From winvulns-announcements at bigmail.bigfix.com Tue Jun 6 05:21:18 2017 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Tue, 6 Jun 2017 05:21:18 -0700 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 546 Published: Mon, 05 Jun 2017 20:11:17 GMT New Fixlets: ============ *************************************************************** Title: Microsoft Office Remote Code Execution Vulnerability - CVE-2017-0262 Severity: High Fixlet ID: 233201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2332 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0262 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281. *************************************************************** Title: Windows SMB Information Disclosure Vulnerability - CVE-2017-0271 Severity: Medium Fixlet ID: 233401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2334 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0271 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-0267, CVE-2017-0268, CVE-2017-0270, CVE-2017-0274, CVE-2017-0275, and CVE-2017-0276. *************************************************************** Title: Windows SMB Denial of Service Vulnerability - CVE-2017-0273 Severity: Medium Fixlet ID: 233501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2335 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0273 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0280. *************************************************************** Title: Windows SMB Information Disclosure Vulnerability - CVE-2017-0268 Severity: Medium Fixlet ID: 233601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2336 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0268 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-0267, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, CVE-2017-0275, and CVE-2017-0276. *************************************************************** Title: Windows SMB Information Disclosure Vulnerability - CVE-2017-0275 Severity: Medium Fixlet ID: 233701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2337 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0275 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-0267, CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, and CVE-2017-0276. *************************************************************** Title: Windows SMB Remote Code Execution Vulnerability - CVE-2017-0272 Severity: High Fixlet ID: 233801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2338 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0272 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0277, CVE-2017-0278, and CVE-2017-0279. *************************************************************** Title: Windows SMB Information Disclosure Vulnerability - CVE-2017-0274 Severity: Medium Fixlet ID: 233901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2339 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0274 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-0267, CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0275, and CVE-2017-0276. *************************************************************** Title: Windows SMB Information Disclosure Vulnerability - CVE-2017-0270 Severity: Medium Fixlet ID: 234001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2340 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0270 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-0267, CVE-2017-0268, CVE-2017-0271, CVE-2017-0274, CVE-2017-0275, and CVE-2017-0276. *************************************************************** Title: Windows SMB Denial of Service Vulnerability - CVE-2017-0280 Severity: High Fixlet ID: 234101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2341 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0280 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0273. *************************************************************** Title: Windows SMB Remote Code Execution Vulnerability - CVE-2017-0278 Severity: Medium Fixlet ID: 234201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2342 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0278 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0272, CVE-2017-0277, and CVE-2017-0279. *************************************************************** Title: Windows SMB Information Disclosure Vulnerability - CVE-2017-0276 Severity: Medium Fixlet ID: 234302 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2343 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0276 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-0267, CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, and CVE-2017-0275. *************************************************************** Title: Windows SMB Remote Code Execution Vulnerability - CVE-2017-0277 Severity: Medium Fixlet ID: 234401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2344 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0277 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0272, CVE-2017-0278, and CVE-2017-0279. *************************************************************** Title: Windows SMB Denial of Service Vulnerability - CVE-2017-0269 Severity: Medium Fixlet ID: 234501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2345 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0269 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0273 and CVE-2017-0280. *************************************************************** Title: Windows SMB Information Disclosure Vulnerability - CVE-2017-0267 Severity: Medium Fixlet ID: 234601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2346 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0267 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, CVE-2017-0275, and CVE-2017-0276. *************************************************************** Title: Windows SMB Remote Code Execution Vulnerability - CVE-2017-0279 Severity: Medium Fixlet ID: 234701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2347 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0279 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0272, CVE-2017-0277, and CVE-2017-0278. *************************************************************** Title: Microsoft Edge Memory Corruption Vulnerability - CVE-2017-0227 Severity: High Fixlet ID: 235102 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2351 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0227 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0240. *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-0236 Severity: High Fixlet ID: 235201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2352 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0236 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0238. *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-0230 Severity: High Fixlet ID: 235401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2354 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0230 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238. *************************************************************** Title: Internet Explorer Memory Corruption Vulnerability - CVE-2017-0222 Severity: High Fixlet ID: 235601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2356 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0222 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0226. *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-0240 Severity: High Fixlet ID: 235701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2357 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0240 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0227. *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-0238 Severity: High Fixlet ID: 236001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2360 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0238 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript scripting engines handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0236. *************************************************************** Title: Microsoft Edge Remote Code Execution Vulnerability - CVE-2017-0266 Severity: High Fixlet ID: 236201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2362 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0266 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability." *************************************************************** Title: Microsoft Edge Memory Corruption Vulnerability - CVE-2017-0221 Severity: High Fixlet ID: 236301 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2363 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0221 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0227 and CVE-2017-0240. *************************************************************** Title: Microsoft Edge Elevation of Privilege Vulnerability - CVE-2017-0233 Severity: Medium Fixlet ID: 236401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2364 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0233 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0241. *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-0235 Severity: High Fixlet ID: 236501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2365 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0235 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0236, and CVE-2017-0238. *************************************************************** Title: Internet Explorer Security Feature Bypass Vulnerability - CVE-2017-0064 Severity: Medium Fixlet ID: 236601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2366 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0064 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A security feature bypass vulnerability exists in Internet Explorer that allows for bypassing Mixed Content warnings, aka "Internet Explorer Security Feature Bypass Vulnerability." *************************************************************** Title: Microsoft Malware Protection Engine Remote Code Execution Vulnerability - CVE-2017-0290 Severity: High Fixlet ID: 237201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2372 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0290 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 does not properly scan a specially crafted file leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." *************************************************************** Title: Windows Hyper-V vSMB Elevation of Privilege Vulnerability - CVE-2017-0212 Severity: Medium Fixlet ID: 237301 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2373 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0212 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Windows Hyper-V allows an elevation of privilege vulnerability when Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 fail to properly validate vSMB packet data, aka "Windows Hyper-V vSMB Elevation of Privilege Vulnerability". *************************************************************** Title: Dxgkrnl.sys Elevation of Privilege Vulnerability - CVE-2017-0077 Severity: High Fixlet ID: 237401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2374 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0077 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow a local authenticated attacker to execute a specially crafted application to obtain information, or in Windows 7 and later, cause denial of service, aka "Win32k Information Disclosure Vulnerability." *************************************************************** Title: Windows COM Elevation of Privilege Vulnerability - CVE-2017-0214 Severity: Medium Fixlet ID: 237501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2375 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0214 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when Windows fails to properly validate input before loading type libraries, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0213. *************************************************************** Title: Windows COM Elevation of Privilege Vulnerability - CVE-2017-0213 Severity: Low Fixlet ID: 237601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2376 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0213 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214. *************************************************************** Title: Windows Kernel Information Disclosure Vulnerability - CVE-2017-0258 Severity: Low Fixlet ID: 237701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2377 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0258 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0220, and CVE-2017-0259. *************************************************************** Title: Windows Kernel Information Disclosure Vulnerability - CVE-2017-0175 Severity: Low Fixlet ID: 237801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2378 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0175 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0220, CVE-2017-0258, and CVE-2017-0259. *************************************************************** Title: Windows Kernel Information Disclosure Vulnerability - CVE-2017-0259 Severity: Low Fixlet ID: 237902 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2379 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0259 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0220, and CVE-2017-0258. *************************************************************** Title: Windows Kernel Elevation of Privilege Vulnerability - CVE-2017-0244 Severity: Medium Fixlet ID: 238001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2380 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0244 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows locally authenticated attackers to gain privileges via a crafted application, or in Windows 7 for x64-based systems, cause denial of service, aka "Windows Kernel Elevation of Privilege Vulnerability." *************************************************************** Title: Win32k Elevation of Privilege Vulnerability - CVE-2017-0246 Severity: Medium Fixlet ID: 238102 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2381 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0246 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Graphics Component in the kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application or in Windows 7 for x64-based Systems and later, cause denial of service, aka "Win32k Elevation of Privilege Vulnerability." *************************************************************** Title: Win32k Elevation of Privilege Vulnerability - CVE-2017-0263 Severity: High Fixlet ID: 238201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2382 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0263 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." *************************************************************** Title: Win32k Information Disclosure Vulnerability - CVE-2017-0245 Severity: Low Fixlet ID: 238301 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2383 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0245 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 Gold allow a local authenticated attacker to execute a specially crafted application to obtain kernel information, aka "Win32k Information Disclosure Vulnerability." *************************************************************** Title: Windows Kernel Information Disclosure Vulnerability - CVE-2017-0220 Severity: Low Fixlet ID: 238401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2384 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0220 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gold allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0258, and CVE-2017-0259. *************************************************************** Title: Windows GDI Information Disclosure Vulnerability - CVE-2017-0190 Severity: Low Fixlet ID: 238502 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2385 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0190 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure Vulnerability." *************************************************************** Title: Vulnerability in Adobe Flash Player versions 25.0.0.148 and earlier - CVE-2017-3068 Severity: High Fixlet ID: 238601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2386 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3068 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution. *************************************************************** Title: Vulnerability in Adobe Flash Player versions 25.0.0.148 and earlier - CVE-2017-3070 Severity: High Fixlet ID: 238701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2387 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3070 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution. *************************************************************** Title: Vulnerability in Adobe Flash Player versions 25.0.0.148 and earlier - CVE-2017-3069 Severity: High Fixlet ID: 238801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2388 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3069 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution. *************************************************************** Title: Microsoft SharePoint XSS Vulnerability - CVE-2017-0255 Severity: Low Fixlet ID: 238901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2389 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0255 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft SharePoint Foundation 2013 SP1 allows an elevation of privilege vulnerability when it does not properly sanitize a specially crafted web request, aka "Microsoft SharePoint XSS Vulnerability". *************************************************************** Title: Windows DNS Server Denial of Service Vulnerability - CVE-2017-0171 Severity: Medium Fixlet ID: 239001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2390 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0171 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Windows DNS Server allows a denial of service vulnerability when Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 are configured to answer version queries, aka "Windows DNS Server Denial of Service Vulnerability". *************************************************************** Title: Microsoft ActiveX Information Disclosure Vulnerability - CVE-2017-0242 Severity: Medium Fixlet ID: 239101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2391 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0242 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: An information disclosure vulnerability exists in the way some ActiveX objects are instantiated, aka "Microsoft ActiveX Information Disclosure Vulnerability." *************************************************************** Title: Microsoft Office Memory Corruption Vulnerability - CVE-2017-0254 Severity: High Fixlet ID: 239201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2392 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0254 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Office for Mac 2011, Office for Mac 2016, Microsoft Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, Word 2013 RT SP1, Word 2013 SP1, Word Automation Services on Microsoft SharePoint Server 2013 SP1, Office Word Viewer, SharePoint Enterprise Server 2016, and Word 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0264 and CVE-2017-0265. *************************************************************** Title: .Net Security Feature Bypass Vulnerability - CVE-2017-0248 Severity: Medium Fixlet ID: 239301 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2393 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0248 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability." *************************************************************** Title: Microsoft Office Remote Code Execution Vulnerability - CVE-2017-0281 Severity: High Fixlet ID: 239402 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2394 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0281 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, Sharepoint Server 2010 SP2, Word 2016, and Skype for Business 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0262. *************************************************************** Title: Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability - CVE-2017-3071 Severity: High Fixlet ID: 239501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2395 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3071 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution. *************************************************************** Title: Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability - CVE-2017-3072 Severity: High Fixlet ID: 239601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2396 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3072 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution. *************************************************************** Title: Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability - CVE-2017-3074 Severity: High Fixlet ID: 239701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2397 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3074 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution. *************************************************************** Title: Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability - CVE-2017-3073 Severity: High Fixlet ID: 239801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2398 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3073 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution. *************************************************************** Title: Microsoft Edge Elevation of Privilege Vulnerability - CVE-2017-0241 Severity: Medium Fixlet ID: 239901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2399 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0241 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: An elevation of privilege vulnerability exists when Microsoft Edge renders a domain-less page in the URL, which could allow Microsoft Edge to perform actions in the context of the Intranet Zone and access functionality that is not typically available to the browser when browsing in the context of the Internet Zone, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0233. *************************************************************** Title: Bypass of Content Security Policy in Blink - CVE-2017-5033 Severity: Medium Fixlet ID: 240301 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2403 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5033 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page. *************************************************************** Title: Use after free in ANGLE - CVE-2017-5031 Severity: Medium Fixlet ID: 240401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2404 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5031 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. *************************************************************** Title: Information disclosure in V8 - CVE-2017-5040 Severity: Medium Fixlet ID: 240501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2405 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5040 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page. *************************************************************** Title: Use after free in PDFium - CVE-2017-5034 Severity: Medium Fixlet ID: 240601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2406 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5034 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. *************************************************************** Title: Memory corruption in V8 - CVE-2017-5030 Severity: Medium Fixlet ID: 240701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2407 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5030 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page. *************************************************************** Title: Use after free in PDFium - CVE-2017-5039 Severity: Medium Fixlet ID: 240801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2408 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5039 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. *************************************************************** Title: Use after free in PDFium - CVE-2017-5036 Severity: Medium Fixlet ID: 240901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2409 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5036 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file. *************************************************************** Title: Incorrect security UI in Omnibox - CVE-2017-5035 Severity: Medium Fixlet ID: 241001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2410 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5035 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site. *************************************************************** Title: Out of bounds write in PDFium - CVE-2017-5032 Severity: Medium Fixlet ID: 241101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2411 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5032 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. *************************************************************** Title: Integer overflow in libxslt - CVE-2017-5029 Severity: Medium Fixlet ID: 241201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2412 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5029 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. *************************************************************** Title: Multiple out of bounds writes in ChunkDemuxer - CVE-2017-5037 Severity: Medium Fixlet ID: 241302 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2413 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5037 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. *************************************************************** Title: Use after free in GuestView - CVE-2017-5038 Severity: Medium Fixlet ID: 241401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2414 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5038 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension. From winvulns-announcements at bigmail.bigfix.com Tue Jun 20 05:21:17 2017 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Tue, 20 Jun 2017 05:21:17 -0700 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 547 Published: Mon, 19 Jun 2017 23:47:36 GMT New Fixlets: ============ *************************************************************** Title: Microsoft Malware Protection Engine Denial of Service Vulnerability - CVE-2017-8542 Severity: Medium Fixlet ID: 240101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2401 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8542 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8536, CVE-2017-8537, and CVE-2017-8539. *************************************************************** Title: Microsoft Malware Protection Engine Denial of Service Vulnerability - CVE-2017-8539 Severity: Medium Fixlet ID: 240201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2402 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8539 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8536, CVE-2017-8537, and CVE-2017-8542. *************************************************************** Title: Microsoft Malware Protection Engine Denial of Service Vulnerability - CVE-2017-8536 Severity: Medium Fixlet ID: 241601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2416 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8536 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8537, CVE-2017-8539, and CVE-2017-8542. *************************************************************** Title: Microsoft Malware Protection Engine Remote Code Execution Vulnerability - CVE-2017-8538 Severity: High Fixlet ID: 241701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2417 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8538 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulnerability than CVE-2017-8540 and CVE-2017-8541. *************************************************************** Title: Microsoft Malware Protection Engine Denial of Service Vulnerability - CVE-2017-8537 Severity: Medium Fixlet ID: 241801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2418 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8537 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8536, CVE-2017-8539, and CVE-2017-8542. *************************************************************** Title: Microsoft Malware Protection Engine Denial of Service Vulnerability - CVE-2017-8535 Severity: Medium Fixlet ID: 241901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2419 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8535 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8536, CVE-2017-8537, CVE-2017-8539, and CVE-2017-8542. *************************************************************** Title: An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux - CVE-2017-5047 Severity: Medium Fixlet ID: 242001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2420 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5047 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. *************************************************************** Title: An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux - CVE-2017-5051 Severity: Medium Fixlet ID: 242101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2421 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5051 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. *************************************************************** Title: An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux - CVE-2017-5048 Severity: Medium Fixlet ID: 242201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2422 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5048 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. *************************************************************** Title: Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView - CVE-2017-5043 Severity: Medium Fixlet ID: 242301 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2423 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5043 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension. *************************************************************** Title: Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux - CVE-2017-5044 Severity: Medium Fixlet ID: 242401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2424 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5044 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. *************************************************************** Title: XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux - CVE-2017-5045 Severity: Medium Fixlet ID: 242501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2425 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5045 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page. *************************************************************** Title: An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux - CVE-2017-5050 Severity: Medium Fixlet ID: 242601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2426 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5050 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. *************************************************************** Title: Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward navigation - CVE-2017-5041 Severity: Medium Fixlet ID: 242701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2427 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5041 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward navigation, which allowed a remote attacker to display incorrect information for a site via a crafted HTML page. *************************************************************** Title: Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux - CVE-2017-5042 Severity: Low Fixlet ID: 242802 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2428 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5042 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent. *************************************************************** Title: V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux - CVE-2017-5046 Severity: Medium Fixlet ID: 242901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2429 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5046 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure. *************************************************************** Title: An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux - CVE-2017-5049 Severity: Medium Fixlet ID: 243001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2430 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5049 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. *************************************************************** Title: Microsoft Malware Protection Engine Remote Code Execution Vulnerability - CVE-2017-8541 Severity: High Fixlet ID: 243101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2431 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8541 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulnerability than CVE-2017-8538 and CVE-2017-8540. *************************************************************** Title: Microsoft Malware Protection Engine Remote Code Execution Vulnerability - CVE-2017-8540 Severity: High Fixlet ID: 243201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2432 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8540 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulnerability than CVE-2017-8538 and CVE-2017-8541. *************************************************************** Title: Use-after-free working with events in FontFace objects - CVE-2017-5402 Severity: Fixlet ID: 243701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2437 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5402 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use-after-free can occur when events are fired for a FontFace object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. *************************************************************** Title: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service - CVE-2017-5409 Severity: Fixlet ID: 243801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2438 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5409 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. *************************************************************** Title: File picker can choose incorrect default directory - CVE-2017-5414 Severity: Fixlet ID: 243901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2439 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5414 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name. *************************************************************** Title: Javascript: URLs can obfuscate addressbar location - CVE-2017-5420 Severity: Fixlet ID: 244001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2440 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5420 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A javascript: url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly. *************************************************************** Title: Addressbar spoofing through blob URL - CVE-2017-5415 Severity: Fixlet ID: 244101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2441 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5415 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by blob: as the protocol, leading to user confusion and further spoofing attacks. *************************************************************** Title: asm.js JIT-spray bypass of ASLR and DEP - CVE-2017-5400 Severity: Fixlet ID: 244201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2442 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5400 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. *************************************************************** Title: Addressbar spoofing by draging and dropping URLs - CVE-2017-5417 Severity: Fixlet ID: 244301 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2443 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5417 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. *************************************************************** Title: FTP response codes can cause use of uninitialized values for ports - CVE-2017-5405 Severity: Fixlet ID: 244401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2444 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5405 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. *************************************************************** Title: Repeated authentication prompts lead to DOS attack - CVE-2017-5419 Severity: Fixlet ID: 244501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2445 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5419 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service (DOS) attack. *************************************************************** Title: Memory Corruption when handling ErrorResult - CVE-2017-5401 Severity: Fixlet ID: 244601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2446 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5401 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A crash triggerable by web content in which an ErrorResult references unassigned memory due to a logic error. The resulting crash may be exploitable. *************************************************************** Title: Segmentation fault during bidirectional operations - CVE-2017-5413 Severity: Fixlet ID: 244702 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2447 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5413 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A segmentation fault can occur during some bidirectional layout operations. *************************************************************** Title: Out of bounds read when parsing HTTP digest authorization responses - CVE-2017-5418 Severity: Fixlet ID: 244802 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2448 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5418 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns. *************************************************************** Title: Print preview spoofing - CVE-2017-5421 Severity: Fixlet ID: 244901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2449 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5421 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what site is currently loaded. *************************************************************** Title: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8 - CVE-2017-5398 Severity: Fixlet ID: 245001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2450 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5398 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard, Randell Jesup, Andr? Bargull, Kan-Ru Chen, and Nathan Froyd reported memory safety bugs present in Firefox 51 and Firefox ESR 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. *************************************************************** Title: Cross-origin reading of video captions in violation of CORS - CVE-2017-5408 Severity: Fixlet ID: 245101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2451 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5408 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. *************************************************************** Title: Null dereference crash in HttpChannel - CVE-2017-5416 Severity: Fixlet ID: 245201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2452 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5416 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice. *************************************************************** Title: Pixel and history stealing via floating-point timing side channel with SVG filters - CVE-2017-5407 Severity: Fixlet ID: 245301 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2453 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5407 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information disclosure. *************************************************************** Title: DOS attack by using view-source: protocol repeatedly in one hyperlink - CVE-2017-5422 Severity: Fixlet ID: 245401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2454 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5422 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: If a malicious site uses the view-source: protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making view-source: linkable. *************************************************************** Title: Use-after-free using addRange to add range to an incorrect root object - CVE-2017-5403 Severity: Fixlet ID: 245501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2455 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5403 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: When adding a range to an object in the DOM, it is possible to use addRange to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash. *************************************************************** Title: Use-after-free working with ranges in selections - CVE-2017-5404 Severity: Fixlet ID: 245601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2456 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5404 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. *************************************************************** Title: Buffer overflow read in SVG filters - CVE-2017-5412 Severity: Fixlet ID: 245701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2457 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5412 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A buffer overflow read during SVG filter color value operations, resulting in data exposure. *************************************************************** Title: Non-existent chrome.manifest file loaded during startup - CVE-2017-5427 Severity: Fixlet ID: 245801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2458 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5427 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This could result in malicious software being added without consent or modification of referenced installed files. *************************************************************** Title: Memory safety bugs fixed in Firefox 52 - CVE-2017-5399 Severity: Fixlet ID: 245901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2459 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5399 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Mozilla developers and community members Carsten Book, Calixte Denizet, Christian Holler, Andrew McCreight, David Bolter, David Keeler, Jon Coppeard, Tyson Smith, Ronald Crane, Tooru Fujisawa, Ben Kelly, Bob Owen, Jed Davis, Julian Seward, Julian Hector, Philipp, Markus Stange, and Andr? Bargull reported memory safety bugs present in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. *************************************************************** Title: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5410 Severity: Fixlet ID: 246001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2460 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5410 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. *************************************************************** Title: Use-after-free in Buffer Storage in libGLES - CVE-2017-5411 Severity: Fixlet ID: 246101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2461 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5411 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. The buffer storage can be freed while still in use in some circumstances, leading to a potentially exploitable crash. Note: This issue is in libGLES, which is only in use on Windows. Other operating systems are not affected. *************************************************************** Title: Segmentation fault in Skia with canvas operations - CVE-2017-5406 Severity: Fixlet ID: 246201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2462 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5406 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. *************************************************************** Title: Use-after-free during focus handling - CVE-2017-5434 Severity: Fixlet ID: 246801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2468 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5434 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. *************************************************************** Title: Use-after-free with selection during scroll events - CVE-2017-5441 Severity: Fixlet ID: 246901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2469 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5441 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. *************************************************************** Title: Use-after-free in txExecutionState destructor during XSLT processing - CVE-2017-5440 Severity: Fixlet ID: 247001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2470 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5440 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. *************************************************************** Title: Vulnerabilities in Libevent library - CVE-2016-10196 Severity: Medium Fixlet ID: 247101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2471 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10196 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Three vulnerabilities were reported in the Libevent library that allow for out-of-bounds reads and denial of service (DoS) attacks. These were fixed in the Libevent library and these changes were ported to Mozilla code. *************************************************************** Title: Use-after-free in nsAutoPtr during XSLT processing - CVE-2017-5438 Severity: Fixlet ID: 247201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2472 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5438 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. *************************************************************** Title: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 - CVE-2017-5429 Severity: Fixlet ID: 247301 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2473 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5429 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Mozilla developers and community members Christian Holler, Jon Coppeard, Marcia Knous, David Baron, Mats Palmgren, Ronald Crane, Bob Clary, and Chris Peterson reported memory safety bugs present in Firefox 52, Firefox ESR 45.8, and Firefox ESR 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. *************************************************************** Title: Use-after-free in nsTArray Length() during XSLT processing - CVE-2017-5439 Severity: Fixlet ID: 247401 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2474 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5439 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. *************************************************************** Title: Use-after-free during style changes - CVE-2017-5442 Severity: Fixlet ID: 247501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2475 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5442 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. *************************************************************** Title: Use-after-free in text input selection - CVE-2017-5432 Severity: Fixlet ID: 247601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2476 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5432 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. *************************************************************** Title: Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1 - CVE-2017-5430 Severity: Fixlet ID: 247701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2477 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5430 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Mozilla developers and community members Christian Holler, Jon Coppeard, Milan Sreckovic, Tyson Smith, Ronald Crane, Randell Jesup, Philipp, Tooru Fujisawa, and Kan-Ru Chen reported memory safety bugs present in Firefox 52 and Firefox ESR 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. From winvulns-announcements at bigmail.bigfix.com Tue Jun 27 05:21:04 2017 From: winvulns-announcements at bigmail.bigfix.com (Notification of New Vulnerabilties to Windows Systems Fixlet Messages) Date: Tue, 27 Jun 2017 05:21:04 -0700 Subject: [Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems' Message-ID: Fixlet Site - 'Vulnerabilities to Windows Systems' Current Version: 548 Published: Mon, 26 Jun 2017 18:47:08 GMT New Fixlets: ============ *************************************************************** Title: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows - CVE-2015-3133 Severity: High Fixlet ID: 241502 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2415 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3133 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK and Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3134, and CVE-2015-4431 *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-8548 Severity: High Fixlet ID: 250601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2506 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8548 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly improperly handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8520, CVE-2017-8521, and CVE-2017-8549. *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-8520 Severity: High Fixlet ID: 250701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2507 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8520 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8521, CVE-2017-8548, and CVE-2017-8549. *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-8517 Severity: High Fixlet ID: 250801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2508 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8517 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft browsers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8522 and CVE-2017-8524. *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-8549 Severity: High Fixlet ID: 250901 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2509 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8549 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly improperly handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8520, CVE-2017-8521, and CVE-2017-8548. *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-8521 Severity: High Fixlet ID: 251001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2510 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8521 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499, CVE-2017-8520, CVE-2017-8548, and CVE-2017-8549. *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-8499 Severity: High Fixlet ID: 251101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2511 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8499 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8520, CVE-2017-8521, CVE-2017-8548, and CVE-2017-8549. *************************************************************** Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-8522 Severity: High Fixlet ID: 251301 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2513 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8522 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8517 and CVE-2017-8524. *************************************************************** Title: Microsoft Edge Security Feature Bypass Vulnerability - CVE-2017-8523 Severity: Medium Fixlet ID: 252501 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2525 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8523 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge fails to correctly apply Same Origin Policy for HTML elements present in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8530 and CVE-2017-8555. *************************************************************** Title: Microsoft Edge Information Disclosure Vulnerability - CVE-2017-8498 Severity: Medium Fixlet ID: 252601 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2526 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8498 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read data not intended to be disclosed when Edge allows JavaScript XML DOM objects to detect installed browser extensions, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8504. *************************************************************** Title: Microsoft Edge Information Disclosure Vulnerability - CVE-2017-8504 Severity: Medium Fixlet ID: 252701 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2527 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8504 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read the URL of a cross-origin request when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8498. *************************************************************** Title: Microsoft Edge Security Feature Bypass Vulnerability - CVE-2017-8555 Severity: Medium Fixlet ID: 252801 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2528 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8555 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to trick a user into loading a page with malicious content when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8523 and CVE-2017-8530. *************************************************************** Title: Microsoft Edge Security Feature Bypass Vulnerability - CVE-2017-8530 Severity: Medium Fixlet ID: 253001 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2530 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8530 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge does not properly enforce same-origin policies, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8523 and CVE-2017-8555. *************************************************************** Title: Microsoft Edge Memory Corruption Vulnerability - CVE-2017-8497 Severity: High Fixlet ID: 253101 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2531 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8497 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8496. *************************************************************** Title: Microsoft Edge Memory Corruption Vulnerability - CVE-2017-8496 Severity: High Fixlet ID: 253201 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2532 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8496 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8497. *************************************************************** Title: Windows Search Remote Code Execution Vulnerability - CVE-2017-8464 Severity: High Fixlet ID: 254301 Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2543 Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8464 Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo Fixlet Description: Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability."