From winvulns-announcements at bigmail.bigfix.com Wed Jan 4 05:21:03 2017 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Wed, 4 Jan 2017 05:21:03 -0800 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 533 Published: Tue, 03 Jan 2017 19:45:45 GMT New Fixlets: ============ *************************************************************** Title: Win32k Elevation of Privilege Vulnerability - CVE-2016-7260 (MS16-151) Severity: High Fixlet ID: 164502 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1645 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7260 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." *************************************************************** Title: Win32k Elevation of Privilege Vulnerability - CVE-2016-7259 (MS16-151) Severity: High Fixlet ID: 164602 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1646 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7259 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Graphics Component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." *************************************************************** Title: Microsoft Browser - Memory Corruption Vulnerability - CVE-2016-7279 (MS16-144/145) Severity: High Fixlet ID: 164702 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1647 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7279 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2016-7287 (MS16-144/145) Severity: High Fixlet ID: 164801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1648 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7287 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." *************************************************************** Title: Microsoft Browser Information Disclosure Vulnerability - CVE-2016-7282 (MS16-144/145) Severity: Medium Fixlet ID: 164902 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1649 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7282 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability." *************************************************************** Title: Microsoft Browser Security Feature Bypass - CVE-2016-7281 (MS16-144/145) Severity: Low Fixlet ID: 165002 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1650 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7281 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability." *************************************************************** Title: Windows Uniscribe Remote Code Execution Vulnerability - CVE-2016-7274 (MS16-147) Severity: High Fixlet ID: 165102 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1651 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7274 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote Code Execution Vulnerability." *************************************************************** Title: .NET Information Disclosure Vulnerability - CVE-2016-7270 (MS16-155) Severity: Medium Fixlet ID: 165201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1652 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7270 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Data Provider for SQL Server in Microsoft .NET Framework 4.6.2 mishandles a developer-supplied key, which allows remote attackers to bypass the Always Encrypted protection mechanism and obtain sensitive cleartext information by leveraging key guessability, aka ".NET Information Disclosure Vulnerability." *************************************************************** Title: Secure Kernel Mode Elevation of Privilege Vulnerability - CVE-2016-7271 (MS16-150) Severity: Medium Fixlet ID: 165302 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1653 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7271 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Secure Kernel Mode implementation in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows local users to bypass the virtual trust level (VTL) protection mechanism via a crafted application, aka "Secure Kernel Mode Elevation of Privilege Vulnerability." *************************************************************** Title: Vulnerability in NVIDIA Graphics Driver (CVE-2015-7865) Severity: High Fixlet ID: 167602 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1676 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7865 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784. *************************************************************** Title: Vulnerability in Rapid7 Nexpose version 6.4.12 (CVE-2016-9757) Severity: Low Fixlet ID: 167902 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1679 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9757 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user interface, any authenticated user who has the capability to create tags can inject cross-site scripting (XSS) elements in the tag name field. Once this tag is viewed in the Tag Detail page of the Rapid7 Nexpose 6.4.12 UI by another authenticated user, the script is run in that user's browser context. From winvulns-announcements at bigmail.bigfix.com Sat Jan 14 05:21:25 2017 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Sat, 14 Jan 2017 05:21:25 -0800 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 534 Published: Fri, 13 Jan 2017 21:24:32 GMT New Fixlets: ============ *************************************************************** Title: Windows Common Log File System Driver Information Disclosure Vulnerability - CVE-2016-7295 (MS16-153) Severity: Low Fixlet ID: 168001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1680 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7295 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information from process memory via a crafted application, aka "Windows Common Log File System Driver Information Disclosure Vulnerability." *************************************************************** Title: Windows Kernel Memory Address Information Disclosure Vulnerability - CVE-2016-7258 (MS16-152) Severity: Low Fixlet ID: 168101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1681 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7258 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The kernel in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 mishandles page-fault system calls, which allows local users to obtain sensitive information from arbitrary processes via a crafted application, aka "Windows Kernel Memory Address Information Disclosure Vulnerability." *************************************************************** Title: Microsoft Office Memory Corruption Vulnerability - CVE-2016-7277 (MS16-148) Severity: High Fixlet ID: 168401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1684 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7277 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Office 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." *************************************************************** Title: Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 - CVE-2015-3104 Severity: High Fixlet ID: 168502 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1685 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3104 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK and Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors. *************************************************************** Title: Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 - CVE-2015-8446 Severity: High Fixlet ID: 168602 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1686 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8446 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK and Compiler before 20.0.0.204 allows attackers to execute arbitrary code via an MP3 file with COMM tags that are mishandled during memory allocation, a different vulnerability than CVE-2015-8438. *************************************************************** Title: Microsoft Office Information Disclosure Vulnerability - CVE-2016-7265 (MS16-148) Severity: Medium Fixlet ID: 168702 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1687 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7262 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability." *************************************************************** Title: Microsoft Office Security Feature Bypass Vulnerability - CVE-2016-7262 (MS16-148) Severity: Medium Fixlet ID: 168802 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1688 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7262 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a click, aka "Microsoft Office Security Feature Bypass Vulnerability." *************************************************************** Title: Microsoft Office Information Disclosure Vulnerability - CVE-2016-7264 (MS16-148) Severity: Medium Fixlet ID: 168901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1689 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7264 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability." *************************************************************** Title: Vulnerability in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18 - CVE-2016-6663 Severity: Medium Fixlet ID: 169101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1691 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6663 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table. *************************************************************** Title: Vulnerability in Samsung Security Manager (SSM) before 1.31 (CVE-2015-3435) Severity: High Fixlet ID: 170302 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1703 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3435 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Samsung Security Manager (SSM) before 1.31 allows remote attackers to execute arbitrary code by uploading a file with an HTTP (1) PUT or (2) MOVE request. *************************************************************** Title: Vulnerability - CVE-2017-0004 (MS17-004) Severity: High Fixlet ID: 170501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1705 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0004 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: LSASS service From winvulns-announcements at bigmail.bigfix.com Sun Jan 15 23:52:37 2017 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Mon, 16 Jan 2017 07:52:37 +0000 Subject: [Winvulns-announcements] Patch Notification Message-ID: Dear, Why I cannot get New Update Patch Notification in this months, Thanks Deny Ramdhani Phone: 02130442000 Ext.8177 | 08158011120 "Kaseya Asset Management & Software Ditribution" ------------------------------------------------------------------------------------------------------------ Workshop IT Room, Gd. KPPTI Lt. 5 PB Medan Merdeka Barat No.21 Jakarta 10110 ***** "This message is intended only for recipients who are authorized to receive it. It contains confidential and/ or legally privileged information belonging to PT INDOSAT Tbk ("INDOSATOOREDOO"), therefore the authorized recipients shall protect this confidential information disclosed pursuant to provisions of Indosat's policy. If you are not a valid recipient of this message, please delete it from your system and/ or destroy all of the tangible material produced from the information herein together with all copies or reproductions thereof and notify the sender immediately. Please also be notified that any disclosure, copying, distribution or taking any action based on the contents of this message is strictly prohibited and may be unlawful". ***** -------------- next part -------------- An HTML attachment was scrubbed... URL: From winvulns-announcements at bigmail.bigfix.com Thu Jan 19 05:20:59 2017 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Thu, 19 Jan 2017 05:20:59 -0800 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 535 Published: Wed, 18 Jan 2017 23:34:25 GMT New Fixlets: ============ *************************************************************** Title: Microsoft Edge Elevation of Privilege Vulnerability - CVE-2017-0002 (MS17-001) Severity: Medium Fixlet ID: 170602 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1706 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0002 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge allows remote attackers to bypass the Same Origin Policy via vectors involving the about:blank URL and data: URLs, aka "Microsoft Edge Elevation of Privilege Vulnerability." *************************************************************** Title: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability - CVE-2017-2939 Severity: High Fixlet ID: 171502 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1715 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2939 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing a malformed cross-reference table. Successful exploitation could lead to arbitrary code execution.