[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Tue May 22 05:21:33 PDT 2018
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 589 Published: Mon, 21 May 2018 19:41:42 GMT
New Fixlets:
============
***************************************************************
Title: Scripting Engine Information Disclosure Vulnerability - CVE-2018-0987
Severity: Medium
Fixlet ID: 498101
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4981
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0987
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0981, CVE-2018-0989, CVE-2018-1000.
***************************************************************
Title: Microsoft SharePoint Elevation of Privilege Vulnerability - CVE-2018-1014
Severity: Medium
Fixlet ID: 498601
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4986
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1014
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-1005, CVE-2018-1032, CVE-2018-1034.
***************************************************************
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2018-8118
Severity: <Unspecified>
Fixlet ID: 498802
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A4988
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8118
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11, Internet Explorer 10.
More information about the WinVulns-Announcements
mailing list