Mcafee Foundstone Fsl Update

2018-APR-10 FSL version 7.6.16

MCAFEE FOUNDSTONE FSL UPDATE

To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.

NEW CHECKS

23339 - (MSPT-Apr2018) Microsoft JET Database Engine Remote Code Execution (CVE-2018-1003)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1003

Description A vulnerability in some versions of Microsoft JET Database could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft JET Database could lead to remote code execution.

The flaw lies in the Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.

23346 - (MSPT-Apr2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-0990)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0990

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.

23347 - (MSPT-Apr2018) Microsoft Edge Chakra Remote Code Execution Vulnerability (CVE-2018-0993)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0993

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

The flaw lies in the Chakra component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.

23348 - (MSPT-Apr2018) Microsoft Edge Chakra Remote Code Execution Vulnerability (CVE-2018-0994)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0994

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

23349 - (MSPT-Apr2018) Microsoft Edge Chakra Remote Code Execution Vulnerability (CVE-2018-0995)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0995

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

23355 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1029)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1029

Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.

The flaw lies is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.

23356 - (MSPT-Apr2018) Microsoft Office Memory Handling Remote Code Execution (CVE-2018-0920)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0920

Description A vulnerability in some versions of Microsoft Office could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution.

The flaw is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.

23357 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1030)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1030

Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.

23384 - (MSPT-Apr2018) Microsoft VBScript Memory Remote Code Execution (CVE-2018-1004)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1004

Description A vulnerability in some versions of Microsoft VBScript could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft VBScript could lead to remote code execution.

The flaw is due to improper handling of objects in memory in the VBScript engine. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.

23389 - (MSPT-Apr2018) Microsoft Office Graphics Remote Code Execution (CVE-2018-1028)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1028

Description A vulnerability in some versions of Microsoft Office could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution.

The flaw lies in the Graphics component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.

23396 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Corruption Remote Code Execution Vulnerability (CVE-2018-0870)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0870

Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

The flaw lies in a memory corruption error. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.

23402 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1011)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1011

Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.

23403 - (MSPT-Apr2018) Microsoft Office Remote Code Execution (CVE-2018-1026)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1026 Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.

23404 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1027)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1027

Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.

23406 - (MSPT-Apr2018) Microsoft Windows EOT Font Engine Remote Code Execution (CVE-2018-1010)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1010

Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

The flaw lies in the EOT Font Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.

23407 - (MSPT-Apr2018) Microsoft Windows EOT Font Engine Remote Code Execution (CVE-2018-1012)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1012

Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

23408 - (MSPT-Apr2018) Microsoft Windows EOT Font Engine Remote Code Execution (CVE-2018-1013)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1013

Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

23409 - (MSPT-Apr2018) Microsoft Windows EOT Font Engine Remote Code Execution (CVE-2018-1015)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1015

Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

23410 - (MSPT-Apr2018) Microsoft Windows EOT Font Engine Remote Code Execution (CVE-2018-1016)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1016

Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

Category: Windows Host Assessment -> Adobe Patches Only (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-4932, CVE-2018-4933, CVE-2018-4934, CVE-2018-4935, CVE-2018-4936, CVE-2018-4937

Description Multiple vulnerabilities are present in some versions of Adobe Flash Player.

Observation Adobe Flash Player is a software for viewing rich Internet applications, streaming audio, video and multimedia files.

Multiple vulnerabilities are present in some versions of Adobe Flash Player. The flaws lie in the Adobe Flash Player Runtime. Successful exploitation could allow an attacker to retrieve sensitive data or execute remote code and take control of the affected system.

23425 - (APSB18-08) Vulnerabilities In Adobe Flash Player

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-4932, CVE-2018-4933, CVE-2018-4934, CVE-2018-4935, CVE-2018-4936, CVE-2018-4937

Description Multiple vulnerabilities are present in some versions of Adobe Flash Player.

Observation Adobe Flash Player is a software for viewing rich Internet applications, streaming audio, video and multimedia files.

23368 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Corruption Remote Code Execution (CVE- 2018-0988)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0988

Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

23338 - (MSPT-Apr2018) Microsoft Windows Device Guard Security Bypass (CVE-2018-0966)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0966

Description A vulnerability in some versions of Microsoft Windows could lead to security bypass.

Observation A vulnerability in some versions of Microsoft Windows could lead to security bypass.

The flaw lies in the Device Guard component. Successful exploitation by a remote attacker could result in the bypass of intended access restrictions.

23360 - (MSPT-Apr2018) Microsoft HTTP.sys Request Parsing Denial of Service (CVE-2018-0956)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0956

Description A vulnerability in some versions of Microsoft HTTP.sys could lead to a denial of service.

Observation A vulnerability in some versions of Microsoft HTTP.sys could lead to a denial of service.

The flaw is due to improper handling of specially crafted HTTP 2.0 requests. Successful exploitation by a remote attacker could result in a denial of service condition.

23362 - (MSPT-Apr2018) Microsoft Windows SNMP Service Denial of Service (CVE-2018-0967)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0967

Description A vulnerability in some versions of Microsoft Windows could lead to a denial of service.

Observation A vulnerability in some versions of Microsoft Windows could lead to a denial of service.

The flaw lies in the SNMP Service component. Successful exploitation by a remote attacker could result in a denial of service condition.

23374 - (MSPT-Apr2018) Microsoft DirectX Graphics Kernel Subsystem Privilege Escalation (CVE-2018- 1009)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1009

Description A vulnerability in some versions of Microsoft DirectX could lead to privilege escalation.

Observation A vulnerability in some versions of Microsoft DirectX could lead to privilege escalation.

The flaw lies in the Graphics Kernel Subsystem component.Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.

23375 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Corruption Remote Code Execution (CVE- 2018-0996)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0996

Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

The flaw lies in the scripting engine memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.

23376 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Corruption Remote Code Execution (CVE- 2018-0997)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0997

Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

23381 - (MSPT-Apr2018) Microsoft Windows Remote Desktop Denial of Service (CVE-2018-0976)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0976

Description A vulnerability in some versions of Microsoft Windows could lead to a denial of service.

Observation A vulnerability in some versions of Microsoft Windows could lead to a denial of service.

The flaw lies in the Remote Desktop component. Successful exploitation by a remote attacker could result in a denial of service condition.

23382 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0975)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0975

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

The flaw is due to improper handling of the memory address of a kernel object. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the attacker to have valid credentials to the vulnerable system.

23383 - (MSPT-Apr2018) Microsoft Outlook Rich Text Format Information Disclosure (CVE-2018-0950)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0950

Description A vulnerability in some versions of Microsoft Office could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Office could lead to information disclosure.

The flaw is due to improper handling of OLE objects in Rich Text Format email messages. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.

23390 - (MSPT-Apr2018) Microsoft Internet Explorer Scripting Engine Memory Information Disclosure Vulnerability (CVE-2018-1000)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1000

Description A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.

The flaw lies in the Scripting Engine Memory component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.

23391 - (MSPT-Apr2018) Microsoft Internet Explorer Scripting Engine Memory Remote Code Execution Vulnerability (CVE-2018-1001)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1001

Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

The flaw lies in the Scripting Engine Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.

23394 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Remote Code Execution Vulnerability (CVE- 2018-1018)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1018

Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

23395 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Remote Code Execution Vulnerability (CVE- 2018-1020)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1020

Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

The flaw lies in the Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23397 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Handling Information Disclosure Vulneribility (CVE-2018-0981)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0981

Description A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.

The flaw lies in a memory handling error. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.

23398 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Handling Information Disclosure Vulnerability (CVE-2018-0987)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0987

Description A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.

23350 - (MSPT-Apr2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-0979)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0979

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

23345 - (MSPT-Apr2018) Microsoft Edge Memory Handling Information Disclosure Vulnerability (CVE-2018- 0892) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0892

Description A vulnerability in some versions of Microsoft Edge could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Edge could lead to information disclosure.

23351 - (MSPT-Apr2018) Microsoft Edge PDF Reader Information Disclosure Vulnerability (CVE-2018-0998)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0998

Description A vulnerability in some versions of Microsoft Edge could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Edge could lead to information disclosure.

The flaw lies in the PDF Reader component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.

23352 - (MSPT-Apr2018) Microsoft Windows Hyper-V Information Disclosure (CVE-2018-0957)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0957

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

The flaw lies in the Hyper-V component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.

23354 - (MSPT-Apr2018) Microsoft Windows Hyper-V Information Disclosure (CVE-2018-0964)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0964 Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

23358 - (MSPT-Apr2018) Microsoft Office Graphics Information Disclosure (CVE-2018-1007)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1007

Description A vulnerability in some versions of Microsoft Office could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Office could lead to information disclosure.

The flaw lies in the Graphics component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.

23361 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0887)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0887

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

The flaw lies in the Kernel component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.

23363 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0960)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0960

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

23364 - (MSPT-Apr2018) Microsoft Windows Kernel Privilege Escalation (CVE-2018-0963)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0963

Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.

Observation A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.

The flaw lies in the Kernel component.Successful exploitation could allow a local user to gain elevated privileges.The exploit requires the attacker to have valid credentials to the vulnerable system.

23365 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0968)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0968

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

23366 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0969)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0969

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0970

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

23369 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0971)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0971

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

23370 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0972)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0972

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

23371 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure (CVE-2018-0973)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0973

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

23372 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Handling Information Disclosure (CVE-2018- 0989)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0989

Description A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.

23373 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Corruption Remote Code Execution (CVE- 2018-0991)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0991

Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

23377 - (MSPT-Apr2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution (CVE-2018- 0980)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0980 Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

23378 - (MSPT-Apr2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution (CVE-2018- 1019)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1019

Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

23380 - (MSPT-Apr2018) Microsoft Browser Memory Corruption Remote Code Execution (CVE-2018-1023)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1023

Description A vulnerability in some versions of Microsoft Browser could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Browser could lead to remote code execution.

23385 - (MSPT-Apr2018) Microsoft Sharepoint Web Request Sanitization Privilege Escalation (CVE-2018- 1005)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1005

Description A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation. Observation A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation.

The flaw is due to improper handling of a specially crafted web request. Successful exploitation could allow an authenticated user to gain elevated privileges. The exploit requires a malicious user to sent a specially crafted web request to the affected Sharepoint server.

23386 - (MSPT-Apr2018) Microsoft Sharepoint Web Request Sanitization Privilege Escalation (CVE-2018- 1014)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1014

Description A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation.

Observation A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation.

23387 - (MSPT-Apr2018) Microsoft Sharepoint Web Request Sanitization Privilege Escalation (CVE-2018- 1032)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1032

Description A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation.

Observation A vulnerability in some versions of Microsoft Sharepoint could lead to privilege escalation.

The flaw is due to improper handling of a specially crafted web request. Successful exploitation could allow an authenticated user to gain elevated privileges. The exploit requires the user to open a vulnerable website, email or document.

23388 - (MSPT-Apr2018) Microsoft Sharepoint Web Request Sanitization Privilege Escalation (CVE-2018- 1034)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1034

The flaw lies in the Web Request Sanitization component.Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the user to open a vulnerable website, email or document.

23399 - (MSPT-Apr2018) Microsoft Windows Kernel Information Disclosure Vulnerability (CVE-2018-0974)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0974

Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

23405 - (MSPT-Apr2018) Microsoft Windows OpenType Font Driver Privilege Escalation (CVE-2018-1008)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1008

Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.

Observation A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.

The flaw lies in the OpenType Font Driver component.Successful exploitation could allow a local user to gain elevated privileges.The exploit requires the attacker to have valid credentials to the vulnerable system.

23418 - (MSPT-Apr2018) Microsoft Visual Studio Memory Information Disclosure (CVE-2018-1037)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1037

Description A vulnerability in some versions of Microsoft Visual Studio could lead to information disclosure.

Observation A vulnerability in some versions of Microsoft Visual Studio could lead to information disclosure.

The flaw lies in the way Visual Studio compiles program database (PDB) files. Compiling source code with an affected version of Visual Studio could lead to uninitialized memory disclosure within the PDB file structure. The exploit requires the user to open PDB files compiled with an affected version of Visual Studio.

23419 - (MSPT-Apr2018) Microsoft Windows Graphics Component Denial of Service (CVE-2018-8116)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-8116

Description A vulnerability in some versions of Microsoft Windows could lead to a denial of service.

Observation A vulnerability in some versions of Microsoft Windows could lead to a denial of service.

The flaw lies in the graphics component. Successful exploitation by a remote attacker could result in a denial of service condition.

23423 - (MSPT-Apr2018) Microsoft Active Directory Security Feature Security Bypass (CVE-2018-0890)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0890

Description A vulnerability in some versions of Microsoft Active Directory could lead to security bypass.

Observation A vulnerability in some versions of Microsoft Active Directory could lead to security bypass.

The flaw lies in the Network Isolation settings. Successful exploitation by an attacker could result in the bypass of intended access restrictions.The exploit requires the attacker to have valid credentials to the vulnerable system.

ENHANCED CHECKS

The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 88925 - Slackware Linux 14.0, 14.1, 14.2 SSA:2018-074-01 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122

Update Details Risk is updated

131051 - Debian Linux 8.0, 9.0 DSA-4136-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122 Update Details Risk is updated

146162 - SuSE Linux 42.2, 42.3 openSUSE-SU-2017:3329-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2017-16642, CVE-2017-9228, CVE-2017-9229

Update Details CVE is updated

163552 - Oracle Enterprise Linux ELSA-2018-0418 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-3157, CVE-2017-7870, CVE-2018-6871

Update Details CVE is updated

182644 - FreeBSD slurm-wlm SQL Injection Attacks Against SlurmDBD (b3e04661-2a0a-11e8-9e63- 3085a9a47796)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2018-7033

Update Details Risk is updated

186136 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3598-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122

Update Details Risk is updated

193391 - Fedora Linux 27 FEDORA-2018-8877b4ccac Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122

Update Details Risk is updated

193406 - Fedora Linux 26 FEDORA-2018-66c96e0024 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122

Update Details Risk is updated

193444 - Fedora Linux 27 FEDORA-2018-df1a571a34 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-7033

Update Details Risk is updated

193481 - Fedora Linux 28 FEDORA-2018-d078278c10 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-7033

Update Details Risk is updated

193493 - Fedora Linux 28 FEDORA-2018-bc65ab5014 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122

Update Details Risk is updated

22772 - (SB10210) Network Security Manager Improper Authorization Vulnerability

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-MAP-NOMATCH

Update Details CVE is updated

141911 - Red Hat Enterprise Linux RHSA-2018-0574 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6664, CVE-2017-10268, CVE-2017-10286, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384, CVE-2017- 3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3302, CVE-2017-3308, CVE-2017-3309, CVE-2017-3312, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE- 2017-3456, CVE-2017-3464, CVE-2017-3636, CVE-2017-3641, CVE-2017-3653

Update Details CVE is updated

182656 - FreeBSD SQLite Corrupt DB Can Cause A NULL Pointer Dereference (6d52bda1-2e54-11e8-a68f- 485b3931c969)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8740

Update Details Risk is updated

193425 - Fedora Linux 27 FEDORA-2018-07e15ad5a5 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8740

Update Details Risk is updated

193432 - Fedora Linux 26 FEDORA-2018-aace372c3f Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8740

Update Details Risk is updated

193483 - Fedora Linux 28 FEDORA-2018-bb66329dee Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8740

Update Details Risk is updated

186133 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3592-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-0202, CVE-2018-1000085

Update Details Risk is updated 193387 - Fedora Linux 26 FEDORA-2018-296bf0c332 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1068, CVE-2018-8087

Update Details Risk is updated

193392 - Fedora Linux 27 FEDORA-2018-959aac67a3 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1068, CVE-2018-8087

Update Details Risk is updated

193445 - Fedora Linux 27 FEDORA-2018-cf918d73cc Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1324

Update Details Risk is updated

193450 - Fedora Linux 26 FEDORA-2018-0c2141fcbc Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1324

Update Details Risk is updated

182014 - FreeBSD tiff Buffer Overflow (0ab66088-4aa5-11e6-a7bd-14dae9d210b8)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5314

Update Details CVE is updated

193427 - Fedora Linux 27 FEDORA-2018-e378863e47 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-18232 Update Details Risk is updated

193429 - Fedora Linux 26 FEDORA-2018-ba39fc0e07 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-18232

Update Details Risk is updated

15222 - DNS Cache Snooping Vulnerability

Category: General Vulnerability Assessment -> NonIntrusive -> Miscellaneous Risk Level: Informational CVE: CVE-MAP-NOMATCH

Update Details Recommendation is updated Risk is updated

70014 - netbios-helpers.fasl3.inc

Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH

Update Details FASLScript is updated

HOW TO UPDATE

FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.

FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.

MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.

MCAFEE TECHNICAL SUPPORT

ServicePortal: https://mysupport.mcafee.com Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices.

This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.