2018-APR-10 FSL version 7.6.16 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 23339 - (MSPT-Apr2018) Microsoft JET Database Engine Remote Code Execution (CVE-2018-1003) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1003 Description A vulnerability in some versions of Microsoft JET Database could lead to remote code execution. Observation A vulnerability in some versions of Microsoft JET Database could lead to remote code execution. The flaw lies in the Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23346 - (MSPT-Apr2018) Microsoft Edge Chakra Scripting Engine Remote Code Execution Vulnerability (CVE-2018-0990) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0990 Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution. The flaw lies in the Chakra Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23347 - (MSPT-Apr2018) Microsoft Edge Chakra Remote Code Execution Vulnerability (CVE-2018-0993) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0993 Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution. The flaw lies in the Chakra component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23348 - (MSPT-Apr2018) Microsoft Edge Chakra Remote Code Execution Vulnerability (CVE-2018-0994) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0994 Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution. The flaw lies in the Chakra component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23349 - (MSPT-Apr2018) Microsoft Edge Chakra Remote Code Execution Vulnerability (CVE-2018-0995) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0995 Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution. The flaw lies in the Chakra component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23355 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1029) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1029 Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution. The flaw lies is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23356 - (MSPT-Apr2018) Microsoft Office Memory Handling Remote Code Execution (CVE-2018-0920) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0920 Description A vulnerability in some versions of Microsoft Office could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution. The flaw is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23357 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1030) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1030 Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution. The flaw is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23384 - (MSPT-Apr2018) Microsoft VBScript Memory Remote Code Execution (CVE-2018-1004) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1004 Description A vulnerability in some versions of Microsoft VBScript could lead to remote code execution. Observation A vulnerability in some versions of Microsoft VBScript could lead to remote code execution. The flaw is due to improper handling of objects in memory in the VBScript engine. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23389 - (MSPT-Apr2018) Microsoft Office Graphics Remote Code Execution (CVE-2018-1028) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1028 Description A vulnerability in some versions of Microsoft Office could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution. The flaw lies in the Graphics component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23396 - (MSPT-Apr2018) Microsoft Internet Explorer Memory Corruption Remote Code Execution Vulnerability (CVE-2018-0870) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-0870 Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution. The flaw lies in a memory corruption error. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23402 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1011) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1011 Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution. The flaw is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23403 - (MSPT-Apr2018) Microsoft Office Remote Code Execution (CVE-2018-1026) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1026 Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution. The flaw is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23404 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1027) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1027 Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution. The flaw lies in the Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23406 - (MSPT-Apr2018) Microsoft Windows EOT Font Engine Remote Code Execution (CVE-2018-1010) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1010 Description A vulnerability in some