[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Tue Jun 21 05:20:57 PDT 2016
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 495 Published: Mon, 20 Jun 2016 17:56:10 GMT
New Fixlets:
============
***************************************************************
Title: Scripting Engine Memory Corruption Vulnerability - CVE-2016-3210 (MS16-063)
Severity: High
Fixlet ID: 82901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A829
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3210
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Scripting Engine Memory Corruption Vulnerability.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2016-0199 (MS16-063)
Severity: High
Fixlet ID: 85801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A858
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0199
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory.
***************************************************************
Title: Group Policy Elevation of Privilege Vulnerability - CVE-2016-3223 (MS16-072)
Severity: High
Fixlet ID: 85901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A859
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3223
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates.
***************************************************************
Title: Windows PDF Remote Code Execution Vulnerability - CVE-2016-3203 (MS16-068)
Severity: High
Fixlet ID: 86001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A860
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3203
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists in Microsoft Windows if a user opens a specially crafted .pdf file.
***************************************************************
Title: WPAD Elevation of Privilege Vulnerability - CVE-2016-3213 (MS16-063/077)
Severity: High
Fixlet ID: 86101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A861
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3213
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An elevation of privilege vulnerability exists in Microsoft Windows when the Web Proxy Auto Discovery (WPAD) protocol falls back to a vulnerable proxy discovery process.
***************************************************************
Title: Scripting Engine Memory Corruption Vulnerability - CVE-2016-3222 (MS16-068)
Severity: High
Fixlet ID: 86201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A862
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3222
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Scripting Engine Memory Corruption Vulnerability.
***************************************************************
Title: Scripting Engine Memory Corruption Vulnerability - CVE-2016-3214 (MS16-068)
Severity: High
Fixlet ID: 86301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A863
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3214
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Scripting Engine Memory Corruption Vulnerability.
***************************************************************
Title: Microsoft Edge Security Feature Bypass - CVE-2016-3198 (MS16-068)
Severity: Medium
Fixlet ID: 86401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A864
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3198
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A security feature bypass exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2016-0200 (MS16-063)
Severity: High
Fixlet ID: 86501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A865
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0200
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory.
***************************************************************
Title: Windows WPAD Proxy Discovery Elevation of Privilege Vulnerability - CVE-2016-3236 (MS16-077)
Severity: High
Fixlet ID: 86601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A866
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3236
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An elevation of privilege vulnerability exists when Microsoft Windows improperly handles certain proxy discovery scenarios using the Web Proxy Auto Discovery (WPAD) protocol method.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2016-3211 (MS16-063)
Severity: High
Fixlet ID: 86701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A867
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3211
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory.
***************************************************************
Title: Windows PDF Information Disclosure Vulnerability - CVE-2016-3215 (MS16-068)
Severity: Medium
Fixlet ID: 86801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A868
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3215
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Information disclosure vulnerabilities exist in Microsoft Windows when a user opens a specially crafted .pdf file.
***************************************************************
Title: Internet Explorer XSS Filter Vulnerability - CVE-2016-3212 (MS16-063)
Severity: Medium
Fixlet ID: 86901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A869
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3212
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists when the Internet Explorer XSS Filter does not properly validate JavaScript under specific conditions.
***************************************************************
Title: Windows DNS Server Use After Free Vulnerability - CVE-2016-3227 (MS16-071)
Severity: High
Fixlet ID: 87101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A871
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3227
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests.
***************************************************************
Title: Scripting Engine Memory Corruption Vulnerability - CVE-2016-3199 (MS16-068)
Severity: High
Fixlet ID: 87201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A872
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3199
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Scripting Engine Memory Corruption Vulnerability.
More information about the WinVulns-Announcements
mailing list