[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Fri Nov 21 05:21:40 PST 2014
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 416 Published: Thu, 20 Nov 2014 19:30:28 GMT
New Fixlets:
============
***************************************************************
Title: Microsoft Office bad index remote code execution vulnerability - CVE-2014-6334 (MS14-069)
Severity: High
Fixlet ID: 2745101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27451.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6334
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Bad Index Remote Code Execution Vulnerability."
***************************************************************
Title: TCP/IP Elevation of privilege vulnerability - CVE-2014-4076 (MS14-070)
Severity: High
Fixlet ID: 2762001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27620.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4076
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."
***************************************************************
Title: Denial of service in Windows Kernel Mode Driver vulnerability - CVE-2014-6317 (MS14-079)
Severity: High
Fixlet ID: 2776801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27768.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6317
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (reboot) via a crafted TrueType font, aka "Denial of Service in Windows Kernel Mode Driver Vulnerability."
***************************************************************
Title: Microsoft schannel remote code execution vulnerability - CVE-2014-6321 (MS14-066)
Severity: High
Fixlet ID: 2779401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27794.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6321
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via crafted packets, aka "Microsoft Schannel Remote Code Execution Vulnerability."
***************************************************************
Title: SharePoint elevation of privilege vulnerability - CVE-2014-4116 (MS14-073)
Severity: Medium
Fixlet ID: 2782401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27824.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4116
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2 allows remote authenticated users to inject arbitrary web script or HTML via a modified list, aka "SharePoint Elevation of Privilege Vulnerability."
***************************************************************
Title: IIS Security feature bypass vulnerability - CVE-2014-4078 (MS14-076)
Severity: Medium
Fixlet ID: 2790901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27909.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4078
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."
***************************************************************
Title: Windows OLE remote code execution vulnerability - CVE-2014-6352 (MS14-064)
Severity: High
Fixlet ID: 2792301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27923.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6352
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.
***************************************************************
Title: Microsoft IME (Japanese) elevation of privilege vulnerability - CVE-2014-4077 (MS14-078)
Severity: High
Fixlet ID: 2798401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27984.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4077
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanese) Elevation of Privilege Vulnerability," as exploited in the wild in 2014.
***************************************************************
Title: Windows OLE automation array remote code execution vulnerability - CVE-2014-6332 (MS14-064)
Severity: High
Fixlet ID: 2804601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval28046.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6332
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."
***************************************************************
Title: TypeFilterLevel vulnerability - CVE-2014-4149 (MS14-072)
Severity: High
Fixlet ID: 2805601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval28056.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4149
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka "TypeFilterLevel Vulnerability."
***************************************************************
Title: MSXML Remote Code Execution Vulnerability - CVE-2014-4118 (MS14-067)
Severity: High
Fixlet ID: 2808001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval28080.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4118
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (system-state corruption) via crafted XML content, aka "MSXML Remote Code Execution Vulnerability."
***************************************************************
Title: Microsoft Office invalid pointer remote code execution vulnerability - CVE-2014-6335 (MS14-069)
Severity: High
Fixlet ID: 2821201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval28212.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6335
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Invalid Pointer Remote Code Execution Vulnerability."
***************************************************************
Title: Microsoft Office double delete remote code execution vulnerability - CVE-2014-6333 (MS14-069)
Severity: High
Fixlet ID: 2822901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval28229.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6333
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Double Delete Remote Code Execution Vulnerability."
***************************************************************
Title: Remote Desktop Protocol (RDP) failure to audit vulnerability - CVE-2014-6318 (MS14-074)
Severity: Medium
Fixlet ID: 2827001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval28270.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6318
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly log unauthorized login attempts supplying valid credentials, which makes it easier for remote attackers to bypass intended access restrictions via a series of attempts, aka "Remote Desktop Protocol (RDP) Failure to Audit Vulnerability."
***************************************************************
Title: Windows audio service vulnerability - CVE-2014-6322 (MS14-071)
Severity: Medium
Fixlet ID: 2828301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval28283.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6322
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Windows Audio service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted web site, as demonstrated by execution of web script in Internet Explorer, aka "Windows Audio Service Vulnerability."
More information about the WinVulns-Announcements
mailing list