[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Fri Apr 1 05:21:08 PDT 2016
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 479 Published: Thu, 31 Mar 2016 18:49:07 GMT
New Fixlets:
============
***************************************************************
Title: Scripting Engine Memory Corruption Vulnerability - CVE-2015-6089 (MS15-112)
Severity: High
Fixlet ID: 44701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A447
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6089
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Microsoft (1) VBScript and (2) JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
***************************************************************
Title: Internet Explorer Elevation of Privilege Vulnerability - CVE-2016-0005 (MS16-001)
Severity: Medium
Fixlet ID: 44801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A448
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0005
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability."
More information about the WinVulns-Announcements
mailing list