[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Mon Oct 9 05:21:20 PDT 2017
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 563 Published: Mon, 09 Oct 2017 02:18:33 GMT
New Fixlets:
============
***************************************************************
Title: Denial of Service Vulnerability in Wireshark 2.2.7 - CVE-2017-9766
Severity: Medium
Fixlet ID: 271501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2715
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9766
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c.
***************************************************************
Title: Denial of Service Vulnerability in Wireshark 2.2.7 - CVE-2017-9617
Severity: Medium
Fixlet ID: 272101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2721
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9617
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.
***************************************************************
Title: Denial of Service Vulnerability in Wireshark 2.2.7 - CVE-2017-9616
Severity: Medium
Fixlet ID: 272401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2724
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9616
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.
***************************************************************
Title: Microsoft Office Outlook Memory Corruption Vulnerability - CVE-2017-8663
Severity: High
Fixlet ID: 296701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2967
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8663
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows a remote code execution vulnerability due to the way Microsoft Outlook parses specially crafted email messages, aka "Microsoft Office Outlook Memory Corruption Vulnerability"
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11245
Severity: Medium
Fixlet ID: 303501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3035
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11245
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11244
Severity: Medium
Fixlet ID: 304401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3044
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11244
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transformation of blocks of pixels. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability - CVE-2017-11219
Severity: High
Fixlet ID: 305502
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3055
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11219
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA rendering engine. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability - CVE-2017-11221
Severity: High
Fixlet ID: 305701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3057
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11221
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability - CVE-2017-11220
Severity: High
Fixlet ID: 306002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3060
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11220
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in an internal data structure. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability - CVE-2017-11214
Severity: High
Fixlet ID: 306101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3061
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11214
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to rendering a path. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability - CVE-2017-11211
Severity: High
Fixlet ID: 306201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3062
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11211
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the JPEG parser. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability - CVE-2017-11217
Severity: Medium
Fixlet ID: 306401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3064
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11217
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing of Unicode text strings. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability - CVE-2017-11209
Severity: Medium
Fixlet ID: 306501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3065
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11209
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability - CVE-2017-11210
Severity: Medium
Fixlet ID: 306601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3066
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11210
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability - CVE-2017-11218
Severity: High
Fixlet ID: 306801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3068
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11218
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in XFA event management. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability - CVE-2017-11212
Severity: High
Fixlet ID: 307102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3071
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11212
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text output. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability - CVE-2017-11216
Severity: High
Fixlet ID: 307401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3074
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11216
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to bitmap transformations. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Remote Code Execution vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11223
Severity: High
Fixlet ID: 309801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3098
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11223
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the core of the XFA engine. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11222
Severity: High
Fixlet ID: 309901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3099
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11222
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) engine. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Remote Code Execution vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11224
Severity: High
Fixlet ID: 310501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3105
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11224
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11226
Severity: High
Fixlet ID: 310601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3106
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11226
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image processing engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11228
Severity: High
Fixlet ID: 310801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3108
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11228
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Remote code execution vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11235
Severity: High
Fixlet ID: 310901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3109
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11235
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the image conversion engine when decompressing JPEG data. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11233
Severity: Medium
Fixlet ID: 311001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3110
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11233
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to block transfer of pixels. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11229
Severity: Medium
Fixlet ID: 311101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3111
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11229
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format (FDF).
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11230
Severity: Medium
Fixlet ID: 311201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3112
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11230
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 engine. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Remote code execution vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11231
Severity: High
Fixlet ID: 311301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3113
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11231
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in Acrobat/Reader rendering engine. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11227
Severity: High
Fixlet ID: 311401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3114
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11227
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Information disclosure vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11232
Severity: Medium
Fixlet ID: 311501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3115
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11232
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when processing Enhanced Metafile Format (EMF) data related to brush manipulation. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11234
Severity: High
Fixlet ID: 311601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3116
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11234
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF data related to the way how the components of each pixel are stored. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11236
Severity: Medium
Fixlet ID: 311701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3117
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11236
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal handling of UTF-16 literal strings. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11239
Severity: Medium
Fixlet ID: 313101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3131
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11239
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text strings. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11238
Severity: Medium
Fixlet ID: 313201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3132
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11238
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to curve drawing. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Memory corruption vulnerability in Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier - CVE-2017-11237
Severity: High
Fixlet ID: 313301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3133
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11237
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing module. Successful exploitation could lead to arbitrary code execution.
***************************************************************
Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-8740
Severity: High
Fixlet ID: 325901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3259
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8740
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.
***************************************************************
Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-8755
Severity: High
Fixlet ID: 326001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3260
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8755
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8756, and CVE-2017-11764.
***************************************************************
Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-8753
Severity: High
Fixlet ID: 326101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3261
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8753
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.
***************************************************************
Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-8729
Severity: High
Fixlet ID: 326201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3262
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8729
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.
***************************************************************
Title: Scripting Engine Memory Corruption Vulnerability - CVE-2017-8756
Severity: High
Fixlet ID: 326301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3263
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8756
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, and CVE-2017-11764.
***************************************************************
Title: Windows Shell Remote Code Execution Vulnerability - CVE-2017-8699
Severity: High
Fixlet ID: 326401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3264
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8699
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to run arbitrary code in the context of the current user, due to the way that Windows Shell validates file copy destinations, aka "Windows Shell Remote Code Execution Vulnerability".
***************************************************************
Title: Device Guard Security Feature Bypass Vulnerability - CVE-2017-8746
Severity: Medium
Fixlet ID: 326601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3266
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8746
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 allows A security feature bypass vulnerability due to how PowerShell exposes functions and processes user supplied code, aka "Device Guard Security Feature Bypass Vulnerability".
***************************************************************
Title: Windows Security Feature Bypass Vulnerability - CVE-2017-8716
Severity: Medium
Fixlet ID: 326701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3267
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8716
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Windows Control Flow Guard in Microsoft Windows 10 Version 1703 allows an attacker to run a specially crafted application to bypass Control Flow Guard, due to the way that Control Flow Guard handles objects in memory, aka "Windows Security Feature Bypass Vulnerability".
***************************************************************
Title: Uniscribe Remote Code Execution Vulnerability - CVE-2017-8692
Severity: High
Fixlet ID: 326801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3268
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8692
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Windows Uniscribe component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows remote code execution vulnerability when it fails to properly handle objects in memory, aka "Uniscribe Remote Code Execution Vulnerability".
***************************************************************
Title: Remote Desktop Virtual Host Remote Code Execution Vulnerability - CVE-2017-8714
Severity: Medium
Fixlet ID: 326901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3269
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8714
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2,, Windows 10 1607, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Remote Desktop Virtual Host Remote Code Execution Vulnerability".
***************************************************************
Title: Windows DHCP Server Remote Code Execution Vulnerability - CVE-2017-8686
Severity: High
Fixlet ID: 327001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3270
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8686
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Windows Server DHCP service in Windows Server 2012 Gold and R2, and Windows Server 2016 allows an attacker to either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive, due to a memory corruption vulnerability in the Windows Server DHCP service, aka "Windows DHCP Server Remote Code Execution Vulnerability".
***************************************************************
Title: Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 - CVE-2016-8012
Severity: Medium
Fixlet ID: 327801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3278
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8012
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get.
***************************************************************
Title: IBM MQ Channel data conversion denial of service - CVE-2016-3013
Severity: Medium
Fixlet ID: 330701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3307
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3013
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661.
***************************************************************
Title: IBM MQ and IBM WebSphere MQ invalid requests could cause denial of service to MQXR listener - CVE-2016-8986
Severity: Medium
Fixlet ID: 330801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3308
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8986
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.
***************************************************************
Title: IBM MQ Invalid channel protocol flows cause denial of service on HP-UX - CVE-2016-8915
Severity: Medium
Fixlet ID: 330901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3309
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8915
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649.
***************************************************************
Title: IBM MQ administration command could cause denial of service - CVE-2016-8971
Severity: Medium
Fixlet ID: 331002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3310
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8971
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663.
***************************************************************
Title: IBM MQ cluster channel definition causes denial of service to cluster - CVE-2016-9009
Severity: Medium
Fixlet ID: 331102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3311
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9009
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647.
***************************************************************
Title: IBM MQ Java clients might send a password in clear text - CVE-2016-3052
Severity: Medium
Fixlet ID: 335201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3352
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3052
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques.
***************************************************************
Title: Remote Code Execution Vulnerability in Apache Tomcat 7.0.0 to 7.0.79 - CVE-2017-12615
Severity: Medium
Fixlet ID: 335301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3353
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12615
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
***************************************************************
Title: Information Disclosure Vulnerability in Apache Tomcat 7.0.0 to 7.0.80 - CVE-2017-12616
Severity: Medium
Fixlet ID: 335401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3354
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12616
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.
More information about the WinVulns-Announcements
mailing list