unspecified vulnerability in the Spatial component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Severity: Medium Fixlet ID: 2166201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21662.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0378 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Spatial component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors. *************************************************************** Title: Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM events dur Severity: High Fixlet ID: 2197101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21971.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6655 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM events during interaction between JavaScript and layout. *************************************************************** Title: Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0493. Severity: High Fixlet ID: 2204801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22048.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0495 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0493. *************************************************************** Title: Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Severity: High Fixlet ID: 2218001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22180.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3774 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. *************************************************************** Title: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via vectors related to SYS tables. Severity: Medium Fixlet ID: 2222201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22222.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0377 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via vectors related to SYS tables. *************************************************************** Title: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Privileged Account. Severity: Low Fixlet ID: 2230301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22303.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3790 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Privileged Account. *************************************************************** Title: Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. Severity: High Fixlet ID: 2241101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22411.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3751 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. *************************************************************** Title: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect availability via unknown vectors. Severity: Medium Fixlet ID: 2242701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22427.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5853 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect availability via unknown vectors. *************************************************************** Title: Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) running J Severity: High Fixlet ID: 2243501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22435.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6658 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) running JavaScript code during execution of the updateWidgetPositions function or (2) making a call into a plugin during execution of the updateWidgetPositions function. *************************************************************** Title: The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which al Severity: Medium Fixlet ID: 2243801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22438.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6656 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors. *************************************************************** Title: Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0495. Severity: High Fixlet ID: 2244001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22440.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0493 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0495. *************************************************************** Title: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. Severity: Medium Fixlet ID: 2249101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22491.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3789 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. *************************************************************** Title: core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Severity: Medium Fixlet ID: 2251701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22517.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6657 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. *************************************************************** Title: Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerab Severity: High Fixlet ID: 2253701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22537.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3760 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-3771. *************************************************************** Title: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows allows attackers to execute arbitrary code via unspecified vectors. Severity: High Fixlet ID: 2258401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22584.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0496 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. *************************************************************** Title: The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which allows remote attackers to cause a denial of service (i Severity: High Fixlet ID: 2259101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22591.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6654 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which allows remote attackers to cause a denial of service (incorrect cast) or possibly have unspecified other impact via unknown vectors. *************************************************************** Title: Unspecified vulnerability in the Workload Manager component in Oracle Database Server 11.2.0.2 and 11.2.0.3, when used in RAC configurations, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Severity: High Fixlet ID: 2261501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22615.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1534 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Workload Manager component in Oracle Database Server 11.2.0.2 and 11.2.0.3, when used in RAC configurations, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. *************************************************************** Title: Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerab Severity: High Fixlet ID: 2262101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22621.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3771 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-3760. *************************************************************** Title: Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for Severity: High Fixlet ID: 2262201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22622.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6652 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for .. (dot dot) sequences or (2) lack of use of the \\?\ protection mechanism. *************************************************************** Title: Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect availability via unknown vectors. Severity: Medium Fixlet ID: 2262701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22627.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1554 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect availability via unknown vectors. *************************************************************** Title: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect availability via unknown vectors. Severity: Low Fixlet ID: 2264601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22646.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5764 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect availability via unknown vectors. *************************************************************** Title: Unspecified vulnerability in the Network Layer component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote attackers to affect availability via unknown vectors. Severity: Medium Fixlet ID: 2264901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22649.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1538 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Network Layer component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote attackers to affect availability via unknown vectors. *************************************************************** Title: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity via unknown vectors. Severity: Medium Fixlet ID: 2265101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22651.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5858 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity via unknown vectors. *************************************************************** Title: Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to the Severity: High Fixlet ID: 2265301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22653.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6653 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to the color chooser. From winvulns-announcements at bigmail.bigfix.com Tue Mar 18 05:20:16 2014 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Tue, 18 Mar 2014 05:20:16 -0700 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 353 Published: Tue, 18 Mar 2014 02:12:56 GMT New Fixlets: ============ *************************************************************** Title: Vulnerability in IrfanView before 4.37 in Heap-based buffer overflow Severity: High Fixlet ID: 2205101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22051.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5351 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file. *************************************************************** Title: Vulnerability in IrfanView before 4.32 in Heap-based buffer overflow Severity: Medium Fixlet ID: 2206801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22068.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5233 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file. *************************************************************** Title: Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message contain Severity: Medium Fixlet ID: 2212201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22122.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6674 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in an IFRAME element, a related issue to CVE-2014-2018. *************************************************************** Title: Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK and Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code Severity: High Fixlet ID: 2220101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22201.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0502 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014. *************************************************************** Title: Vulnerability in IrfanView before 4.33 in Heap-based buffer overflow Severity: Medium Fixlet ID: 2227901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22279.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5904 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image. *************************************************************** Title: Vulnerability in IrfanView 4.34 in Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin Severity: High Fixlet ID: 2248201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22482.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3585 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file. *************************************************************** Title: Vulnerability in IrfanView before 4.23 in integer overflow Severity: High Fixlet ID: 2251101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22511.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0197 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow. *************************************************************** Title: Vulnerability in IrfanView 4.23 in integer overflow Severity: Medium Fixlet ID: 2259701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22597.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2118 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Integer overflow in IrfanView 4.23, when the resampling or screen fitting option is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image, which triggers a heap-based buffer overflow. *************************************************************** Title: Vulnerability in IrfanView before 4.37 in buffer overflow Severity: High Fixlet ID: 2261101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22611.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6932 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window. *************************************************************** Title: Vulnerability in IrfanView before 4.33 in stack-based buffer overflow in the JPEG2000 plugin Severity: Medium Fixlet ID: 2261301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22613.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0897 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. From winvulns-announcements at bigmail.bigfix.com Tue Mar 25 05:20:15 2014 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Tue, 25 Mar 2014 05:20:15 -0700 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 354 Published: Mon, 24 Mar 2014 21:43:59 GMT New Fixlets: ============ *************************************************************** Title: Win32k Elevation of Privilege Vulnerability - CVE-2014-0300 (MS14-015) Severity: High Fixlet ID: 2170001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval21700.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0300 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." *************************************************************** Title: A use-after-free issue in web database Severity: High Fixlet ID: 2200701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22007.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1702 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0311) - MS14-012 Severity: High Fixlet ID: 2207701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22077.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0311 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0299 and CVE-2014-0305. *************************************************************** Title: Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows allows remote attackers to bypass the Same Origin Policy via unspecified vectors. Severity: Medium Fixlet ID: 2209901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22099.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0503 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. *************************************************************** Title: Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows allows attackers to read the clipboard via unspecified vectors. Severity: Medium Fixlet ID: 2217101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22171.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0504 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows attackers to read the clipboard via unspecified vectors. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0306) - MS14-012 Severity: High Fixlet ID: 2217501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22175.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0306 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." *************************************************************** Title: Multiple security vulnerabilities in the V8 Severity: High Fixlet ID: 2219001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22190.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1704 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. *************************************************************** Title: Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK and Compiler before 4.0.0.1390 allow attackers to defeat the ASLR protection mechanis Severity: High Fixlet ID: 2222801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22228.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0492 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to defeat the ASLR protection mechanism by leveraging an "address leak." *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0314) - MS14-012 Severity: High Fixlet ID: 2223601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22236.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0314 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0324) - MS14-012 Severity: High Fixlet ID: 2225201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22252.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0324 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0308, and CVE-2014-0312. *************************************************************** Title: Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file. Severity: High Fixlet ID: 2225401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22254.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1243 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file. *************************************************************** Title: Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file. Severity: High Fixlet ID: 2229301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22293.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1248 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0321) - MS14-012 Severity: High Fixlet ID: 2231601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22316.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0321 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0313. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0307) - MS14-012 Severity: High Fixlet ID: 2234601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22346.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0307 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0309) - MS14-012 Severity: High Fixlet ID: 2239901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22399.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0309 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." *************************************************************** Title: Use-after-free in speech Severity: High Fixlet ID: 2244401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22444.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1700 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. *************************************************************** Title: Vulnerability in Silverlight could allow security feature bypass (CVE-2014-0319) - MS14-014 Severity: High Fixlet ID: 2244601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22446.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0319 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Silverlight 5 before 5.1.30214.0 and Silverlight 5 Developer Runtime before 5.1.30214.0 allow attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors, aka "Silverlight DEP/ASLR Bypass Vulnerability." *************************************************************** Title: Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movi Severity: High Fixlet ID: 2245701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22457.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1250 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file. *************************************************************** Title: Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. Severity: High Fixlet ID: 2246801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22468.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1244 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. *************************************************************** Title: Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file. Severity: High Fixlet ID: 2247801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22478.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1251 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file. *************************************************************** Title: Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image. Severity: High Fixlet ID: 2248501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22485.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1249 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0313) - MS14-012 Severity: High Fixlet ID: 2249701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22497.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0313 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0321. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0308) - MS14-012 Severity: High Fixlet ID: 2250001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22500.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0308 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0312, and CVE-2014-0324. *************************************************************** Title: DirectShow Memory Corruption Vulnerability - CVE-2014-0301 (MS14-013) Severity: High Fixlet ID: 2250801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22508.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0301 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via a crafted JPEG image, aka "DirectShow Memory Corruption Vulnerability." *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0298) - MS14-012 Severity: High Fixlet ID: 2251201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22512.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0298 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0304) - MS14-012 Severity: High Fixlet ID: 2251401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22514.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0304 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." *************************************************************** Title: Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK and Compiler before 4.0.0.1390 allow attackers to bypass unspecified protection mecha Severity: High Fixlet ID: 2253001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22530.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0491 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to bypass unspecified protection mechanisms via unknown vectors. *************************************************************** Title: A router or firewall allows source routed packets from arbitrary hosts (CVE-1999-0510) Severity: High Fixlet ID: 2253801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22538.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0510 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A router or firewall allows source routed packets from arbitrary hosts. *************************************************************** Title: Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file. Severity: High Fixlet ID: 2254701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22547.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1246 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0303) - MS14-012 Severity: High Fixlet ID: 2258101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22581.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0303 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0302. *************************************************************** Title: Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file. Severity: High Fixlet ID: 2258301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22583.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1247 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0302) - MS14-012 Severity: High Fixlet ID: 2258701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22587.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0302 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0303. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0299) - MS14-012 Severity: High Fixlet ID: 2260401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22604.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0299 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0305 and CVE-2014-0311. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0305) - MS14-012 Severity: High Fixlet ID: 2260701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22607.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0305 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0299 and CVE-2014-0311. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0312) - MS14-012 Severity: High Fixlet ID: 2261001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22610.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0312 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0308, and CVE-2014-0324. *************************************************************** Title: Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file. Severity: High Fixlet ID: 2261401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22614.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1245 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file. *************************************************************** Title: A sandbox-bypass issue exists due to a use-after-free in web sockets Severity: High Fixlet ID: 2262501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22625.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1703 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. *************************************************************** Title: Win32k Information Disclosure Vulnerability - CVE-2014-0323 (MS14-015) Severity: Medium Fixlet ID: 2263301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22633.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0323 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (system hang) via a crafted application, aka "Win32k Information Disclosure Vulnerability." *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0297) - MS14-012 Severity: High Fixlet ID: 2265201 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22652.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0297 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0308, CVE-2014-0312, and CVE-2014-0324. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-0322) - MS14-012 Severity: High Fixlet ID: 2266001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22660.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0322 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, as exploited in the wild in January and February 2014. *************************************************************** Title: A cross-site scripting issue in events Severity: Medium Fixlet ID: 2269001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval22690.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1701 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. *************************************************************** Title: Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record Severity: High Fixlet ID: 2321701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23217.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2299 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data. *************************************************************** Title: Directory traversal issue in Google Chrome before 33.0.1750.154 on Windows Severity: High Fixlet ID: 2345801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23458.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1715 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Directory traversal vulnerability in Google Chrome before 33.0.1750.154 on Windows has unspecified impact and attack vectors. *************************************************************** Title: Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site Severity: Medium Fixlet ID: 2354501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23545.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1489 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site. *************************************************************** Title: VLC Media Player MKV Parsing Integer Overflow Vulnerability Severity: Medium Fixlet ID: 2369601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23696.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3245 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. *************************************************************** Title: The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in c Severity: Medium Fixlet ID: 2375901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23759.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1487 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js. *************************************************************** Title: Windows clipboard vulnerability in Google Chrome before 33.0.1750.154 Severity: High Fixlet ID: 2376001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23760.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1714 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The ScopedClipboardWriter::WritePickledData function in ui/base/clipboard/scoped_clipboard_writer.cc in Google Chrome before 33.0.1750.154 on Windows does not verify a certain format value, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the clipboard. *************************************************************** Title: Adobe Shockwave Player before 12.1.0.150 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Severity: High Fixlet ID: 2377401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23774.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0505 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Shockwave Player before 12.1.0.150 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.. *************************************************************** Title: The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) Severity: Medium Fixlet ID: 2377601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23776.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1684 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file. *************************************************************** Title: RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of servic Severity: High Fixlet ID: 2382101 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23821.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1482 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create. *************************************************************** Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and applicat Severity: High Fixlet ID: 2393401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23934.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1477 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. *************************************************************** Title: Apache Subversion vulnerability before 1.7.15 and 1.8.x before 1.8.6 in VisualSVN Server allows remote attackers to cause a denial of service Severity: Medium Fixlet ID: 2394001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23940.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0032 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the "svn ls http://svn.example.com" command. *************************************************************** Title: The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a down Severity: Medium Fixlet ID: 2399001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23990.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1480 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site. *************************************************************** Title: Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24 does not properly restrict public values in Diffie-Hellman key exchanges Severity: Medium Fixlet ID: 2399601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23996.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1491 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value. *************************************************************** Title: Memory corruption in V8 in Google Chrome before 33.0.1750.154 on Windows Severity: High Fixlet ID: 2400301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24003.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1705 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Google V8, as used in Google Chrome before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. *************************************************************** Title: Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different Ja Severity: Medium Fixlet ID: 2403001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24030.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1481 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines. *************************************************************** Title: VLC Media Player RTSP Processing "parseRTSPRequestString()" Buffer Overflow Vulnerability Severity: High Fixlet ID: 2404001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24040.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6934 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a space character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6933. *************************************************************** Title: SAMR security feature bypass vulnerability (CVE-2014-0317) - MS14-016 Severity: Medium Fixlet ID: 2404801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24048.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0317 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly determine the user-lockout state, which makes it easier for remote attackers to bypass the account lockout policy and obtain access via a brute-force attack, aka "SAMR Security Feature Bypass Vulnerability." *************************************************************** Title: The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended res Severity: Medium Fixlet ID: 2405601 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24056.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1479 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes. *************************************************************** Title: The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a c Severity: Medium Fixlet ID: 2406401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24064.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2282 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet. *************************************************************** Title: Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionF Severity: Medium Fixlet ID: 2408401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24084.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1483 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions. *************************************************************** Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vector Severity: High Fixlet ID: 2410301 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24103.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1478 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors. *************************************************************** Title: Use-after-free in Blink bindings in Google Chrome before 33.0.1750.154 on Windows Severity: High Fixlet ID: 2410501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24105.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1713 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value. *************************************************************** Title: epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application cras Severity: Medium Fixlet ID: 2415801 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24158.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2283 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet. *************************************************************** Title: The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memor Severity: Medium Fixlet ID: 2416001 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24160.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2281 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet. *************************************************************** Title: The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitr Severity: High Fixlet ID: 2416401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24164.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1485 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions. *************************************************************** Title: Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a Severity: Medium Fixlet ID: 2419401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24194.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1490 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket. *************************************************************** Title: Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecifi Severity: High Fixlet ID: 2420501 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24205.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1486 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data. *************************************************************** Title: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via ve Severity: High Fixlet ID: 2420901 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24209.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1488 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. *************************************************************** Title: Apache Subversion vulnerability 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4 in VisualSVN Server allows remote attackers to cause a denial of service Severity: Low Fixlet ID: 2427701 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24277.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4558 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service (assertion failure and Apache process abort) via a non-canonical URL in a request, as demonstrated using a trailing /. *************************************************************** Title: Apache Subversion vulnerability 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 in VisualSVN Server allows remote attackers to bypass intended access restrictions and possibly cause a denial of service Severity: Low Fixlet ID: 2429401 Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24294.html Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4505 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.