Alert RSS https://tools.cisco.com/security/center/psirtrss20/AlertRSS.xml en-us 1992-2010 Cisco Systems, Inc. All rights reserved. Alert RSS Cisco Systems, Inc. 15 OpenSSL Cache Timing Side Channel Attack Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57508&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=OpenSSL%20Cache%20Timing%20Side%20Channel%20Attack%20Vulnerability&vs_k=1 A vulnerability in OpenSSL could allow a local attacker to access sensitive information on a targeted system.<br /> <br /> The vulnerability is in the <em>BN_mod_inverse()</em> and <em>BN_mod_exp_mont()</em> functions defined in the OpenSSL RSA key generation algorithm and exists because the functions are not constant-time. An attacker could exploit the vulnerability by accessing the system and conducting a cache timing side channel attack during the RSA key generation process. A successful exploit could allow the attacker to access the generated RSA private key, which could be used to conduct additional attacks. <br /> <br /> OpenSSL has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Low <br/>CVE: CVE-2018-0737 Wed, 18 Apr 2018 19:31:36 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57508 Oracle Critical Patch Update for April 2018 https://tools.cisco.com/security/center/viewAlert.x?alertId=57518&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Oracle%20Critical%20Patch%20Update%20for%20April%202018&vs_k=1 <p>Oracle has released the Critical Patch Update for April 2018. The update contains 254 new security fixes that address vulnerabilities in multiple Oracle product families. The update addresses vulnerabilities that could allow an attacker to access sensitive information, gain elevated privileges, execute arbitrary code, or cause a denial of service (DoS) condition on a targeted system.</p> <p>Administrators are advised to apply the appropriate software updates.</p> <p>Administrators are advised to allow only trusted users to have network access.</p> <p>Administrators are advised to monitor affected systems.</p> <p>Oracle has released a security advisory, which includes a list of affected products and product versions, at the following link: <a href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">Oracle Critical Patch Update Advisory - April 2018</a></p> <p>Oracle has released patches at the following link: <a href="https://www.oracle.com/downloads/index.html">Oracle Downloads</a></p> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2013-1768,CVE-2015-7501,CVE-2015-7940,CVE-2016-0635,CVE-2016-3092,CVE-2016-3506,CVE-2016-5007,CVE-2016-5019,CVE-2016-6304,CVE-2016-6814,CVE-2016-9878,CVE-2017-12617,CVE-2017-13082,CVE-2017-15095,CVE-2017-17562,CVE-2017-3736,CVE-2017-3737,CVE-2017-5645,CVE-2017-5662,CVE-2017-5664,CVE-2017-5753,CVE-2017-7525,CVE-2017-7805,CVE-2017-9798,CVE-2018-0739,CVE-2018-2563,CVE-2018-2572,CVE-2018-2587,CVE-2018-2628,CVE-2018-2718,CVE-2018-2737,CVE-2018-2738,CVE-2018-2739,CVE-2018-2742,CVE-2018-2746,CVE-2018-2747,CVE-2018-2748,CVE-2018-2749,CVE-2018-2750,CVE-2018-2752,CVE-2018-2753,CVE-2018-2754,CVE-2018-2755,CVE-2018-2756,CVE-2018-2758,CVE-2018-2759,CVE-2018-2760,CVE-2018-2761,CVE-2018-2762,CVE-2018-2763,CVE-2018-2764,CVE-2018-2765,CVE-2018-2766,CVE-2018-2768,CVE-2018-2769,CVE-2018-2770,CVE-2018-2771,CVE-2018-2772,CVE-2018-2773,CVE-2018-2774,CVE-2018-2775,CVE-2018-2776,CVE-2018-2777,CVE-2018-2778,CVE-2018-2779,CVE-2018-2780,CVE-2018-2781,CVE-2018-2782,CVE-2018-2783,CVE-2018-2784,CVE-2018-2785,CVE-2018-2786,CVE-2018-2787,CVE-2018-2788,CVE-2018-2789,CVE-2018-2790,CVE-2018-2791,CVE-2018-2792,CVE-2018-2793,CVE-2018-2794,CVE-2018-2795,CVE-2018-2796,CVE-2018-2797,CVE-2018-2798,CVE-2018-2799,CVE-2018-2800,CVE-2018-2801,CVE-2018-2802,CVE-2018-2803,CVE-2018-2804,CVE-2018-2805,CVE-2018-2806,CVE-2018-2807,CVE-2018-2808,CVE-2018-2809,CVE-2018-2810,CVE-2018-2811,CVE-2018-2812,CVE-2018-2813,CVE-2018-2814,CVE-2018-2815,CVE-2018-2816,CVE-2018-2817,CVE-2018-2818,CVE-2018-2819,CVE-2018-2820,CVE-2018-2821,CVE-2018-2822,CVE-2018-2823,CVE-2018-2824,CVE-2018-2825,CVE-2018-2826,CVE-2018-2827,CVE-2018-2828,CVE-2018-2829,CVE-2018-2830,CVE-2018-2831,CVE-2018-2832,CVE-2018-2833,CVE-2018-2834,CVE-2018-2835,CVE-2018-2836,CVE-2018-2837,CVE-2018-2838,CVE-2018-2839,CVE-2018-2840,CVE-2018-2841,CVE-2018-2842,CVE-2018-2843,CVE-2018-2844,CVE-2018-2845,CVE-2018-2846,CVE-2018-2847,CVE-2018-2848,CVE-2018-2849,CVE-2018-2850,CVE-2018-2851,CVE-2018-2852,CVE-2018-2853,CVE-2018-2854,CVE-2018-2855,CVE-2018-2856,CVE-2018-2857,CVE-2018-2858,CVE-2018-2859,CVE-2018-2860,CVE-2018-2861,CVE-2018-2862,CVE-2018-2863,CVE-2018-2864,CVE-2018-2865,CVE-2018-2866,CVE-2018-2867,CVE-2018-2868,CVE-2018-2869,CVE-2018-2870,CVE-2018-2871,CVE-2018-2872,CVE-2018-2873,CVE-2018-2874,CVE-2018-2876,CVE-2018-2877,CVE-2018-2878,CVE-2018-2879,CVE-2018-7489 Wed, 18 Apr 2018 16:53:04 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57518 Spice spice-gtk Integer Overflow Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57507&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Spice%20spice-gtk%20Integer%20Overflow%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in the spice-gtk component of Spice could allow an unauthenticated, remote attacker with control of a malicious spice-server to execute arbitrary code on a targeted spice-client system.<br /> <br /> The vulnerability is due to improper sanitization of pointers and lengths by the spice-client when handling spice-server messages. An attacker could exploit the vulnerability by persuading a user to connect to an attacker-controlled spice-server and sending messages that submit malicious input to the spice-client system. A successful exploit could cause a integer overflow the attacker could use to execute arbitrary code with the privileges of the affected software on the spice-client system. <br /> <br /> Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available. <br /> <br /> Spice has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2017-12194 Wed, 18 Apr 2018 16:43:37 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57507 Corosync authenticate_nss_2_3() Function Integer Overflow Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57506&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Corosync%20authenticate_nss_2_3()%20Function%20Integer%20Overflow%20Vulnerability&vs_k=1 A vulnerability in Corosync could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability exists in the <em>authenticate_nss_2_3()</em> function defined in the source code file <em>exec/totemcrypto.c</em>, and is due to improper memory operations that are performed by the affected software when handling packets that do not properly exceed the length of <em>crypto_config_header</em> and <em>hash_len</em>. An attacker could exploit the vulnerability by sending a packet that submits malicious input to Corosync. A successful exploit could result in an integer overflow, which could cause the affected software to crash, resulting in a DoS condition. <br /> <br /> Corosync has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-1084 Wed, 18 Apr 2018 15:14:19 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57506 Perl pp_pack.c Pack Template Heap Overflow Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57502&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Perl%20pp_pack.c%20Pack%20Template%20Heap%20Overflow%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in Perl could allow a local attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability exists in the <em>S_pack_rec</em> function defined in the source code file <em>pp_pack.c</em>, and is due to improper memory operations that are performed by the affected software when handling packing templates. An attacker could exploit the vulnerability by accessing the system and executing Perl with a packing template that submits malicious input to the Perl interpreter. A successful exploit could cause a heap buffer overflow that the attacker could use to execute arbitrary code. <br /> <br /> Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available. <br /> <br /> Perl has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-6913 Tue, 17 Apr 2018 23:33:44 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57502 Perl utf8.c Regular Expression Heap Overflow Information Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57501&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Perl%20utf8.c%20Regular%20Expression%20Heap%20Overflow%20Information%20Vulnerability&vs_k=1 A vulnerability in Perl could allow a local attacker to access sensitive information on a targeted system.<br /> <br /> The vulnerability exists in the <em>Perl__byte_dump_string</em> function defined in the source code file <em>utf8.c</em>, and is due to improper memory operations that are performed by the affected software when handling locale-dependent regular expressions. An attacker could exploit the vulnerability by accessing the system and executing Perl with a regular expression that submits malicious input to the Perl interpreter. A successful exploit could cause a heap buffer overread and allow the attacker to access sensitive information, which could be used to conduct additional attacks. <br /> <br /> Perl has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-6798 Tue, 17 Apr 2018 23:33:42 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57501 Perl regcomp.c Regular Expression Heap Overflow Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57500&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Perl%20regcomp.c%20Regular%20Expression%20Heap%20Overflow%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in Perl could allow a local attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability is in the <em>S_regatom()</em> function defined in the source code file <em>regcomp.c</em>, and is due to improper memory operations that are performed by the affected software when handling regular expressions. An attacker could exploit the vulnerability by accessing the system and executing Perl with a regular expression that submits malicious input to the Perl interpreter. A successful exploit could cause a heap buffer overflow with attacker control over the bytes written, which could allow arbitrary code execution. <br /> <br /> Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available. <br /> <br /> Perl.org has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-6797 Tue, 17 Apr 2018 21:34:59 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57500 Linux Kernel hi3660_stub_clk_probe Function Local Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57505&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Linux%20Kernel%20hi3660_stub_clk_probe%20Function%20Local%20Denial%20of%20Service%20Vulnerability&vs_k=1 <p><p>A vulnerability in the <em>hi3660_stub_clk_probe </em>function of the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.</p> <p>The vulnerability is due to improper validation of the INT_MIN parameter processed by the affected software. An attacker could exploit this vulnerability to trigger a NULL pointer dereference, resulting in an error condition that could cause a DoS condition.</p></p> <p>Kernel.org has confirmed the vulnerability and released software updates.</p> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-10074 Tue, 17 Apr 2018 20:39:43 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57505 Linux Kernel kernel_wait4 Function Local Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57504&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Linux%20Kernel%20kernel_wait4%20Function%20Local%20Denial%20of%20Service%20Vulnerability&vs_k=1 <p><p>A vulnerability in the <em>kernel_wait4</em> function of the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.</p> <p>The vulnerability is due to improper validation of the INT_MIN parameter processed by the affected software. An attacker could exploit this vulnerability to trigger an error condition that could result in a DoS condition.</p></p> <p>Kernel.org has confirmed the vulnerability and released software updates.</p> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-10087 Tue, 17 Apr 2018 19:41:34 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57504 Linux Kernel kill_something_info Function Local Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57503&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Linux%20Kernel%20kill_something_info%20Function%20Local%20Denial%20of%20Service%20Vulnerability&vs_k=1 <p><p>A vulnerability in the <em>kill_something_info</em> function of the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition.</p> <p>The vulnerability is due to improper validation of input to the vulnerable function. An attacker could exploit this vulnerability by running a program designed to send malicious requests to the vulnerable function. An exploit could allow the attacker to cause a kernel panic, resulting in a DoS condition.</p></p> <p>Kernel.org has confirmed the vulnerability and released software updates.</p> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-10124 Tue, 17 Apr 2018 18:28:42 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57503 Exempi ASF_Support::ReadHeaderObject Function Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57418&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Exempi%20ASF_Support::ReadHeaderObject%20Function%20Denial%20of%20Service%20Vulnerability&vs_k=1 A vulnerability in Exempi could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability exists in the <em>ASF_Support::ReadHeaderObject</em> function defined in the source code file <em>XMPFiles/source/FormatSupport/ASF_Support.cpp</em>, and is due to improper memory operations that are performed by the affected software when handling <em>.asf</em> files. An attacker could exploit the vulnerability by persuading a user to access an <em>.asf</em> file that submits malicious input to the affected software. A successful exploit could cause the affected software to stop responding due to an infinite loop memory error, which could result in a DoS condition.<br /> <br /> Exempi has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-18236 Tue, 17 Apr 2018 16:20:01 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57418 Exempi VPXChunk Class Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57417&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Exempi%20VPXChunk%20Class%20Denial%20of%20Service%20Vulnerability&vs_k=1 A vulnerability in Exempi could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability exists in the <em>VPXChunk</em> class defined in the source code file <em>XMPFiles/source/FormatSupport/WEBP_Support.cpp</em>, and is due to insufficient sanitization of "0" values passed to <em>height()</em> or <em>width()</em> by the affected software when handling <em>.webq</em> files. An attacker could exploit the vulnerability by persuading a user to access a <em>.webq</em> file that submits malicious input to the affected software. A successful exploit could cause the affected software to crash due to a memory assertion error, which could result in a DoS condition.<br /> <br /> Exempi has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-18235 Mon, 16 Apr 2018 21:01:35 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57417 GEGL gegl_buffer_iterate_read_simple Function Remote Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57496&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=GEGL%20gegl_buffer_iterate_read_simple%20Function%20Remote%20Denial%20of%20Service%20Vulnerability&vs_k=1 <p><p>A vulnerability in the Portable PixMap (PPM) File Handler component of the Generic Graphics Library (GEGL) could allow an unauthenticated, remote attacker to cause a denial of service condition on a targeted system.</p> <p>The vulnerability is due to improper restrictions of memory allocation in the <em>ppm_load_read_header</em> function as defined in the <em>operations/external/ppm-load.c</em> source code file of the affected software. An attacker could exploit the vulnerability by persuading a user to access a PPM file that submits malicious input to the affected software. A successful exploit could trigger an out-of-bounds write condition in the <em>gegl_buffer_iterate_read_simple</em> function in the<em> buffer/gegl-buffer-access.c</em> source code file, which could cause the affected software to crash, resulting in a DoS condition on the affected system.</p></p> <p>Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.</p> <p>The GNOME Project has confirmed the vulnerability and released a software patch.</p> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-10114 Mon, 16 Apr 2018 20:55:01 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57496 GEGL Process Function Unbounded Memory Allocation Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57497&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=GEGL%20Process%20Function%20Unbounded%20Memory%20Allocation%20Denial%20of%20Service%20Vulnerability&vs_k=1 <p>A vulnerability in the <em>process</em> function of the Generic Graphics Library (GEGL) could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability is due to improper memory operations that are performed by the affected software when the <em>process</em> function, as defined in the <em>operations/external/ppm-load.c</em> source code file of the affected software, is used. An attacker could exploit this vulnerability by submitting malicious input to the targeted system designed to trigger a memory allocation failure. A successful exploit could cause the affected software to crash, resulting in a DoS condition on the affected system.</p> <p>Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.</p> <p>The GNOME Project has not publicly confirmed this vulnerability and software updates are not available.</p> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-10113 Mon, 16 Apr 2018 20:44:19 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57497 nghttp2 ALTSVC Frame NULL Pointer Dereference Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57485&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=nghttp2%20ALTSVC%20Frame%20NULL%20Pointer%20Dereference%20Denial%20of%20Service%20Vulnerability&vs_k=1 <p><p>A vulnerability in <em>nghttp2 </em>could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.</p> <p>The vulnerability is due to improper bounds checking by the affected software. If an alternative services (ALTSVC) frame is too large, the pointer field that points to the ALTSVC frame payload is left NULL. An attacker could exploit this vulnerability by sending a large ALTSVC frame to the targeted system. A successful exploit could trigger a NULL pointer dereference condition and cause the affected software to stop responding, resulting in a DoS condition on the affected system.</p></p> <p>nghttp2.org has confirmed the vulnerability and released software updates.</p> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-1000168 Mon, 16 Apr 2018 15:07:03 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57485 Zabbix iConfig Proxy Request Information Disclosure Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57464&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Zabbix%20iConfig%20Proxy%20Request%20Information%20Disclosure%20Vulnerability&vs_k=1 <p><p>A vulnerability in the <em>iConfig </em>proxy request feature of Zabbix server could allow an unauthenticated, remote attacker to access sensitive information on a targeted system.</p> <p>The vulnerability is due to improper handling of <em>iConfig </em>proxy requests by the affected software. An attacker who has knowledge of the IP address of a configured Zabbix proxy could exploit this vulnerability by sending customized <em>iConfig </em>proxy request packets to a targeted Zabbix server. A successful exploit could allow the attacker to access sensitive information from any configured Zabbix proxy.</p></p> <p>Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.</p> <p>Zabbix has not publicly confirmed this vulnerability and software updates are not available.</p> <br/>Security Impact Rating: Low <br/>CVE: CVE-2017-2826 Mon, 16 Apr 2018 13:40:13 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57464 Linux Kernel Failure Conditions Local Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57475&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Linux%20Kernel%20Failure%20Conditions%20Local%20Denial%20of%20Service%20Vulnerability&vs_k=1 <p><p>A vulnerability in the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.</p> <p>The vulnerability is due to improper handling of analog telephone adapter (ATA) device commands by the <em>drivers/scsi/libsas/sas_scsi_host.c</em> source code file of the affected software. An attacker could exploit this vulnerability by executing ATA device commands to trigger certain failure conditions on a targeted system. An attacker could cause an <em>ata qc</em> leak, resulting in a DoS condition on the system.</p></p> <p>Kernel.org has confirmed the vulnerability and released software updates.</p> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-10021 Fri, 13 Apr 2018 19:09:48 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57475 zsh utils.c:checkmailpath Function Local Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57474&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=zsh%20utils.c:checkmailpath%20Function%20Local%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 <p>A vulnerability in the <em>utils.c:checkmailpath</em> function&nbsp;of the zsh utility could allow a local attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability is due to improper bounds checking by the affected software when the&nbsp;<em>utils.c:checkmailpath</em> function, as defined in the <em>Src/utils.c</em> source code file of the affected software, is used. An attacker could exploit this vulnerability by creating a malicious message file that is designed to set a custom message and sending the file to a targeted user. If the user opens the message, a stack-based buffer overflow condition could occur, which the attacker could use to execute arbitrary code with the privileges of the user. If the user has elevated privileges, a successful exploit could result in a complete system compromise.</p> <p>The vendor has confirmed the vulnerability and released software updates.</p> <br/>Security Impact Rating: High <br/>CVE: CVE-2018-1100 Fri, 13 Apr 2018 18:16:53 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57474 HPE Intelligent Management Center PLAT Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57477&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=HPE%20Intelligent%20Management%20Center%20PLAT%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 <p><p>A vulnerability in HPE Intelligent Management Center (IMC) PLAT could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.</p> <p>The vulnerability exists in the <em>MibBrowserTopoFilterServlet</em> of the affected software and is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting crafted input to the targeted system. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges, which could result in a complete system compromise.</p></p> <p>HPE has confirmed the vulnerability and released software updates.</p> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-12556 Fri, 13 Apr 2018 15:10:38 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57477 Joomla! JMS Music Component SQL Injection Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57478&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Joomla!%20JMS%20Music%20Component%20SQL%20Injection%20Vulnerability&vs_k=1 <p><p>A vulnerability in the JMS Music component of Joomla! could allow an unauthenticated, remote attacker to conduct an SQL injection attack on a targeted system.</p> <p>The vulnerability is due to insufficient protections imposed by the affected software on certain search parameters. An attacker could exploit this vulnerability by sending a GET request with either the keyword, username, or artist parameter to a targeted system. A successful exploit could allow the attacker to conduct an SQL injection attack on the system.</p></p> <p>Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.</p> <p>Administrators are advised to contact the vendor regarding future updates and releases.</p> <p>Administrators are advised to allow only trusted users to have network access.</p> <p>Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access affected systems.</p> <p>Administrators are advised to implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent attacks that attempt to exploit this vulnerability.</p> <p>Administrators can apply Snort SID 46041 to help prevent attacks that attempt to exploit this vulnerability.<br /> <br /> Administrators are advised to monitor affected systems.</p> <br/>Security Impact Rating: High <br/>CVE: CVE-2018-6581 Fri, 13 Apr 2018 14:58:10 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57478 Microsoft Edge Scripting Engine Memory Corruption Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57366&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Edge%20Scripting%20Engine%20Memory%20Corruption%20Vulnerability&vs_k=1 A vulnerability in the Chakra scripting engine used by Microsoft Edge could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.<br /> <br /> Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-0995 Thu, 12 Apr 2018 19:25:10 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57366 Microsoft Edge Scripting Engine Memory Corruption Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57365&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Edge%20Scripting%20Engine%20Memory%20Corruption%20Vulnerability&vs_k=1 A vulnerability in the Chakra scripting engine used by Microsoft Edge could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.<br /> <br /> Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-0994 Thu, 12 Apr 2018 19:25:08 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57365 Microsoft Edge Scripting Engine Memory Corruption Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57364&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Edge%20Scripting%20Engine%20Memory%20Corruption%20Vulnerability&vs_k=1 A vulnerability in the Chakra scripting engine used by Microsoft Edge could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.<br /> <br /> Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-0993 Thu, 12 Apr 2018 19:25:05 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57364 libXcursor Cursor Processing Integer Overflow Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57450&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=libXcursor%20Cursor%20Processing%20Integer%20Overflow%20Vulnerability&vs_k=1 <p><p>A vulnerability in libXcursor could allow a local attacker to execute arbitrary code or cause a denial of service (DoS) condition on a targeted system.</p> <p>The vulnerability is due to an integer overflow condition that could occur when the affected software parses image files or processes malicious cursors. An attacker could exploit this vulnerability by persuading a user to open a malicious image file. An exploit could trigger a heap overflow condition that the attacker could use to execute arbitrary code or cause a DoS condition.</p></p> <p>freedesktop.org has confirmed the vulnerability and released software patches.</p> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-16612 Thu, 12 Apr 2018 18:47:49 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57450 Foreman oVirt/RHV Hosts Information Disclosure Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57419&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Foreman%20oVirt/RHV%20Hosts%20Information%20Disclosure%20Vulnerability&vs_k=1 <p><p>A vulnerability in Foreman could allow an authenticated, remote attacker to access sensitive information on a targeted system.</p> <p>The vulnerability is due to improper security restrictions set on the API used by the affected software to change the power state on oVirt compute resources. An attacker who has limited permission for powering oVirt and RHV hosts on and off could exploit this vulnerability to access the username and password used to connect to computing resources on a targeted system. A successful exploit could be used to conduct further attacks.</p></p> <p>Foreman has confirmed the vulnerability and released software updates.</p> <br/>Security Impact Rating: High <br/>CVE: CVE-2018-1097 Thu, 12 Apr 2018 14:51:54 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57419 RubyGems homepage Attribute Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57445&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=RubyGems%20homepage%20Attribute%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <p><p>A vulnerability in the <em>homepage </em>attribute when displayed through the gem server in RubyGems could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system.</p> <p>The vulnerability is due to insufficient validation of user-supplied input by the affected software<strong></strong><strong></strong>. An attacker could exploit this vulnerability by persuading a user to browse to and open a malicious gem on an attacker-controlled gem server. A successful exploit could allow the attacker to execute arbitrary script code or allow the attacker to access sensitive browser-based information on the affected system.</p></p> <p>RubyGems.org has confirmed the vulnerability in a security advisory and released software updates.</p> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-1000078 Wed, 11 Apr 2018 21:30:19 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57445 Apache Commons Compress ZIP Archive Extra Field Parser Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57449&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Apache%20Commons%20Compress%20ZIP%20Archive%20Extra%20Field%20Parser%20Denial%20of%20Service%20Vulnerability&vs_k=1 <p><p>A vulnerability in the extra field parser of Apache Commons Compress could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.</p> <p>The vulnerability is due to the improper parsing of <em>.zip</em> archive files by the extra field parser that is used by the ZipFile and ZipArchiveInputStream classes of the affected software. An attacker could exploit this vulnerability by persuading a user of a targeted system to open a malicious <em>.zip</em> archive file by using an application that uses the affected software. A successful exploit could cause an infinite loop in the extra field parser, which could result in a DoS condition on the targeted system.</p></p> <p>The Apache Software Foundation has confirmed the vulnerability in a security advisory and released software updates.</p> <br/>Security Impact Rating: Low <br/>CVE: CVE-2018-1324 Wed, 11 Apr 2018 19:17:44 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57449 Linux Kernel unimac_mdio_probe Function Local Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57448&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Linux%20Kernel%20unimac_mdio_probe%20Function%20Local%20Denial%20of%20Service%20Vulnerability&vs_k=1 <p><p>A vulnerability in the <em>unimac_mdio_probe</em>&nbsp;function of the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.</p> <p>The vulnerability is due to an unchecked return value from the <em>platform_get_resource()</em> function of the affected software. An attacker could exploit this vulnerability to trigger a NULL pointer dereference condition in the <em>unimac_mdio_probe</em>&nbsp;function, as defined in the <em>drivers/net/phy/mdio-bcm-unimac.c</em>&nbsp;source code file of the affected software. A successful exploit could result in a DoS condition.</p></p> <p>Kernel.org has confirmed the vulnerability and released software updates.</p> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-8043 Wed, 11 Apr 2018 18:16:20 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57448 Apache Solr XXE Arbitrary Local File Read Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57447&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Apache%20Solr%20XXE%20Arbitrary%20Local%20File%20Read%20Vulnerability&vs_k=1 <p><p>A vulnerability in the <em>DataImportHandler</em> of Apache Solr could allow an unauthenticated, remote attacker to conduct an XML external entity expansion (XXE) attack on a targeted system.</p> <p>The vulnerability exists in the <em>dataConfig</em> request parameter in the <em>DataImportHandler</em> of the affected software. An attacker could exploit this vulnerability by making a customized file, FTP, or HTTP request to the targeted system. A successful exploit could allow the attacker to conduct an XXE attack, which the attacker could use to read sensitive, local file information on the system or to access sensitive information from the internal network in which the system resides.</p></p> <p>Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.</p> <p>The Apache Software Foundation has confirmed the vulnerability and released software updates.</p> <br/>Security Impact Rating: High <br/>CVE: CVE-2018-1308 Wed, 11 Apr 2018 16:33:39 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57447 FFmpeg export Function Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57446&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=FFmpeg%20export%20Function%20Denial%20of%20Service%20Vulnerability&vs_k=1 <p>A vulnerability in the <em>export</em>&nbsp;function of FFmpeg could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability occurs when the affected software processes files with long filenames using the&nbsp;<em>export</em> function, as defined in the&nbsp;<em>libavfilter/vf_signature.c</em>&nbsp;source code file of the affected software. An attacker could exploit this vulnerability by persuading a targeted user to open a file with a long filename. A successful exploit could trigger an out-of-array access condition, causing the affected software to stop functioning and resulting in a DoS condition on the affected system.</p> The vendor has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-9841 Wed, 11 Apr 2018 15:06:40 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57446 Microsoft Malware Protection Engine Remote Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57451&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Malware%20Protection%20Engine%20Remote%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in the Microsoft Malware Protection Engine component of multiple Microsoft products could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability is due to improper file-scanning operations that are performed by the affected software. An attacker could exploit this vulnerability by persuading a user to access a file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the LocalSystem account and compromise the system completely.<br /> <br /> Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-0986 Tue, 10 Apr 2018 20:22:35 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57451 Pivotal Software Spring Framework Multipart Request Processing Content Injection Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57444&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Pivotal%20Software%20Spring%20Framework%20Multipart%20Request%20Processing%20Content%20Injection%20Vulnerability&vs_k=1 <p><p>A vulnerability in the Spring Framework could allow an authenticated, remote attacker to inject arbitrary content as part of a multipart request to another server.</p> <p>The vulnerability is due to improper processing of multipart requests by the affected software. An attacker who has access to an affected system could exploit this vulnerability by making a multipart request that injects malicious content to a targeted server, which could cause the targeted server to use wrong values and possibly lead to privilege escalation.</p></p> <p>Pivotal Software has confirmed the vulnerability and released software updates.</p> <br/>Security Impact Rating: Low <br/>CVE: CVE-2018-1272 Tue, 10 Apr 2018 19:01:22 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57444 Pivotal Software Spring Framework URL Processing Directory Traversal Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57443&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Pivotal%20Software%20Spring%20Framework%20URL%20Processing%20Directory%20Traversal%20Vulnerability&vs_k=1 <p><p>A vulnerability in the <em>spring-webmvc</em> module in the Spring Framework could allow an unauthenticated, remote attacker to conduct a directory traversal attack on a targeted system.</p> <p>The vulnerability is due to the improper serving of static resources from a file system on Microsoft Windows systems by the affected software. An attacker could exploit this vulnerability by sending a malicious request using a crafted URL to a targeted system. An exploit could allow the attacker to conduct a directory traversal attack on the system, which the attacker could use to overwrite, delete, or read sensitive file information on the system.</p></p> <p>Pivotal Software has confirmed the vulnerability and released software updates.</p> <br/>Security Impact Rating: High <br/>CVE: CVE-2018-1271 Tue, 10 Apr 2018 18:40:13 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57443 Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57466&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Wireless%20Keyboard%20850%20Security%20Feature%20Bypass%20Vulnerability&vs_k=1 A vulnerability in the Microsoft Wireless Keyboard 850 could allow an attacker who has physical access to a targeted device to bypass security restrictions for the device.<br /> <br /> The vulnerability is due to improper cryptographic key management by the affected device. An attacker could exploit this vulnerability by extracting the Advanced Encryption Standard (AES) key from a targeted device and using the key to transmit arbitrary keyboard human interface device (HID) packets to the device dongle via a 2.4-GHz wireless connection. A successful exploit could allow the attacker to send arbitrary commands to the targeted system and intercept keystrokes from the system.<br /> <br /> Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Low <br/>CVE: CVE-2018-8117 Tue, 10 Apr 2018 18:21:15 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57466 Microsoft Visual Studio Information Disclosure Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57465&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Visual%20Studio%20Information%20Disclosure%20Vulnerability&vs_k=1 A vulnerability in Microsoft Visual Studio could allow an unauthenticated, remote attacker to access sensitive information on a targeted system.<br /><br />The vulnerability exists because the affected software improperly exposes uninitialized memory content when compiling application database files. An attacker could exploit this vulnerability by persuading a user to provide the attaker with the program database (PDB) file generated by the affected software when. A successful exploit could allow the attacker to access sensitive information on the targeted system, which could be used to conduct additional attacks.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Low <br/>CVE: CVE-2018-1037 Tue, 10 Apr 2018 18:21:13 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57465 Microsoft Windows IPsec Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57452&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Windows%20IPsec%20Denial%20of%20Service%20Vulnerability&vs_k=1 A vulnerability in the IP security (IPsec) component of Microsoft Windows could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit this vulnerability by sending a request that submits malicious input to a targeted system. A successful exploit could allow the attacker to cause the targeted system to stop responding, resulting in a DoS condition.<br /> <br /> Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-8116 Tue, 10 Apr 2018 18:21:10 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57452 Microsoft SharePoint Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57397&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20SharePoint%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 A vulnerability in Microsoft SharePoint Server could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks on a targeted system.<br /><br />The vulnerability is due to the affected software improperly sanitizing web requests. An attacker could exploit this vulnerability by sending a web request that submits malicious input to an affected SharePoint Server. A successful exploit could allow the attacker to access sensitive browser-based information, inject malicious content into a user's web browser, and take actions in the security context of a user of an affected SharePoint Server.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-1034 Tue, 10 Apr 2018 18:21:08 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57397 Microsoft SharePoint Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57396&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20SharePoint%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 A vulnerability in Microsoft SharePoint Server could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks on a targeted system.<br /><br />The vulnerability is due to the affected software improperly sanitizing web requests. An attacker could exploit this vulnerability by sending a web request that submits malicious input to an affected SharePoint Server. A successful exploit could allow the attacker to access sensitive browser-based information, inject malicious content into a user's web browser, and take actions in the security context of a user of an affected SharePoint Server.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-1032 Tue, 10 Apr 2018 18:21:06 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57396 Microsoft Excel Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57395&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Excel%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in Microsoft Excel could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /><br />The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-1030 Tue, 10 Apr 2018 18:21:04 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57395 Microsoft Excel Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57394&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Excel%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in Microsoft Excel could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /><br />The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-1029 Tue, 10 Apr 2018 18:21:01 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57394 Microsoft Office Graphics Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57393&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Office%20Graphics%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in the graphics component of Microsoft Office could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /><br />The vulnerability is due to improper handling of embedded fonts by the affected software. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with user privileges. If the user has elevated privileges, the attacker could compromise the system completely.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-1028 Tue, 10 Apr 2018 18:20:59 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57393 Microsoft Excel Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57392&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Excel%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in Microsoft Excel could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /><br />The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-1027 Tue, 10 Apr 2018 18:20:57 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57392 Microsoft Excel Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57391&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Excel%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in Microsoft Excel could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /><br />The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-1026 Tue, 10 Apr 2018 18:20:54 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57391 Microsoft Edge and Internet Explorer Memory Corruption Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57390&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Edge%20and%20Internet%20Explorer%20Memory%20Corruption%20Vulnerability&vs_k=1 A vulnerability in Microsoft Edge and Internet Explorer could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /><br />The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-1023 Tue, 10 Apr 2018 18:20:52 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57390 Microsoft Internet Explorer Memory Corruption Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57388&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Internet%20Explorer%20Memory%20Corruption%20Vulnerability&vs_k=1 A vulnerability in Microsoft Internet Explorer could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /><br />The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-1020 Tue, 10 Apr 2018 18:20:49 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57388 Microsoft Edge Scripting Engine Memory Corruption Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57387&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Edge%20Scripting%20Engine%20Memory%20Corruption%20Vulnerability&vs_k=1 A vulnerability in the Chakra scripting engine used by Microsoft Edge could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /><br />The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-1019 Tue, 10 Apr 2018 18:20:47 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57387 Microsoft Internet Explorer Memory Corruption Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57386&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Internet%20Explorer%20Memory%20Corruption%20Vulnerability&vs_k=1 A vulnerability in Microsoft Internet Explorer could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /><br />The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-1018 Tue, 10 Apr 2018 18:20:44 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57386 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57385&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Windows%20Embedded%20OpenType%20Font%20Engine%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in the Embedded OpenType (EOT) font engine used by Microsoft Windows could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /><br />The vulnerability is due to improper handling of embedded fonts by the affected software. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with user privileges. If the user has elevated privileges, the attacker could compromise the system completely.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-1016 Tue, 10 Apr 2018 18:20:42 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57385 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57384&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Windows%20Embedded%20OpenType%20Font%20Engine%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in the Embedded OpenType (EOT) font engine used by Microsoft Windows could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /><br />The vulnerability is due to improper handling of embedded fonts by the affected software. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with user privileges. If the user has elevated privileges, the attacker could compromise the system completely.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-1015 Tue, 10 Apr 2018 18:20:39 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57384 Microsoft SharePoint Elevation of Privilege Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=57383&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20SharePoint%20Elevation%20of%20Privilege%20Vulnerability&vs_k=1 A vulnerability in Microsoft SharePoint could allow an authenticated, remote attacker to gain elevated privileges on a targeted system.<br /><br />The vulnerability is due to the affected software insufficiently sanitizing redirects from link addresses. An attacker could exploit this vulnerability by creating a video page, which contains a Silverlight dependency and a malicious link to the Silverlight software, and persuading a user to access the link. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user.<br /><br />Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-1014 Tue, 10 Apr 2018 18:20:37 CDT https://tools.cisco.com/security/center/viewAlert.x?alertId=57383