Security News

Microsoft Security Servicing Criteria for Windows

Security Research & Defense - Mon, 09/10/2018 - 05:55

One of our goals in the Microsoft Security Response Center (MSRC) is to be more transparent with security researchers and our customers on the criteria we use for determining when we intend to address a reported vulnerability through a security update. Our belief is that improving transparency on this topic helps provide clarity on how we assess risk, sets expectations for the types of vulnerabilities that we intend to service, and facilitates constructive dialogue as the threat landscape evolves over time. Ultimately, we believe this enables us all to work together to better protect Microsoft’s customers.

Toward this end, we released a draft version of the security servicing criteria for Windows in June, 2018. We received some great feedback from the research community and the broader security industry that we used to improve the clarity of this criteria. Today, we are happy to announce the publication of the first version of the security servicing criteria for Windows. We expect this to be a living document that evolves over time and we look forward to continuing the dialogue with the community on this topic.

Microsoft Security Servicing Criteria for Windows
Microsoft Vulnerability Severity Classification for Windows

Please reach out to us at switech@microsoft.com or @msftsecresponse on twitter to continue the discussion.

We’d like to acknowledge all of our partner teams from across Microsoft who helped to create and improve the clarity of this criteria.

Nate Warfield - Microsoft Security Response Center (MSRC)

Categories: Security News

CVE-2018-16790

National Vulnerability Database - Mon, 09/10/2018 - 01:29
_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer.
Categories: Security News

CVE-2018-16775

National Vulnerability Database - Mon, 09/10/2018 - 00:29
An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the site name in the "Categories" menu.
Categories: Security News

CVE-2018-16776

National Vulnerability Database - Mon, 09/10/2018 - 00:29
wityCMS 0.6.2 has XSS via the "Site Name" field found in the "Contact" "Configuration" page.
Categories: Security News

CVE-2018-16779

National Vulnerability Database - Mon, 09/10/2018 - 00:29
BlogCMS through 2016-10-25 has XSS via a comment.
Categories: Security News

CVE-2018-16780

National Vulnerability Database - Mon, 09/10/2018 - 00:29
Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment.
Categories: Security News

CVE-2018-16781

National Vulnerability Database - Mon, 09/10/2018 - 00:29
ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE signal) via a progressive JPEG file that lacks an AC Huffman table.
Categories: Security News

CVE-2018-16782

National Vulnerability Database - Mon, 09/10/2018 - 00:29
libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the bmpr_read_rle_internal function in imagew-bmp.c.
Categories: Security News

CVE-2018-16768

National Vulnerability Database - Mon, 09/10/2018 - 00:29
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in IR::FunctionValidationContext::end.
Categories: Security News

CVE-2018-16769

National Vulnerability Database - Mon, 09/10/2018 - 00:29
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled.
Categories: Security News

CVE-2018-16770

National Vulnerability Database - Mon, 09/10/2018 - 00:29
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because a certain new_allocator allocate call fails.
Categories: Security News

CVE-2018-16771

National Vulnerability Database - Mon, 09/10/2018 - 00:29
Hoosk v1.7.0 allows PHP code execution via a SiteUrl that is provided during installation and mishandled in config.php.
Categories: Security News

CVE-2018-16772

National Vulnerability Database - Mon, 09/10/2018 - 00:29
Hoosk v1.7.0 allows XSS via the Navigation Title of a new page entered at admin/pages/new.
Categories: Security News

CVE-2018-16773

National Vulnerability Database - Mon, 09/10/2018 - 00:29
EasyCMS 1.5 allows XSS via the index.php?s=/admin/fields/update/navTabId/listfields/callbackType/closeCurrent content field.
Categories: Security News

CVE-2018-16774

National Vulnerability Database - Mon, 09/10/2018 - 00:29
HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/language/ajax?action=delete.
Categories: Security News

CVE-2018-16764

National Vulnerability Database - Mon, 09/10/2018 - 00:29
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an IR::FunctionValidationContext::catch_all heap-based buffer over-read.
Categories: Security News

CVE-2018-16765

National Vulnerability Database - Mon, 09/10/2018 - 00:29
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else_.
Categories: Security News

CVE-2018-16766

National Vulnerability Database - Mon, 09/10/2018 - 00:29
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because Errors::unreachable() is reached.
Categories: Security News

CVE-2018-16767

National Vulnerability Database - Mon, 09/10/2018 - 00:29
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::popAndValidateOperand.
Categories: Security News

CVE-2018-16759

National Vulnerability Database - Sun, 09/09/2018 - 17:29
The removeXSS function in App/Common/common.php (called from App/Modules/Index/Action/SearchAction.class.php) in EasyCMS v1.4 allows XSS via an onhashchange event.
Categories: Security News

Pages