[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Fri May 4 05:21:34 PDT 2018
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 586 Published: Fri, 04 May 2018 00:24:03 GMT
New Fixlets:
============
***************************************************************
Title: Microsoft Graphics Component Denial of Service Vulnerability - CVE-2018-8116
Severity: <Unspecified>
Fixlet ID: 490501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4905
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8116
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A denial of service vulnerability exists in the way that Windows handles objects in memory, aka "Microsoft Graphics Component Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
***************************************************************
Title: Hyper-V Information Disclosure Vulnerability - CVE-2018-0957
Severity: <Unspecified>
Fixlet ID: 490601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4906
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0957
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0964.
***************************************************************
Title: Hyper-V Information Disclosure Vulnerability - CVE-2018-0964
Severity: <Unspecified>
Fixlet ID: 490701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4907
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0964
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0957.
***************************************************************
Title: Microsoft JET Database Engine Remote Code Execution Vulnerability - CVE-2018-1003
Severity: <Unspecified>
Fixlet ID: 491002
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4910
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1003
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10.
***************************************************************
Title: Microsoft JET Database Engine Remote Code Execution Vulnerability - CVE-2018-1008
Severity: <Unspecified>
Fixlet ID: 492401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4924
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1008
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory, aka "OpenType Font Driver Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
More information about the WinVulns-Announcements
mailing list