From winvulns-announcements at bigmail.bigfix.com  Fri May 20 05:20:59 2016
From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages)
Date: Fri, 20 May 2016 05:20:59 -0700
Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets
	Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Message-ID: <mailman.200.1463746861.6194.winvulns-announcements@bigmail.bigfix.com>

Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 486	Published: Thu, 19 May 2016 18:02:55  GMT

New Fixlets:
============

***************************************************************
Title: Windows CSRSS Security Feature Bypass Vulnerability - CVE-2016-0151 (MS16-048)
Severity: High
Fixlet ID: 49702
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A497
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0151
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The Client-Server Run-time Subsystem (CSRSS) in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mismanages process tokens, which allows local users to gain privileges via a crafted application, aka "Windows CSRSS Security Feature Bypass Vulnerability."

***************************************************************
Title: Microsoft Office Memory Corruption Vulnerability - CVE-2016-0127 (MS16-042)
Severity: High
Fixlet ID: 49801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A498
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0127
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability.

***************************************************************
Title: .NET Framework Remote Code Execution Vulnerability - CVE-2016-0148 (MS16-041)
Severity: High
Fixlet ID: 49901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A499
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0148
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, which allows local users to gain privileges via a crafted application, aka ".NET Framework Remote Code Execution Vulnerability."

***************************************************************
Title: Graphics Memory Corruption Vulnerability - CVE-2016-0145 (MS16-039)
Severity: High
Fixlet ID: 50002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A500
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0145
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold and 1511; Office 2007 SP3 and 2010 SP2; Word Viewer; .NET Framework 3.0 SP2, 3.5, and 3.5.1; Skype for Business 2016; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Graphics Memory Corruption Vulnerability."

***************************************************************
Title: Windows OLE Remote Code Execution Vulnerability - CVE-2016-0153 (MS16-044)
Severity: High
Fixlet ID: 50101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A501
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0153
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Remote Code Execution Vulnerability."

***************************************************************
Title: Microsoft Office Memory Corruption Vulnerability - CVE-2016-0136 (MS16-042)
Severity: High
Fixlet ID: 50202
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A502
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0136
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

***************************************************************
Title: Microsoft Office Memory Corruption Vulnerability - CVE-2016-0139 (MS16-042)
Severity: High
Fixlet ID: 50301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A503
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0139
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Excel 2010 SP2, Word for Mac 2011, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

***************************************************************
Title: Microsoft Office Memory Corruption Vulnerability - CVE-2016-0122 (MS16-042)
Severity: High
Fixlet ID: 50401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A504
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0122
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

***************************************************************
Title: Microsoft Edge Elevation of Privilege Vulnerability - CVE-2016-0161 (MS16-038)
Severity: Medium
Fixlet ID: 50501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A505
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0161
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158.

***************************************************************
Title: Scripting Engine Memory Corruption Vulnerability - CVE-2016-0187 (MS16-053)
Severity: High
Fixlet ID: 50702
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A507
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0187
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The Microsoft (1) JScript 5.8 and (2) VBScript 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0189.

***************************************************************
Title: Microsoft Edge Memory Corruption Vulnerability - CVE-2016-0157 (MS16-038)
Severity: High
Fixlet ID: 50802
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A508
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0157
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted website, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-0156.

***************************************************************
Title: Scripting Engine Memory Corruption Vulnerability - CVE-2016-0189 (MS16-053)
Severity: High
Fixlet ID: 50902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A509
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0189
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0187.

***************************************************************
Title: Remote Desktop Protocol Drive Redirection Information Disclosure Vulnerability - CVE-2016-0190 (MS16-067)
Severity: Medium
Fixlet ID: 51002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A510
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0190
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Volume Manager Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 does not properly check whether RemoteFX RDP USB disk accesses originate from the user who mounted a disk, which allows local users to read arbitrary files on these disks via RemoteFX requests, aka "Remote Desktop Protocol Drive Redirection Information Disclosure Vulnerability."

***************************************************************
Title: Microsoft Edge Memory Corruption Vulnerability - CVE-2016-0155 (MS16-038)
Severity: High
Fixlet ID: 51102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A511
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0155
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted website, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0156 and CVE-2016-0157.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 - CVE-2016-0636
Severity: High
Fixlet ID: 51202
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A512
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0636
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.

***************************************************************
Title: Microsoft Browser Memory Corruption Vulnerability - CVE-2016-0154 (MS16-037)
Severity: High
Fixlet ID: 51401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A514
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0154
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

***************************************************************
Title: Microsoft Edge Elevation of Privilege Vulnerability - CVE-2016-0158 (MS16-038)
Severity: Medium
Fixlet ID: 51502
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A515
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0158
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0161.

***************************************************************
Title: Microsoft Edge Memory Corruption Vulnerability - CVE-2016-0156 (MS16-038)
Severity: High
Fixlet ID: 51902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A519
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0156
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-0157.

***************************************************************
Title: Windows Shell Remote Code Execution Vulnerability - CVE-2016-0179 (MS16-057)
Severity: High
Fixlet ID: 52002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A520
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0179
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Shell Remote Code Execution Vulnerability."


From winvulns-announcements at bigmail.bigfix.com  Tue May 24 05:21:07 2016
From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages)
Date: Tue, 24 May 2016 05:21:07 -0700
Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets
	Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Message-ID: <mailman.275.1464092469.6194.winvulns-announcements@bigmail.bigfix.com>

Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 487	Published: Mon, 23 May 2016 17:58:58  GMT

New Fixlets:
============

***************************************************************
Title: Vulnerability in Google Chrome before 50.0.2661.102 (CVE-2016-1670)
Severity: Medium
Fixlet ID: 60401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A604
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1670
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID.

***************************************************************
Title: Vulnerability in Google Chrome before 50.0.2661.102 (CVE-2016-1669)
Severity: High
Fixlet ID: 60502
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A605
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1669
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

***************************************************************
Title: Vulnerability in Google Chrome before 50.0.2661.102 (CVE-2016-1668)
Severity: High
Fixlet ID: 60602
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A606
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1668
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.102, uses an improper creation context, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

***************************************************************
Title: Vulnerability in Google Chrome before 50.0.2661.102 (CVE-2016-1667)
Severity: High
Fixlet ID: 60702
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A607
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1667
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

***************************************************************
Title: Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 (CVE-2016-1111)
Severity: High
Fixlet ID: 62201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A622
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1111
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted Graphics State dictionary.

***************************************************************
Title: Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1090)
Severity: High
Fixlet ID: 62402
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A624
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1090
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows local users to gain privileges via a Trojan horse resource in an unspecified directory.

***************************************************************
Title: Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4106)
Severity: High
Fixlet ID: 63002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A630
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4106
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows local users to gain privileges via a Trojan horse resource in an unspecified directory.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1079)
Severity: High
Fixlet ID: 67002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A670
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1079
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to obtain sensitive information from process memory via unspecified vectors.

***************************************************************
Title: Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1087)
Severity: High
Fixlet ID: 68202
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A682
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1087
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows local users to gain privileges via a Trojan horse resource in an unspecified directory.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1092)
Severity: High
Fixlet ID: 69301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A693
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1092
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to obtain sensitive information from process memory via unspecified vectors.

***************************************************************
Title: Hypervisor Code Integrity Security Feature Bypass (CVE-2016-0181)
Severity: Medium
Fixlet ID: 69502
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A695
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0181
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Windows 10 Gold and 1511 allows local users to bypass the Virtual Secure Mode Hypervisor Code Integrity (HVCI) protection mechanism and perform RWX markings of kernel-mode pages via a crafted application, aka "Hypervisor Code Integrity Security Feature Bypass."

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-3422)
Severity: Medium
Fixlet ID: 70002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A700
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3422
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-3449)
Severity: High
Fixlet ID: 70102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A701
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3449
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.

***************************************************************
Title: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 (CVE-2016-3417)
Severity: Medium
Fixlet ID: 70201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A702
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3417
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to PIA Search Functionality.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 8u77 (CVE-2016-3426)
Severity: Low
Fixlet ID: 70301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A703
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3426
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.

***************************************************************
Title: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 (CVE-2016-3442)
Severity: Medium
Fixlet ID: 70402
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A704
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3442
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Portal.

***************************************************************
Title: Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier (CVE-2016-0652)
Severity: Medium
Fixlet ID: 70501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A705
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0652
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to DML.

***************************************************************
Title: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 (CVE-2016-3423)
Severity: Medium
Fixlet ID: 70601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A706
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3423
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Rich Text Editor, a different vulnerability than CVE-2016-0698.

***************************************************************
Title: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 (CVE-2016-0679)
Severity: High
Fixlet ID: 70702
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A707
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0679
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect integrity and availability via vectors related to PIA Grids.

***************************************************************
Title: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 (CVE-2016-0683)
Severity: Medium
Fixlet ID: 70802
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A708
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0683
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Search Framework.

***************************************************************
Title: Unspecified vulnerability in Oracle Virtualization VirtualBox before 5.0.18 (CVE-2016-0678)
Severity: Medium
Fixlet ID: 71002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A710
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0678
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.18 allows local users to affect confidentiality, integrity, and availability via vectors related to Core.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-3449)
Severity: High
Fixlet ID: 71302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A713
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3449
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.

***************************************************************
Title: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 (CVE-2016-0698)
Severity: Medium
Fixlet ID: 71402
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A714
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0698
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Rich Text Editor, a different vulnerability than CVE-2016-3423.

***************************************************************
Title: Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier (CVE-2016-0640)
Severity: Medium
Fixlet ID: 71501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A715
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0640
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier allows local users to affect integrity and availability via vectors related to DML.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 8u77 (CVE-2016-3426)
Severity: Low
Fixlet ID: 71701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A717
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3426
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.

***************************************************************
Title: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 (CVE-2016-3421)
Severity: High
Fixlet ID: 71902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A719
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3421
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Activity Guide.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-3425)
Severity: Medium
Fixlet ID: 72001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A720
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3425
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-3425)
Severity: Medium
Fixlet ID: 72102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A721
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3425
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-0695)
Severity: Medium
Fixlet ID: 72202
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A722
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0695
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.

***************************************************************
Title: Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier (CVE-2016-0646)
Severity: Medium
Fixlet ID: 72401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A724
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0646
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier allows local users to affect availability via vectors related to DML.

***************************************************************
Title: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 (CVE-2016-0685)
Severity: Medium
Fixlet ID: 72501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A725
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0685
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to File Processing.

***************************************************************
Title: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 through 8.55 (CVE-2016-0408)
Severity: Medium
Fixlet ID: 72801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A728
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0408
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 through 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to the Activity Guide sub-component.

***************************************************************
Title: Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier (CVE-2016-0644)
Severity: Medium
Fixlet ID: 72901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A729
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0644
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier allows local users to affect availability via vectors related to DDL.

***************************************************************
Title: Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier (CVE-2016-0647)
Severity: Medium
Fixlet ID: 73001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A730
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0647
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect availability via vectors related to FTS.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-3422)
Severity: Medium
Fixlet ID: 73601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A736
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3422
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-0695)
Severity: Medium
Fixlet ID: 73701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A737
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0695
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.

***************************************************************
Title: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 (CVE-2016-3435)
Severity: Medium
Fixlet ID: 73802
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A738
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3435
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect availability via vectors related to PIA Core Technology.

***************************************************************
Title: TLS/SSL Information Disclosure Vulnerability - CVE-2016-0149 (MS16-065)
Severity: Medium
Fixlet ID: 73901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A739
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0149
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows man-in-the-middle attackers to obtain sensitive cleartext information via vectors involving injection of cleartext data into the client-server data stream, aka "TLS/SSL Information Disclosure Vulnerability."

***************************************************************
Title: Windows Journal Memory Corruption Vulnerability - CVE-2016-0182 (MS16-056)
Severity: High
Fixlet ID: 74002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A740
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0182
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal (aka .jnt) file, aka "Windows Journal Memory Corruption Vulnerability."

***************************************************************
Title: Internet Explorer Security Feature Bypass - CVE-2016-0188 (MS16-051)
Severity: High
Fixlet ID: 74101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A741
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0188
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka "Internet Explorer Security Feature Bypass."

***************************************************************
Title: Microsoft Browser Memory Corruption Vulnerability - CVE-2016-0192 (MS16-051)
Severity: High
Fixlet ID: 74201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A742
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0192
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

***************************************************************
Title: Internet Explorer Information Disclosure Vulnerability - CVE-2016-0194 (MS16-051)
Severity: Medium
Fixlet ID: 74302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A743
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0194
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass file permissions and obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."

***************************************************************
Title: Direct3D Use After Free Vulnerability - CVE-2016-0184 (MS16-055)
Severity: High
Fixlet ID: 74401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A744
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0184
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka "Direct3D Use After Free Vulnerability."

***************************************************************
Title: Windows Imaging Component Memory Corruption Vulnerability - CVE-2016-0195 (MS16-055)
Severity: High
Fixlet ID: 74502
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A745
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0195
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The Imaging Component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka "Windows Imaging Component Memory Corruption Vulnerability."


From winvulns-announcements at bigmail.bigfix.com  Fri May 27 05:21:09 2016
From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages)
Date: Fri, 27 May 2016 05:21:09 -0700
Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets
	Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Message-ID: <mailman.373.1464351671.6194.winvulns-announcements@bigmail.bigfix.com>

Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 488	Published: Thu, 26 May 2016 17:58:28  GMT

New Fixlets:
============

***************************************************************
Title: Win32k Elevation of Privilege Vulnerability - CVE-2016-0173 (MS16-062)
Severity: High
Fixlet ID: 76001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A760
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0173
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0171, CVE-2016-0174, and CVE-2016-0196.

***************************************************************
Title: Win32k Elevation of Privilege Vulnerability - CVE-2016-0174 (MS16-062)
Severity: High
Fixlet ID: 76102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A761
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0174
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0171, CVE-2016-0173, and CVE-2016-0196.

***************************************************************
Title: Win32k Information Disclosure Vulnerability - CVE-2016-0175 (MS16-062)
Severity: Low
Fixlet ID: 76202
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A762
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0175
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to obtain sensitive information about kernel-object addresses, and consequently bypass the KASLR protection mechanism, via a crafted application, aka "Win32k Information Disclosure Vulnerability."

***************************************************************
Title: Win32k Elevation of Privilege Vulnerability - CVE-2016-0171 (MS16-062)
Severity: High
Fixlet ID: 76302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A763
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0171
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0173, CVE-2016-0174, and CVE-2016-0196.


From winvulns-announcements at bigmail.bigfix.com  Sat May 28 05:21:11 2016
From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages)
Date: Sat, 28 May 2016 05:21:11 -0700
Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets
	Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Message-ID: <mailman.379.1464438073.6194.winvulns-announcements@bigmail.bigfix.com>

Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 489	Published: Fri, 27 May 2016 17:43:39  GMT

New Fixlets:
============

***************************************************************
Title: Adobe Flash Player Remote Code Execution Vulnerability - CVE-2016-4117
Severity: High
Fixlet ID: 51302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A513
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4117
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4105)
Severity: High
Fixlet ID: 60802
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A608
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4105
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4097)
Severity: High
Fixlet ID: 60902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A609
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4097
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1057)
Severity: High
Fixlet ID: 61001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A610
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1057
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1123)
Severity: High
Fixlet ID: 61101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A611
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1123
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1080)
Severity: High
Fixlet ID: 61201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A612
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1080
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4107)
Severity: High
Fixlet ID: 61301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A613
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4107
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4092)
Severity: High
Fixlet ID: 61401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A614
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4092
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4102)
Severity: High
Fixlet ID: 61501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A615
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4102
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1130)
Severity: High
Fixlet ID: 61601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A616
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1130
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1054)
Severity: High
Fixlet ID: 61701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A617
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1054
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1050)
Severity: High
Fixlet ID: 61802
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A618
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1050
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1129)
Severity: High
Fixlet ID: 61901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A619
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1129
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1059)
Severity: High
Fixlet ID: 62001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A620
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1059
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1119)
Severity: High
Fixlet ID: 62101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A621
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1119
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1038)
Severity: High
Fixlet ID: 62301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A623
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1038
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.

***************************************************************
Title: Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1043)
Severity: High
Fixlet ID: 62502
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A625
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1043
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1039)
Severity: High
Fixlet ID: 62601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A626
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1039
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1045)
Severity: High
Fixlet ID: 62801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A628
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1045
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1076)
Severity: High
Fixlet ID: 62902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A629
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1076
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4104)
Severity: High
Fixlet ID: 63101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A631
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4104
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1042)
Severity: High
Fixlet ID: 63202
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A632
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1042
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1085)
Severity: High
Fixlet ID: 63301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A633
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1085
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1077)
Severity: High
Fixlet ID: 63401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A634
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1077
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1044)
Severity: High
Fixlet ID: 63501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A635
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1044
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1127)
Severity: High
Fixlet ID: 63602
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A636
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1127
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1071)
Severity: High
Fixlet ID: 63701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A637
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1071
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1094)
Severity: High
Fixlet ID: 63802
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A638
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1094
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4103)
Severity: High
Fixlet ID: 63902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A639
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4103
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4096)
Severity: High
Fixlet ID: 64001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A640
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4096
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1072)
Severity: High
Fixlet ID: 64101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A641
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1072
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1052)
Severity: High
Fixlet ID: 64201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A642
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1052
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1058)
Severity: High
Fixlet ID: 64302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A643
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1058
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1078)
Severity: High
Fixlet ID: 64402
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A644
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1078
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1073)
Severity: High
Fixlet ID: 64501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A645
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1073
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1084)
Severity: High
Fixlet ID: 64601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A646
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1084
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1081)
Severity: High
Fixlet ID: 64701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A647
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1081
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4098)
Severity: High
Fixlet ID: 64801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A648
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4098
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1037)
Severity: High
Fixlet ID: 64901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A649
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1037
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4101)
Severity: High
Fixlet ID: 65001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A650
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4101
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1051)
Severity: High
Fixlet ID: 65101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A651
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1051
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1116)
Severity: High
Fixlet ID: 65201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A652
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1116
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1086)
Severity: High
Fixlet ID: 65302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A653
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1086
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1125)
Severity: High
Fixlet ID: 65401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A654
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1125
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1118)
Severity: High
Fixlet ID: 65501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A655
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1118
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1112)
Severity: High
Fixlet ID: 65601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A656
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1112
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to obtain sensitive information via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4089)
Severity: High
Fixlet ID: 65701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A657
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4089
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1040)
Severity: High
Fixlet ID: 65801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A658
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1040
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1126)
Severity: High
Fixlet ID: 65901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A659
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1126
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1082)
Severity: High
Fixlet ID: 66001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A660
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1082
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4099)
Severity: High
Fixlet ID: 66101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A661
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4099
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1049)
Severity: High
Fixlet ID: 66201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A662
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1049
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4093)
Severity: High
Fixlet ID: 66302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A663
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4093
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4091)
Severity: High
Fixlet ID: 66401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A664
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4091
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1047)
Severity: High
Fixlet ID: 66501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A665
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1047
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1120)
Severity: High
Fixlet ID: 66601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A666
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1120
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1093)
Severity: High
Fixlet ID: 66701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A667
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1093
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1117)
Severity: High
Fixlet ID: 66802
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A668
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1117
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1083)
Severity: High
Fixlet ID: 66902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A669
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1083
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1056)
Severity: High
Fixlet ID: 67102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A671
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1056
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1041)
Severity: High
Fixlet ID: 67201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A672
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1041
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1046)
Severity: High
Fixlet ID: 67302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A673
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1046
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1053)
Severity: High
Fixlet ID: 67401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A674
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1053
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1070)
Severity: High
Fixlet ID: 67502
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A675
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1070
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1124)
Severity: High
Fixlet ID: 67601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A676
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1124
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1088)
Severity: High
Fixlet ID: 67802
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A678
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1088
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1048)
Severity: High
Fixlet ID: 67902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A679
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1048
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1074)
Severity: High
Fixlet ID: 68001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A680
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1074
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1121)
Severity: High
Fixlet ID: 68102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A681
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1121
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4094)
Severity: High
Fixlet ID: 68302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A683
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4094
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1122)
Severity: High
Fixlet ID: 68502
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A685
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1122
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4090)
Severity: High
Fixlet ID: 68602
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A686
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4090
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4100)
Severity: High
Fixlet ID: 68802
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A688
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4100
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1128)
Severity: High
Fixlet ID: 68902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A689
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1128
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1095)
Severity: High
Fixlet ID: 69002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A690
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1095
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1055)
Severity: High
Fixlet ID: 69101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A691
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1055
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-4088)
Severity: High
Fixlet ID: 69202
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A692
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4088
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

***************************************************************
Title: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 (CVE-2016-1075)
Severity: High
Fixlet ID: 69402
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A694
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1075
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows allows attackers to execute arbitrary code via unspecified vectors.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-3443)
Severity: High
Fixlet ID: 70902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A709
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3443
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-0687)
Severity: High
Fixlet ID: 71101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A711
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0687
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-0687)
Severity: High
Fixlet ID: 71202
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A712
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0687
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-3427)
Severity: High
Fixlet ID: 71602
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A716
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3427
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-0686)
Severity: High
Fixlet ID: 71802
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A718
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0686
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-0686)
Severity: High
Fixlet ID: 72302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A723
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0686
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.

***************************************************************
Title: Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier (CVE-2016-0639)
Severity: High
Fixlet ID: 72702
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A727
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0639
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication.

***************************************************************
Title: Double free vulnerability in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g (CVE-2016-0705)
Severity: High
Fixlet ID: 73102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A731
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0705
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-3427)
Severity: High
Fixlet ID: 73201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A732
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3427
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

***************************************************************
Title: Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 (CVE-2016-3454)
Severity: High
Fixlet ID: 73302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A733
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3454
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 (CVE-2016-3443)
Severity: High
Fixlet ID: 73501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A735
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3443
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.

***************************************************************
Title: Win32k Elevation of Privilege Vulnerability - CVE-2016-0196 (MS16-062)
Severity: High
Fixlet ID: 76402
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A764
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0196
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0171, CVE-2016-0173, and CVE-2016-0174.