[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Fri May 15 05:21:35 PDT 2015
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 444 Published: Thu, 14 May 2015 19:29:08 GMT
New Fixlets:
============
***************************************************************
Title: MSXML3 same origin policy SFB vulnerability - CVE-2015-1646 (MS15-039)
Severity: Medium
Fixlet ID: 2900901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval29009.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1646
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft XML Core Services (aka MSXML) 3.0 allows remote attackers to bypassthe Same Origin Policy and obtain sensitive information via a crafted DTD, aka "MSXML3Same Origin Policy SFB Vulnerability."
More information about the WinVulns-Announcements
mailing list