[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Fri Sep 8 05:21:02 PDT 2017
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 557 Published: Thu, 07 Sep 2017 21:08:02 GMT
New Fixlets:
============
***************************************************************
Title: Microsoft Office Memory Corruption Vulnerability - CVE-2017-0003 (MS17-002)
Severity: High
Fixlet ID: 170701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1707
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0003
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML) - CVE-2017-3244
Severity: Medium
Fixlet ID: 179502
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1795
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3244
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB) - CVE-2017-3257
Severity: Medium
Fixlet ID: 179601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1796
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3257
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL) - CVE-2017-3273
Severity: Medium
Fixlet ID: 179702
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1797
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3273
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier.
***************************************************************
Title: Vulnerability in MySQL Server 5.5.53 and earlier - CVE-2017-3243
Severity: Low
Fixlet ID: 181401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1814
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3243
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer) - CVE-2017-3238
Severity: Medium
Fixlet ID: 182902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1829
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3238
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging) - CVE-2017-3265
Severity: Medium
Fixlet ID: 183002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1830
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3265
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging) - CVE-2017-3291
Severity: Low
Fixlet ID: 183101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1831
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3291
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer) - CVE-2017-3251
Severity: Medium
Fixlet ID: 183201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1832
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3251
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication) - CVE-2017-3256
Severity: Medium
Fixlet ID: 183301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A1833
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3256
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier.
More information about the WinVulns-Announcements
mailing list