[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Thu Feb 15 05:21:12 PST 2018
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 579 Published: Wed, 14 Feb 2018 19:49:46 GMT
New Fixlets:
============
***************************************************************
Title: ASTERIX infinite loop in Wireshark - CVE-2017-5596
Severity: Medium
Fixlet ID: 271701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2717
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5596
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.
***************************************************************
Title: DHCPv6 large loop in Wireshark - CVE-2017-5597
Severity: Medium
Fixlet ID: 272601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A2726
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5597
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow.
***************************************************************
Title: Windows Elevation of Privilege Vulnerability - CVE-2018-0749
Severity: Medium
Fixlet ID: 390001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3900
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0749
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Microsoft Server Message Block (SMB) Server in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way SMB Server handles specially crafted files, aka "Windows Elevation of Privilege Vulnerability".
***************************************************************
Title: Scripting Engine Information Disclosure Vulnerability - CVE-2018-0800
Severity: Medium
Fixlet ID: 390201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3902
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0800
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0780.
***************************************************************
Title: Windows GDI Information Disclosure Vulnerability - CVE-2018-0750
Severity: Low
Fixlet ID: 391302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3913
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0750
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Windows GDI component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "Windows Elevation of Privilege Vulnerability".
***************************************************************
Title: Windows Elevation of Privilege Vulnerability - CVE-2018-0751
Severity: Low
Fixlet ID: 391401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3914
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0751
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2018-0752.
***************************************************************
Title: OpenType Font Driver Information Disclosure Vulnerability - CVE-2018-0754
Severity: Low
Fixlet ID: 391801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3918
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0754
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "OpenType Font Driver Information Disclosure Vulnerability".
***************************************************************
Title: OpenType Font Driver Elevation of Privilege Vulnerability - CVE-2018-0788
Severity: Medium
Fixlet ID: 391901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3919
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0788
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 and R2 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "OpenType Font Driver Elevation of Privilege Vulnerability".
***************************************************************
Title: Windows Elevation of Privilege Vulnerability - CVE-2018-0752
Severity: Medium
Fixlet ID: 392001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3920
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0752
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2018-0751.
***************************************************************
Title: Windows IPSec Denial of Service Vulnerability - CVE-2018-0753
Severity: High
Fixlet ID: 392101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3921
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0753
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a denial of service vulnerability due to the way objects are handled in memory, aka "Windows IPSec Denial of Service Vulnerability".
***************************************************************
Title: Use after free in libXML - CVE-2017-15412
Severity: <Unspecified>
Fixlet ID: 393001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3930
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15412
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Use after free in libXML.
***************************************************************
Title: Out of bounds read in Blink - CVE-2017-15416
Severity: <Unspecified>
Fixlet ID: 393101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3931
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15416
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Out of bounds read in Blink.
***************************************************************
Title: Issue with SPAKE implementation in BoringSSL - CVE-2017-15423
Severity: <Unspecified>
Fixlet ID: 393201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3932
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15423
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Issue with SPAKE implementation in BoringSSL.
***************************************************************
Title: URL Spoof in Omnibox - CVE-2017-15424
Severity: <Unspecified>
Fixlet ID: 393301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3933
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15424
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: URL Spoof in Omnibox.
***************************************************************
Title: Out of bounds write in QUIC - CVE-2017-15407
Severity: <Unspecified>
Fixlet ID: 393401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3934
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15407
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Out of bounds write in QUIC.
***************************************************************
Title: URL Spoof in Omnibox - CVE-2017-15425
Severity: <Unspecified>
Fixlet ID: 393501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3935
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15425
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: URL Spoof in Omnibox.
***************************************************************
Title: Type confusion in WebAssembly - CVE-2017-15413
Severity: <Unspecified>
Fixlet ID: 393601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3936
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15413
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Type confusion in WebAssembly.
***************************************************************
Title: Use after free in PDFium - CVE-2017-15410
Severity: <Unspecified>
Fixlet ID: 393701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3937
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15410
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Use after free in PDFium.
***************************************************************
Title: Insufficient blocking of JavaScript in Omnibox - CVE-2017-15427
Severity: <Unspecified>
Fixlet ID: 393801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3938
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15427
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Insufficient blocking of JavaScript in Omnibox.
***************************************************************
Title: Unsafe navigation in Chromecast Plugin - CVE-2017-15430
Severity: <Unspecified>
Fixlet ID: 393901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3939
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15430
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unsafe navigation in Chromecast Plugin.
***************************************************************
Title: Out of bounds write in Skia - CVE-2017-15409
Severity: <Unspecified>
Fixlet ID: 394001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3940
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15409
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Out of bounds write in Skia.
***************************************************************
Title: Pointer information disclosure in IPC call - CVE-2017-15415
Severity: <Unspecified>
Fixlet ID: 394102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3941
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15415
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Pointer information disclosure in IPC call.
***************************************************************
Title: URL spoofing in Omnibox - CVE-2017-15420
Severity: <Unspecified>
Fixlet ID: 394201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3942
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15420
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: URL spoofing in Omnibox.
***************************************************************
Title: Out-of-bounds Read vulnerability in Adobe Flash Player before 28.0.0.137 - CVE-2018-4871
Severity: Medium
Fixlet ID: 394301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3943
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4871
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
***************************************************************
Title: Cross origin information disclosure in Skia - CVE-2017-15417
Severity: <Unspecified>
Fixlet ID: 394401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3944
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15417
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Cross origin information disclosure in Skia.
***************************************************************
Title: Heap buffer overflow in PDFium - CVE-2017-15408
Severity: <Unspecified>
Fixlet ID: 394501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3945
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15408
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Heap buffer overflow in PDFium.
***************************************************************
Title: URL Spoof in Omnibox - CVE-2017-15426
Severity: <Unspecified>
Fixlet ID: 394601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3946
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15426
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: URL Spoof in Omnibox.
***************************************************************
Title: Integer overflow in ICU - CVE-2017-15422
Severity: <Unspecified>
Fixlet ID: 394801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3948
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15422
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Integer overflow in ICU.
***************************************************************
Title: Use after free in PDFium - CVE-2017-15411
Severity: <Unspecified>
Fixlet ID: 394902
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3949
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15411
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Use after free in PDFium.
***************************************************************
Title: Cross origin leak of redirect URL in Blink - CVE-2017-15419
Severity: <Unspecified>
Fixlet ID: 395001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3950
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15419
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Cross origin leak of redirect URL in Blink.
***************************************************************
Title: Memory safety bugs fixed in Firefox 57 - CVE-2017-7827
Severity: <Unspecified>
Fixlet ID: 397001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3970
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7827
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Mozilla developers and community members Boris Zbarsky, Carsten Book, Christian Holler, Byron Campen, Jan de Mooij, Jason Kratzer, Jesse Schwartzentruber, Marcia Knous, Randell Jesup, Tyson Smith, and Ting-Yu Chou reported memory safety bugs present in Firefox 56. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
***************************************************************
Title: Failure of individual decoding of labels in international domain names triggers punycode display of entire IDN - CVE-2017-7838
Severity: <Unspecified>
Fixlet ID: 397101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3971
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7838
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Punycode format text will be displayed for entire qualified international domain names in some instances when a sub-domain triggers the punycode display instead of the primary domain being displayed in native script and the sub-domain only displaying as punycode. This could be used for limited spoofing attacks due to user confusion.
***************************************************************
Title: Information disclosure of exposed properties on JavaScript proxy objects - CVE-2017-7831
Severity: <Unspecified>
Fixlet ID: 397201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3972
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7831
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated exposedProps mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects.
***************************************************************
Title: Control characters before javascript: URLs defeats self-XSS prevention mechanism - CVE-2017-7839
Severity: <Unspecified>
Fixlet ID: 397302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3973
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7839
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Control characters prepended before javascript: URLs pasted in the addressbar can cause the leading characters to be ignored and the pasted JavaScript to be executed instead of being blocked. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks where users are convinced to copy and paste text into the addressbar.
***************************************************************
Title: Referrer Policy is not always respected for "link" elements - CVE-2017-7842
Severity: <Unspecified>
Fixlet ID: 397501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3975
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7842
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: If a document’s Referrer Policy attribute is set to "no-referrer" sometimes two network requests are made for "link" elements instead of one. One of these requests includes the referrer instead of respecting the set policy to not include a referrer on requests.
***************************************************************
Title: SVG loaded as "img" can use meta tags to set cookies - CVE-2017-7837
Severity: <Unspecified>
Fixlet ID: 397601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3976
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7837
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: SVG loaded through "img" tags can use "meta" tags within the SVG data to set cookies for that page.
***************************************************************
Title: data: URLs opened in new tabs bypass CSP protections - CVE-2017-7834
Severity: <Unspecified>
Fixlet ID: 397701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3977
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7834
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A data: URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when data: documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks.
***************************************************************
Title: Domain spoofing with Arabic and Indic vowel marker characters - CVE-2017-7833
Severity: <Unspecified>
Fixlet ID: 397801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3978
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7833
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows for domain spoofing attacks because these combined domain names do not display as punycode.
***************************************************************
Title: Exported bookmarks do not strip script elements from user-supplied tags - CVE-2017-7840
Severity: <Unspecified>
Fixlet ID: 397901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3979
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7840
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: JavaScript can be injected into an exported bookmarks file by placing JavaScript code into user-supplied tags in saved bookmarks. If the resulting exported HTML file is later opened in a browser this JavaScript will be executed. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks if users were convinced to add malicious tags to bookmarks, export them, and then open the resulting file.
***************************************************************
Title: Domain spoofing through use of dotless 'i' character followed by accent markers - CVE-2017-7832
Severity: <Unspecified>
Fixlet ID: 398001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3980
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7832
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The combined, single character, version of the letter 'i' with any of the potential accents in unicode, such as acute or grave, can be spoofed in the addressbar by the dotless version of 'i' followed by the same accent as a second character with most font sets. This allows for domain spoofing attacks because these combined domain names do not display as punycode.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges) - CVE-2018-2696
Severity: High
Fixlet ID: 398101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3981
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2696
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure) - CVE-2018-2583
Severity: Medium
Fixlet ID: 398201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3982
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2583
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML) - CVE-2018-2646
Severity: Medium
Fixlet ID: 398301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3983
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2646
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges) - CVE-2018-2703
Severity: Medium
Fixlet ID: 398401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3984
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2703
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB) - CVE-2018-2565
Severity: Medium
Fixlet ID: 398501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3985
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2565
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML) - CVE-2018-2576
Severity: Medium
Fixlet ID: 398601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3986
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2576
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema) - CVE-2018-2590
Severity: Medium
Fixlet ID: 398701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3987
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2590
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer) - CVE-2018-2640
Severity: Medium
Fixlet ID: 398801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3988
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2640
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL) - CVE-2018-2622
Severity: Medium
Fixlet ID: 398901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3989
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2622
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS) - CVE-2018-2573
Severity: Medium
Fixlet ID: 399001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3990
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2573
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer) - CVE-2018-2665
Severity: Medium
Fixlet ID: 399101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3991
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2665
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer) - CVE-2018-2667
Severity: Medium
Fixlet ID: 399201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3992
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2667
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication) - CVE-2018-2647
Severity: High
Fixlet ID: 399301
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3993
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2647
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB) - CVE-2018-2612
Severity: High
Fixlet ID: 399402
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3994
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2612
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer) - CVE-2018-2600
Severity: Medium
Fixlet ID: 399501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3995
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2600
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer) - CVE-2018-2668
Severity: Medium
Fixlet ID: 399601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3996
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2668
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition) - CVE-2018-2591
Severity: Medium
Fixlet ID: 399701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3997
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2591
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema) - CVE-2018-2645
Severity: Medium
Fixlet ID: 399801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3998
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2645
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition) - CVE-2018-2562
Severity: High
Fixlet ID: 399901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A3999
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2562
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data.
***************************************************************
Title: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML) - CVE-2018-2586
Severity: Medium
Fixlet ID: 400001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4000
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2586
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
***************************************************************
Title: Universal Cross-Site Scripting in V8 - CVE-2017-15429
Severity: <Unspecified>
Fixlet ID: 401001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4010
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15429
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Universal Cross-Site Scripting in V8.
***************************************************************
Title: Out of bounds read in V8 - CVE-2017-15428
Severity: <Unspecified>
Fixlet ID: 401101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4011
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15428
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Out of bounds read in V8.
***************************************************************
Title: Stack buffer overflow in QUIC - CVE-2017-15398
Severity: <Unspecified>
Fixlet ID: 401801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4018
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15398
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Stack buffer overflow in QUIC.
***************************************************************
Title: Use after free in V8 - CVE-2017-15399
Severity: <Unspecified>
Fixlet ID: 401901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4019
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15399
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Use after free in V8.
***************************************************************
Title: Privilege Escalation in PageState - CVE-2017-15402
Severity: <Unspecified>
Fixlet ID: 402001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4020
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15402
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Privilege escalation in PageState.
***************************************************************
Title: Out of Bounds Memory Access in V8 - CVE-2017-15401
Severity: <Unspecified>
Fixlet ID: 402102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4021
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15401
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Out of bounds memory access in V8.
More information about the WinVulns-Announcements
mailing list