[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Tue Jun 7 05:21:11 PDT 2016
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 491 Published: Mon, 06 Jun 2016 20:16:54 GMT
New Fixlets:
============
***************************************************************
Title: RPC Network Data Representation Engine Remote Code Execution Vulnerability - CVE-2016-0178 (MS16-061)
Severity: High
Fixlet ID: 77101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A771
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0178
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles free operations, which allows remote attackers to execute arbitrary code via malformed RPC requests, aka "RPC Network Data Representation Engine Elevation of Privilege Vulnerability."
***************************************************************
Title: Microsoft Office Malformed EPS File Vulnerability - CVE-2015-2545 (MS15-099)
Severity: High
Fixlet ID: 77201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A772
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2545
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."
***************************************************************
Title: Microsoft Office Memory Corruption Vulnerability - CVE-2016-0198 (MS16-054)
Severity: High
Fixlet ID: 77301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A773
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0198
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
More information about the WinVulns-Announcements
mailing list