2018-APR-10 FSL version 7.6.16
MCAFEE FOUNDSTONE FSL UPDATE
To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.
NEW CHECKS
23339 - (MSPT-Apr2018) Microsoft JET Database Engine Remote Code Execution (CVE-2018-1003)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1003
Description A vulnerability in some versions of Microsoft JET Database could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft JET Database could lead to remote code execution.
The flaw lies in the Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23346 - (MSPT-Apr2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-0990)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0990
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23347 - (MSPT-Apr2018) Microsoft Edge Chakra Remote Code Execution Vulnerability (CVE-2018-0993)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0993
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Chakra component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23348 - (MSPT-Apr2018) Microsoft Edge Chakra Remote Code Execution Vulnerability (CVE-2018-0994)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0994
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Chakra component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23349 - (MSPT-Apr2018) Microsoft Edge Chakra Remote Code Execution Vulnerability (CVE-2018-0995)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0995
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Chakra component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23355 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1029)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1029
Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
The flaw lies is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23356 - (MSPT-Apr2018) Microsoft Office Memory Handling Remote Code Execution (CVE-2018-0920)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0920
Description A vulnerability in some versions of Microsoft Office could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution.
The flaw is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23357 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1030)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1030
Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
The flaw is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23384 - (MSPT-Apr2018) Microsoft VBScript Memory Remote Code Execution (CVE-2018-1004)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1004
Description A vulnerability in some versions of Microsoft VBScript could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft VBScript could lead to remote code execution.
The flaw is due to improper handling of objects in memory in the VBScript engine. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23389 - (MSPT-Apr2018) Microsoft Office Graphics Remote Code Execution (CVE-2018-1028)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1028
Description A vulnerability in some versions of Microsoft Office could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution.
The flaw lies in the Graphics component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23396 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Corruption Remote Code Execution Vulnerability (CVE-2018-0870)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0870
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
The flaw lies in a memory corruption error. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23402 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1011)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1011
Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
The flaw is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23403 - (MSPT-Apr2018) Microsoft Office Remote Code Execution (CVE-2018-1026)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1026 Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
The flaw is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23404 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1027)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1027
Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
The flaw lies in the Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23406 - (MSPT-Apr2018) Microsoft Windows EOT Font Engine Remote Code Execution (CVE-2018-1010)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1010
Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
The flaw lies in the EOT Font Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23407 - (MSPT-Apr2018) Microsoft Windows EOT Font Engine Remote Code Execution (CVE-2018-1012)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1012
Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
The flaw lies in the EOT Font Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23408 - (MSPT-Apr2018) Microsoft Windows EOT Font Engine Remote Code Execution (CVE-2018-1013)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1013
Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
The flaw lies in the EOT Font Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23409 - (MSPT-Apr2018) Microsoft Windows EOT Font Engine Remote Code Execution (CVE-2018-1015)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1015
Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
The flaw lies in the EOT Font Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23410 - (MSPT-Apr2018) Microsoft Windows EOT Font Engine Remote Code Execution (CVE-2018-1016)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1016
Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
The flaw lies in the EOT Font Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23424 - (APSB18-08) Vulnerabilities In Adobe Flash Player
Category: Windows Host Assessment -> Adobe Patches Only (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-4932, CVE-2018-4933, CVE-2018-4934, CVE-2018-4935, CVE-2018-4936, CVE-2018-4937
Description Multiple vulnerabilities are present in some versions of Adobe Flash Player.
Observation Adobe Flash Player is a software for viewing rich Internet applications, streaming audio, video and multimedia files.
Multiple vulnerabilities are present in some versions of Adobe Flash Player. The flaws lie in the Adobe Flash Player Runtime. Successful exploitation could allow an attacker to retrieve sensitive data or execute remote code and take control of the affected system.
23425 - (APSB18-08) Vulnerabilities In Adobe Flash Player
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-4932, CVE-2018-4933, CVE-2018-4934, CVE-2018-4935, CVE-2018-4936, CVE-2018-4937
Description Multiple vulnerabilities are present in some versions of Adobe Flash Player.
Observation Adobe Flash Player is a software for viewing rich Internet applications, streaming audio, video and multimedia files.
Multiple vulnerabilities are present in some versions of Adobe Flash Player. The flaws lie in the Adobe Flash Player Runtime. Successful exploitation could allow an attacker to retrieve sensitive data or execute remote code and take control of the affected system.
23368 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Corruption Remote Code Execution (CVE- 2018-0988)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0988
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
The flaw lies in a memory corruption error. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23338 - (MSPT-Apr2018) Microsoft Windows Device Guard Security Bypass (CVE-2018-0966)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0966
Description A vulnerability in some versions of Microsoft Windows could lead to security bypass.
Observation A vulnerability in some versions of Microsoft Windows could lead to security bypass.
The flaw lies in the Device Guard component. Successful exploitation by a remote attacker could result in the bypass of intended access restrictions.
23360 - (MSPT-Apr2018) Microsoft HTTP.sys Request Parsing Denial of Service (CVE-2018-0956)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0956
Description A vulnerability in some versions of Microsoft HTTP.sys could lead to a denial of service.
Observation A vulnerability in some versions of Microsoft HTTP.sys could lead to a denial of service.
The flaw is due to improper handling of specially crafted HTTP 2.0 requests. Successful exploitation by a remote attacker could result in a denial of service condition.
23362 - (MSPT-Apr2018) Microsoft Windows SNMP Service Denial of Service (CVE-2018-0967)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0967
Description A vulnerability in some versions of Microsoft Windows could lead to a denial of service.
Observation A vulnerability in some versions of Microsoft Windows could lead to a denial of service.
The flaw lies in the SNMP Service component. Successful exploitation by a remote attacker could result in a denial of service condition.
23374 - (MSPT-Apr2018) Microsoft DirectX Graphics Kernel Subsystem Privilege Escalation (CVE-2018- 1009)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1009
Description A vulnerability in some versions of Microsoft DirectX could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft DirectX could lead to privilege escalation.
The flaw lies in the Graphics Kernel Subsystem component.Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.
23375 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Corruption Remote Code Execution (CVE- 2018-0996)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0996
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
The flaw lies in the scripting engine memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23376 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Corruption Remote Code Execution (CVE- 2018-0997)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0997
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
The flaw lies in the Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23381 - (MSPT-Apr2018) Microsoft Windows Remote Desktop Denial of Service (CVE-2018-0976)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0976
Description A vulnerability in some versions of Microsoft Windows could lead to a denial of service.
Observation A vulnerability in some versions of Microsoft Windows could lead to a denial of service.
The flaw lies in the Remote Desktop component. Successful exploitation by a remote attacker could result in a denial of service condition.
23382 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0975)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0975
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw is due to improper handling of the memory address of a kernel object. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the attacker to have valid credentials to the vulnerable system.
23383 - (MSPT-Apr2018) Microsoft Outlook Rich Text Format Information Disclosure (CVE-2018-0950)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0950
Description A vulnerability in some versions of Microsoft Office could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Office could lead to information disclosure.
The flaw is due to improper handling of OLE objects in Rich Text Format email messages. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.
23390 - (MSPT-Apr2018) Microsoft Internet Explorer Scripting Engine Memory Information Disclosure Vulnerability (CVE-2018-1000)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1000
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.
The flaw lies in the Scripting Engine Memory component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.
23391 - (MSPT-Apr2018) Microsoft Internet Explorer Scripting Engine Memory Remote Code Execution Vulnerability (CVE-2018-1001)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1001
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
The flaw lies in the Scripting Engine Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23394 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Remote Code Execution Vulnerability (CVE- 2018-1018)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1018
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
The flaw lies in the Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23395 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Remote Code Execution Vulnerability (CVE- 2018-1020)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1020
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
The flaw lies in the Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23397 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Handling Information Disclosure Vulneribility (CVE-2018-0981)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0981
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.
The flaw lies in a memory handling error. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.
23398 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Handling Information Disclosure Vulnerability (CVE-2018-0987)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0987
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.
The flaw lies in a memory handling error. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.
23350 - (MSPT-Apr2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-0979)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0979
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23345 - (MSPT-Apr2018) Microsoft Edge Memory Handling Information Disclosure Vulnerability (CVE-2018- 0892) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0892
Description A vulnerability in some versions of Microsoft Edge could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Edge could lead to information disclosure.
The flaw lies in a memory handling error. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.
23351 - (MSPT-Apr2018) Microsoft Edge PDF Reader Information Disclosure Vulnerability (CVE-2018-0998)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0998
Description A vulnerability in some versions of Microsoft Edge could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Edge could lead to information disclosure.
The flaw lies in the PDF Reader component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.
23352 - (MSPT-Apr2018) Microsoft Windows Hyper-V Information Disclosure (CVE-2018-0957)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0957
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Hyper-V component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
23354 - (MSPT-Apr2018) Microsoft Windows Hyper-V Information Disclosure (CVE-2018-0964)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0964 Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Hyper-V component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
23358 - (MSPT-Apr2018) Microsoft Office Graphics Information Disclosure (CVE-2018-1007)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1007
Description A vulnerability in some versions of Microsoft Office could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Office could lead to information disclosure.
The flaw lies in the Graphics component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
23361 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0887)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0887
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Kernel component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
23363 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0960)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0960
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Kernel component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
23364 - (MSPT-Apr2018) Microsoft Windows Kernel Privilege Escalation (CVE-2018-0963)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0963
Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.
The flaw lies in the Kernel component.Successful exploitation could allow a local user to gain elevated privileges.The exploit requires the attacker to have valid credentials to the vulnerable system.
23365 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0968)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0968
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Kernel component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
23366 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0969)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0969
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Kernel component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system. 23367 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0970)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0970
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Kernel component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
23369 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0971)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0971
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Kernel component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
23370 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0972)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0972
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Kernel component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
23371 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0973)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0973
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Kernel component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
23372 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Handling Information Disclosure (CVE-2018- 0989)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0989
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.
The flaw lies in a memory handling error. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.
23373 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Corruption Remote Code Execution (CVE- 2018-0991)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0991
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
The flaw lies in a memory corruption error. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23377 - (MSPT-Apr2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution (CVE-2018- 0980)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0980 Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23378 - (MSPT-Apr2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution (CVE-2018- 1019)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1019
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
The flaw lies in the Chakra component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23380 - (MSPT-Apr2018) Microsoft Browser Memory Corruption Remote Code Execution (CVE-2018-1023)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1023
Description A vulnerability in some versions of Microsoft Browser could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Browser could lead to remote code execution.
The flaw lies in the Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23385 - (MSPT-Apr2018) Microsoft Sharepoint Web Request Sanitization Privilege Escalation (CVE-2018- 1005)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1005
Description A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation. Observation A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation.
The flaw is due to improper handling of a specially crafted web request. Successful exploitation could allow an authenticated user to gain elevated privileges. The exploit requires a malicious user to sent a specially crafted web request to the affected Sharepoint server.
23386 - (MSPT-Apr2018) Microsoft Sharepoint Web Request Sanitization Privilege Escalation (CVE-2018- 1014)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1014
Description A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation.
The flaw is due to improper handling of a specially crafted web request. Successful exploitation could allow an authenticated user to gain elevated privileges. The exploit requires a malicious user to sent a specially crafted web request to the affected Sharepoint server.
23387 - (MSPT-Apr2018) Microsoft Sharepoint Web Request Sanitization Privilege Escalation (CVE-2018- 1032)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1032
Description A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation.
The flaw is due to improper handling of a specially crafted web request. Successful exploitation could allow an authenticated user to gain elevated privileges. The exploit requires the user to open a vulnerable website, email or document.
23388 - (MSPT-Apr2018) Microsoft Sharepoint Web Request Sanitization Privilege Escalation (CVE-2018- 1034)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1034
Description A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation. Observation A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation.
The flaw lies in the Web Request Sanitization component.Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the user to open a vulnerable website, email or document.
23399 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure Vulnerability (CVE-2018-0974)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0974
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
The flaw lies in the Kernel component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
23405 - (MSPT-Apr2018) Microsoft Windows OpenType Font Driver Privilege Escalation (CVE-2018-1008)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1008
Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.
The flaw lies in the OpenType Font Driver component.Successful exploitation could allow a local user to gain elevated privileges.The exploit requires the attacker to have valid credentials to the vulnerable system.
23418 - (MSPT-Apr2018) Microsoft Visual Studio Memory Information Disclosure (CVE-2018-1037)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1037
Description A vulnerability in some versions of Microsoft Visual Studio could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Visual Studio could lead to information disclosure.
The flaw lies in the way Visual Studio compiles program database (PDB) files. Compiling source code with an affected version of Visual Studio could lead to uninitialized memory disclosure within the PDB file structure. The exploit requires the user to open PDB files compiled with an affected version of Visual Studio.
23419 - (MSPT-Apr2018) Microsoft Windows Graphics Component Denial of Service (CVE-2018-8116)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8116
Description A vulnerability in some versions of Microsoft Windows could lead to a denial of service.
Observation A vulnerability in some versions of Microsoft Windows could lead to a denial of service.
The flaw lies in the graphics component. Successful exploitation by a remote attacker could result in a denial of service condition.
23423 - (MSPT-Apr2018) Microsoft Active Directory Security Feature Security Bypass (CVE-2018-0890)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0890
Description A vulnerability in some versions of Microsoft Active Directory could lead to security bypass.
Observation A vulnerability in some versions of Microsoft Active Directory could lead to security bypass.
The flaw lies in the Network Isolation settings. Successful exploitation by an attacker could result in the bypass of intended access restrictions.The exploit requires the attacker to have valid credentials to the vulnerable system.
ENHANCED CHECKS
The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 88925 - Slackware Linux 14.0, 14.1, 14.2 SSA:2018-074-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122
Update Details Risk is updated
131051 - Debian Linux 8.0, 9.0 DSA-4136-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122 Update Details Risk is updated
146162 - SuSE Linux 42.2, 42.3 openSUSE-SU-2017:3329-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2017-16642, CVE-2017-9228, CVE-2017-9229
Update Details CVE is updated
163552 - Oracle Enterprise Linux ELSA-2018-0418 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-3157, CVE-2017-7870, CVE-2018-6871
Update Details CVE is updated
182644 - FreeBSD slurm-wlm SQL Injection Attacks Against SlurmDBD (b3e04661-2a0a-11e8-9e63- 3085a9a47796)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2018-7033
Update Details Risk is updated
186136 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3598-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122
Update Details Risk is updated
193391 - Fedora Linux 27 FEDORA-2018-8877b4ccac Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122
Update Details Risk is updated
193406 - Fedora Linux 26 FEDORA-2018-66c96e0024 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122
Update Details Risk is updated
193444 - Fedora Linux 27 FEDORA-2018-df1a571a34 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-7033
Update Details Risk is updated
193481 - Fedora Linux 28 FEDORA-2018-d078278c10 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-7033
Update Details Risk is updated
193493 - Fedora Linux 28 FEDORA-2018-bc65ab5014 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122
Update Details Risk is updated
22772 - (SB10210) Network Security Manager Improper Authorization Vulnerability
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-MAP-NOMATCH
Update Details CVE is updated
141911 - Red Hat Enterprise Linux RHSA-2018-0574 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6664, CVE-2017-10268, CVE-2017-10286, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384, CVE-2017- 3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3302, CVE-2017-3308, CVE-2017-3309, CVE-2017-3312, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE- 2017-3456, CVE-2017-3464, CVE-2017-3636, CVE-2017-3641, CVE-2017-3653
Update Details CVE is updated
182656 - FreeBSD SQLite Corrupt DB Can Cause A NULL Pointer Dereference (6d52bda1-2e54-11e8-a68f- 485b3931c969)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8740
Update Details Risk is updated
193425 - Fedora Linux 27 FEDORA-2018-07e15ad5a5 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8740
Update Details Risk is updated
193432 - Fedora Linux 26 FEDORA-2018-aace372c3f Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8740
Update Details Risk is updated
193483 - Fedora Linux 28 FEDORA-2018-bb66329dee Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8740
Update Details Risk is updated
186133 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3592-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-0202, CVE-2018-1000085
Update Details Risk is updated 193387 - Fedora Linux 26 FEDORA-2018-296bf0c332 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1068, CVE-2018-8087
Update Details Risk is updated
193392 - Fedora Linux 27 FEDORA-2018-959aac67a3 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1068, CVE-2018-8087
Update Details Risk is updated
193445 - Fedora Linux 27 FEDORA-2018-cf918d73cc Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1324
Update Details Risk is updated
193450 - Fedora Linux 26 FEDORA-2018-0c2141fcbc Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1324
Update Details Risk is updated
182014 - FreeBSD tiff Buffer Overflow (0ab66088-4aa5-11e6-a7bd-14dae9d210b8)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5314
Update Details CVE is updated
193427 - Fedora Linux 27 FEDORA-2018-e378863e47 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-18232 Update Details Risk is updated
193429 - Fedora Linux 26 FEDORA-2018-ba39fc0e07 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-18232
Update Details Risk is updated
15222 - DNS Cache Snooping Vulnerability
Category: General Vulnerability Assessment -> NonIntrusive -> Miscellaneous Risk Level: Informational CVE: CVE-MAP-NOMATCH
Update Details Recommendation is updated Risk is updated
70014 - netbios-helpers.fasl3.inc
Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH
Update Details FASLScript is updated
HOW TO UPDATE
FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.
FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.
MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.
MCAFEE TECHNICAL SUPPORT
ServicePortal: https://mysupport.mcafee.com Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.
Copyright 2018 McAfee, Inc. McAfee is a registered trademark of McAfee, Inc. and/or its affiliates