From winvulns-announcements at bigmail.bigfix.com Fri Apr 1 05:21:08 2016 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Fri, 1 Apr 2016 05:21:08 -0700 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 479 Published: Thu, 31 Mar 2016 18:49:07 GMT New Fixlets: ============ *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2015-6089 (MS15-112) Severity: High Fixlet ID: 44701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A447 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6089 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft (1) VBScript and (2) JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." *************************************************************** Title: Internet Explorer Elevation of Privilege Vulnerability - CVE-2016-0005 (MS16-001) Severity: Medium Fixlet ID: 44801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A448 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0005 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability." From winvulns-announcements at bigmail.bigfix.com Tue Apr 5 05:21:09 2016 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Tue, 5 Apr 2016 05:21:09 -0700 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 480 Published: Mon, 04 Apr 2016 19:02:55 GMT New Fixlets: ============ *************************************************************** Title: OpenType Font Parsing Vulnerability - CVE-2015-2506 (MS15-097) Severity: High Fixlet ID: 45002 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A450 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2506 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (system crash) via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability." *************************************************************** Title: Memory Corruption Vulnerability - CVE-2015-2502 (MS15-093) Severity: High Fixlet ID: 45102 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A451 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2502 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," as exploited in the wild in August 2015. From winvulns-announcements at bigmail.bigfix.com Fri Apr 15 05:21:16 2016 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Fri, 15 Apr 2016 05:21:16 -0700 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 481 Published: Thu, 14 Apr 2016 20:18:44 GMT New Fixlets: ============ *************************************************************** Title: Windows Journal DoS Vulnerability - CVE-2015-2514 (MS15-098) Severity: High Fixlet ID: 45201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A452 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2514 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka "Windows Journal RCE Vulnerability," a different vulnerability than CVE-2015-2513 and CVE-2015-2530. *************************************************************** Title: Memory Corruption Vulnerability - CVE-2015-2502 (MS15-093) Severity: High Fixlet ID: 45302 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A453 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2502 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," as exploited in the wild in August 2015. *************************************************************** Title: Windows Journal DoS Vulnerability - CVE-2015-2516 (MS15-098) Severity: Medium Fixlet ID: 45401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A454 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2516 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (data loss) via a crafted .jnt file, aka "Windows Journal DoS Vulnerability." From winvulns-announcements at bigmail.bigfix.com Tue Apr 19 05:21:03 2016 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Tue, 19 Apr 2016 05:21:03 -0700 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 482 Published: Mon, 18 Apr 2016 18:56:41 GMT New Fixlets: ============ *************************************************************** Title: Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows (CVE-2015-5123) Severity: High Fixlet ID: 45801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A458 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5123 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a ValueOf function, as exploited in the wild in July 2015. From winvulns-announcements at bigmail.bigfix.com Tue Apr 26 05:21:09 2016 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Tue, 26 Apr 2016 05:21:09 -0700 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 483 Published: Mon, 25 Apr 2016 17:39:52 GMT New Fixlets: ============ *************************************************************** Title: Microsoft Office Memory Corruption Vulnerability - CVE-2015-1642 (MS15-081) Severity: High Fixlet ID: 46302 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A463 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1642 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." *************************************************************** Title: DLL Loading Remote Code Execution Vulnerability - CVE-2016-0160 (MS16-037) Severity: High Fixlet ID: 46401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A464 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0160 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 11 mishandles DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability." *************************************************************** Title: Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 and 14.x through 18.0.0.203 - CVE-2015-5122 Severity: High Fixlet ID: 46501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A465 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5122 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability - CVE-2016-0159 (MS16-037) Severity: High Fixlet ID: 46601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A466 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0159 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." *************************************************************** Title: Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows (CVE-2015-3043) Severity: High Fixlet ID: 46702 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A467 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3043 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in April 2015, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3042. *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2015-2493 (MS15-094) Severity: High Fixlet ID: 46802 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A468 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2493 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The (1) VBScript and (2) JScript engines in Microsoft Internet Explorer 8 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." *************************************************************** Title: Microsoft Browser Memory Corruption Vulnerability - CVE-2016-0154 (MS16-037) Severity: High Fixlet ID: 46901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A469 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0154 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability - CVE-2016-0166 (MS16-037) Severity: High Fixlet ID: 47001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A470 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0166 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." *************************************************************** Title: Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows (CVE-2015-5119) Severity: High Fixlet ID: 47102 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A471 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5119 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a ValueOf function, as exploited in the wild in July 2015. *************************************************************** Title: Internet Explorer Information Disclosure Vulnerability - CVE-2016-0162 (MS16-037) Severity: Medium Fixlet ID: 47202 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A472 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0162 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability." *************************************************************** Title: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 - CVE-2015-3113 Severity: High Fixlet ID: 47302 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A473 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3113 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability - CVE-2016-0164 (MS16-037) Severity: High Fixlet ID: 47402 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A474 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0164 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." From winvulns-announcements at bigmail.bigfix.com Fri Apr 29 05:21:16 2016 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Fri, 29 Apr 2016 05:21:16 -0700 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 484 Published: Thu, 28 Apr 2016 17:44:41 GMT New Fixlets: ============ *************************************************************** Title: Windows SAM and LSAD Downgrade Vulnerability - CVE-2016-0128 (MS16-047) Severity: Medium Fixlet ID: 47502 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A475 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0128 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "Windows SAM and LSAD Downgrade Vulnerability" or "BADLOCK." *************************************************************** Title: Win32k Elevation of Privilege Vulnerability - CVE-2016-0165 (MS16-039) Severity: High Fixlet ID: 47602 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A476 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0165 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0143 and CVE-2016-0167. *************************************************************** Title: MSXML Remote Code Execution Vulnerability - CVE-2016-0147 (MS16-040) Severity: High Fixlet ID: 47702 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A477 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0147 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft XML Core Services 3.0 allows remote attackers to execute arbitrary code via a crafted web site, aka "MSXML 3.0 Remote Code Execution Vulnerability." *************************************************************** Title: Win32k Elevation of Privilege Vulnerability - CVE-2016-0143 (MS16-039) Severity: High Fixlet ID: 47902 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A479 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0143 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0165 and CVE-2016-0167. *************************************************************** Title: Win32k Elevation of Privilege Vulnerability - CVE-2016-0167 (MS16-039) Severity: High Fixlet ID: 48002 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A480 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0167 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0143 and CVE-2016-0165.