From winvulns-announcements at bigmail.bigfix.com  Wed Oct 22 05:21:31 2014
From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages)
Date: Wed, 22 Oct 2014 05:21:31 -0700
Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets
	Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Message-ID: <mailman.513.1413980506.8780.winvulns-announcements@bigmail.bigfix.com>

Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 407	Published: Tue, 21 Oct 2014 19:26:04  GMT

New Fixlets:
============

***************************************************************
Title: Windows OLE remote code execution vulnerability - CVE-2014-4114 (MS14-060)
Severity: High
Fixlet ID: 2616001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26160.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4114
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a "Sandworm" attack in June through October 2014, aka "Windows OLE Remote Code Execution Vulnerability."

***************************************************************
Title: MVC XSS Vulnerability - CVE-2014-4075 (MS14-059)
Severity: Medium
Fixlet ID: 2633301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26333.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4075
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Cross-site scripting (XSS) vulnerability in System.Web.Mvc.dll in Microsoft ASP.NET Model View Controller (MVC) 2.0 through 5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted web page, aka "MVC XSS Vulnerability."

***************************************************************
Title: .NET framework denial of service vulnerability - CVE-2014-4072 (MS14-053)
Severity: Medium
Fixlet ID: 2660101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26601.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4072
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly use a hash table for request data, which allows remote attackers to cause a denial of service (resource consumption and ASP.NET performance degradation) via crafted requests, aka ".NET Framework Denial of Service Vulnerability."

***************************************************************
Title: Internet explorer elevation of privilege vulnerability - CVE-2014-4123 (MS14-056)
Severity: Medium
Fixlet ID: 2666401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26664.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4123
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," as exploited in the wild in October 2014, a different vulnerability than CVE-2014-4124.

***************************************************************
Title: Internet explorer memory corruption vulnerability - CVE-2014-4138 (MS14-052)
Severity: High
Fixlet ID: 2673001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26730.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4138
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4130 and CVE-2014-4132.

***************************************************************
Title: Internet explorer elevation of privilege vulnerability - CVE-2014-4124 (MS14-056)
Severity: Medium
Fixlet ID: 2673301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26733.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4124
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-4123.

***************************************************************
Title: .NET Framework remote code execution vulnerability  - CVE-2014-4121 (MS14-057)
Severity: High
Fixlet ID: 2675701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26757.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4121
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly parse internationalized resource identifiers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted request to a .NET web application, aka ".NET Framework Remote Code Execution Vulnerability."

***************************************************************
Title: Internet explorer memory corruption vulnerability - CVE-2014-4132 (MS14-056)
Severity: High
Fixlet ID: 2682301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26823.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4132
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4130 and CVE-2014-4138.

***************************************************************
Title: Internet explorer memory corruption vulnerability - CVE-2014-4128 (MS14-056)
Severity: High
Fixlet ID: 2685001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26850.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4128
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

***************************************************************
Title: Windows disk partition driver elevation of privilege vulnerability ? CVE-2014-4115 (MS14-063)
Severity: High
Fixlet ID: 2686801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26868.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4115
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: fastfat.sys (aka the FASTFAT driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 does not properly allocate memory, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (reserved-memory write) by connecting a crafted USB device, aka "Microsoft Windows Disk Partition Driver Elevation of Privilege Vulnerability."

***************************************************************
Title: .NET ASLR vulnerability  - CVE-2014-4122 (MS14-057)
Severity: Medium
Fixlet ID: 2690301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26903.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4122
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR protection mechanism, which allows remote attackers to obtain potentially sensitive information about memory addresses by leveraging the predictability of an executable image's location, aka ".NET ASLR Vulnerability."

***************************************************************
Title: .NET ClickOnce elevation of privilege vulnerability - CVE-2014-4073 (MS14-057)
Severity: High
Fixlet ID: 2691001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26910.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4073
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability."

***************************************************************
Title: Internet explorer memory corruption vulnerability - CVE-2014-4141 (MS14-052)
Severity: High
Fixlet ID: 2691801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26918.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4141
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

***************************************************************
Title: Internet explorer elevation of privilege vulnerability - CVE-2014-4133 (MS14-056)
Severity: High
Fixlet ID: 2695001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26950.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4133
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4137.

***************************************************************
Title: Internet explorer memory corruption vulnerability - CVE-2014-4137 (MS14-056)
Severity: High
Fixlet ID: 2695301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26953.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4137
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4133.

***************************************************************
Title: MQAC arbitrary write privilege escalation vulnerability - CVE-2014-4971 (MS14-062)
Severity: High
Fixlet ID: 2697401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26974.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4971
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.

***************************************************************
Title: Internet explorer memory corruption vulnerability - CVE-2014-4134 (MS14-056)
Severity: High
Fixlet ID: 2697901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26979.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4134
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

***************************************************************
Title: Internet explorer memory corruption vulnerability - CVE-2014-4127 (MS14-056)
Severity: High
Fixlet ID: 2699701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26997.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4127
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

***************************************************************
Title: Internet explorer ASLR bypass vulnerability - CVE-2014-4140 (MS14-056)
Severity: Medium
Fixlet ID: 2700301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27003.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4140
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."

***************************************************************
Title: Internet explorer memory corruption vulnerability - CVE-2014-4126 (MS14-056)
Severity: High
Fixlet ID: 2703701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27037.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4126
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

***************************************************************
Title: Microsoft word file format vulnerability - CVE-2014-4117 (MS14-061)
Severity: High
Fixlet ID: 2704101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27041.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4117
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Office 2007 SP3, Word 2007 SP3, Office 2010 SP1 and SP2, Word 2010 SP1 and SP2, Office for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP1 and SP2, and Word Web Apps 2010 Gold, SP1, and SP2 allow remote attackers to execute arbitrary code via crafted properties in a Word document, aka "Microsoft Word File Format Vulnerability."

***************************************************************
Title: Internet explorer memory corruption vulnerability - CVE-2014-4130 (MS14-056)
Severity: High
Fixlet ID: 2706901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27069.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4130
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4132 and CVE-2014-4138.

***************************************************************
Title: Win32k.sys elevation of privilege vulnerability - CVE-2014-4113 (MS14-058)
Severity: High
Fixlet ID: 2707601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27076.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4113
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."

***************************************************************
Title: Internet explorer memory corruption vulnerability - CVE-2014-4129 (MS14-056)
Severity: High
Fixlet ID: 2709401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval27094.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4129
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."


From winvulns-announcements at bigmail.bigfix.com  Fri Oct 24 05:21:26 2014
From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages)
Date: Fri, 24 Oct 2014 05:21:26 -0700
Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets
	Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Message-ID: <mailman.702.1414153518.8780.winvulns-announcements@bigmail.bigfix.com>

Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 408	Published: Thu, 23 Oct 2014 19:23:55  GMT

New Fixlets:
============

***************************************************************
Title: TrueType font parsing remote code execution vulnerability - CVE-2014-4148 (MS14-058)
Severity: High
Fixlet ID: 2642201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval26422.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4148
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted TrueType font, as exploited in the wild in October 2014, aka "TrueType Font Parsing Remote Code Execution Vulnerability."


From winvulns-announcements at bigmail.bigfix.com  Fri Oct 24 05:36:55 2014
From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages)
Date: Fri, 24 Oct 2014 08:36:55 -0400
Subject: [Winvulns-announcements] AUTO: Tim Hollerbush is out of the office.
	(returning 10/27/2014)
Message-ID: <mailman.703.1414154238.8780.winvulns-announcements@bigmail.bigfix.com>


I am out of the office until 10/27/2014.

I will respond to your message when I return on 10/13/2014.  If it
is an emergency please contact the DRMS Helpdesk 207-591-3294


Note: This is an automated response to your message
"[Winvulns-announcements] BES Auto Notification: New Fixlets	Published
in Fixlet Site: 'Vulnerabilities to Windows Systems'" sent on 10/24/2014
8:21:26 AM.

This is the only notification you will receive while this person is away.

**********************************************************************
This e-mail message and all attachments transmitted with it may contain legally privileged and/or confidential information intended solely for the use of the addressee(s). If the reader of this message is not the intended recipient, you are hereby notified that any reading, dissemination, distribution, copying, forwarding or other use of this message or its attachments is strictly prohibited. If you have received this message in error, please notify the sender immediately and delete this message and all copies and backups thereof. Thank you.