[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Tue Dec 20 05:21:00 PST 2016
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 530 Published: Mon, 19 Dec 2016 23:48:08 GMT
New Fixlets:
============
***************************************************************
Title: MSL coder vulnerability in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 - CVE-2016-3716
Severity: Medium
Fixlet ID: 155102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1551
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3716
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
***************************************************************
Title: LABEL coder vulnerability in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 - CVE-2016-3717
Severity: High
Fixlet ID: 155201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1552
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3717
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
***************************************************************
Title: Cisco IP Communicator 8.6(4) allows remote attackers to cause a denial of service - CVE-2015-4240
Severity: Medium
Fixlet ID: 155302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1553
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4240
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Cisco IP Communicator 8.6(4) allows remote attackers to cause a denial of service (service outage) via an unspecified URL in a GET request, aka Bug ID CSCuu37656.
***************************************************************
Title: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier - CVE-2016-7873
Severity: High
Fixlet ID: 159302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1593
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7873
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier.
***************************************************************
Title: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier - CVE-2016-7874
Severity: High
Fixlet ID: 159401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1594
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7874
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier.
***************************************************************
Title: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier - CVE-2016-7868
Severity: High
Fixlet ID: 159502
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1595
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7868
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier.
***************************************************************
Title: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier - CVE-2016-7872
Severity: High
Fixlet ID: 159601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1596
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7872
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier.
***************************************************************
Title: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier - CVE-2016-7871
Severity: High
Fixlet ID: 159702
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1597
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7871
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier.
***************************************************************
Title: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier - CVE-2016-7867
Severity: High
Fixlet ID: 159802
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1598
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7867
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier.
***************************************************************
Title: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier - CVE-2016-7870
Severity: High
Fixlet ID: 159902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1599
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7870
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier.
***************************************************************
Title: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier - CVE-2016-7875
Severity: High
Fixlet ID: 160002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1600
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7875
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier.
***************************************************************
Title: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier - CVE-2016-7869
Severity: High
Fixlet ID: 160102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1601
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7869
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in Adobe Flash Player version 23.0.0.207 and earlier.
***************************************************************
Title: Vulnerability in Adobe Flash Player versions 23.0.0.207 and earlier - CVE-2016-7877
Severity: High
Fixlet ID: 160502
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1605
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7877
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Vulnerability in Adobe Flash Player versions 23.0.0.207 and earlier - CVE-2016-7876
Severity: High
Fixlet ID: 160602
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1606
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7876
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Vulnerability in Adobe Flash Player versions 23.0.0.207 and earlier - CVE-2016-7892
Severity: High
Fixlet ID: 160701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1607
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7892
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Vulnerability in Adobe Flash Player versions 23.0.0.207 and earlier - CVE-2016-7878
Severity: High
Fixlet ID: 160801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1608
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7878
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Vulnerability in Adobe Flash Player versions 23.0.0.207 and earlier - CVE-2016-7881
Severity: High
Fixlet ID: 160902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1609
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7881
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Vulnerability in Adobe Flash Player versions 23.0.0.207 and earlier - CVE-2016-7879
Severity: High
Fixlet ID: 161001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1610
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7879
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Vulnerability in Adobe Flash Player versions 23.0.0.207 and earlier - CVE-2016-7890
Severity: High
Fixlet ID: 161102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1611
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7890
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.
***************************************************************
Title: Vulnerability in Adobe Flash Player versions 23.0.0.207 and earlier - CVE-2016-7880
Severity: High
Fixlet ID: 161202
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1612
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7880
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.
More information about the WinVulns-Announcements
mailing list