[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Thu May 10 05:21:23 PDT 2018
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 587 Published: Wed, 09 May 2018 20:46:34 GMT
New Fixlets:
============
***************************************************************
Title: Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability - CVE-2018-1009
Severity: <Unspecified>
Fixlet ID: 492601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4926
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1009
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory, aka "Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2018-0870
Severity: <Unspecified>
Fixlet ID: 492702
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4927
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0870
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0991, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2018-0991
Severity: <Unspecified>
Fixlet ID: 492801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4928
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0991
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0870, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2018-0997
Severity: <Unspecified>
Fixlet ID: 492901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4929
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0997
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0870, CVE-2018-0991, CVE-2018-1018, CVE-2018-1020.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2018-1020
Severity: <Unspecified>
Fixlet ID: 493001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4930
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1020
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1018.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2018-1018
Severity: <Unspecified>
Fixlet ID: 493101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4931
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1018
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1020.
***************************************************************
Title: Microsoft Edge Information Disclosure Vulnerability - CVE-2018-0998
Severity: <Unspecified>
Fixlet ID: 496401
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4964
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0998
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0892.
***************************************************************
Title: Microsoft Edge Information Disclosure Vulnerability - CVE-2018-0892
Severity: <Unspecified>
Fixlet ID: 496501
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4965
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0892
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0998.
***************************************************************
Title: Chakra Scripting Engine Memory Corruption Vulnerability - CVE-2018-0980
Severity: <Unspecified>
Fixlet ID: 496601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4966
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0980
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.
***************************************************************
Title: Chakra Scripting Engine Memory Corruption Vulnerability - CVE-2018-0993
Severity: <Unspecified>
Fixlet ID: 496701
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4967
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0993
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.
***************************************************************
Title: Chakra Scripting Engine Memory Corruption Vulnerability - CVE-2018-0994
Severity: <Unspecified>
Fixlet ID: 496801
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4968
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0994
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0995, CVE-2018-1019.
***************************************************************
Title: Chakra Scripting Engine Memory Corruption Vulnerability - CVE-2018-0995
Severity: <Unspecified>
Fixlet ID: 496901
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4969
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0995
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-1019.
***************************************************************
Title: Chakra Scripting Engine Memory Corruption Vulnerability - CVE-2018-0979
Severity: <Unspecified>
Fixlet ID: 497001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4970
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0979
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.
***************************************************************
Title: Chakra Scripting Engine Memory Corruption Vulnerability - CVE-2018-1019
Severity: <Unspecified>
Fixlet ID: 497101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4971
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1019
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995.
***************************************************************
Title: Chakra Scripting Engine Memory Corruption Vulnerability - CVE-2018-0990
Severity: <Unspecified>
Fixlet ID: 497201
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4972
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0990
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.
More information about the WinVulns-Announcements
mailing list