Wei Lei

Name of the Vulnerable Software and Affected Versions: Windows Cloud Files Mini Filter Driver (affected versions not specified) Description: The issue is related to type confusion errors in the Windows Cloud Files Mini Filter Driver, which can be exploited to disclose protected information. This allows attackers to obtain sensitive information and potentially affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NVIDIA GPU Display Driver for Windows (affected versions not specified) **Description** The issue is related to a vulnerability in the kernel mode layer handler for DxgkDdiEscape, where an unprivileged regular user can cause exposure of sensitive information to an actor that is not explicitly authorized to have access to that information, which may lead to limited information disclosure. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NVIDIA GPU Display Driver for Windows (affected versions not specified) **Description** The issue is related to a null-pointer dereference in the kernel mode layer handler for `DxgkDdiEscape` in the `nvlddmkm.sys` file, which may lead to denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** VMware Tools for Windows versions 10.x.y through 12.1.4 VMware Tools for Windows versions 11.x.y **Description** The issue is related to insufficient input validation in the VM3DMP driver of VMware Tools for Windows, which can lead to a denial-of-service condition. A malicious actor with local user privileges in the Windows guest OS can trigger a PANIC in the VM3DMP driver, causing the denial-of-service condition. **Recommendations** For versions 10.x.y through 12.1.4, update to version 12.1.5 or later. For versions 11.x.y, update to version 12.1.5 or later. As a temporary workaround, consider disabling the VM3DMP driver until a patch is available.

**Name of the Vulnerable Software and Affected Versions** VMware ESXi versions 7.0 before ESXi 7.0.0-1.20.16321839 VMware ESXi versions 6.7 before ESXi670-202004101-SG VMware ESXi versions 6.5 before ESXi650-202005401-SG VMware Workstation versions 15.x before 15.5.5 VMware Fusion versions 11.x before 11.5.5 **Description** The issue is related to an out-of-bounds read vulnerability in the Shader functionality. A malicious actor with non-administrative local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to crash the virtual machine's vmx process, leading to a partial denial of service condition. **Recommendations** For VMware ESXi versions 7.0 before ESXi 7.0.0-1.20.16321839, update to ESXi 7.0.0-1.20.16321839 or later. For VMware ESXi versions 6.7 before ESXi670-202004101-SG, update to ESXi670-202004101-SG or later. For VMware ESXi versions 6.5 before ESXi650-202005401-SG, update to ESXi650-202005401-SG or later. For VMware Workstation versions 15.x before 15.5.5, update to 15.5.5 or later. For VMware Fusion versions 11.x before 11.5.5, update to 11.5.5 or later.

Name of the Vulnerable Software and Affected Versions: Intel Graphics Driver versions prior to 26.20.100.7212 Description: The issue is caused by insufficient input validation in the Intel Graphics Driver, which may allow an authenticated user to cause a denial of service via local access. Recommendations: For versions prior to 26.20.100.7212, update to version 26.20.100.7212 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** PHP versions 5.6.33 and earlier PHP versions 7.0.x through 7.0.27 PHP versions 7.1.x through 7.1.14 PHP versions 7.2.x through 7.2.2 **Description** The issue is caused by a stack-based buffer under-read in the `php stream url wrap http ex` function when parsing an HTTP response. This results in copying a large string. The vulnerability can be exploited by a remote attacker using a specially crafted HTTP response, potentially allowing them to execute arbitrary code or cause a denial of service. **Recommendations** For PHP version 5.6.33 and earlier, update to a version later than 5.6.33. For PHP versions 7.0.x through 7.0.27, update to version 7.0.28 or later. For PHP versions 7.1.x through 7.1.14, update to a version later than 7.1.14. For PHP versions 7.2.x through 7.2.2, update to a version later than 7.2.2. As a temporary workaround, consider restricting access to the `php stream url wrap http ex` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.6.32 PHP versions 7.x prior to 7.0.25 PHP versions 7.1.x prior to 7.1.11 **Description** The issue is related to an out-of-bounds read in the ext/date/lib/parse date.c component of the PHP interpreter. This could allow a remote attacker to leak information from the interpreter by supplying specially crafted date strings. The error is specifically in the timelib meridian handling of 'front of' and 'back of' directives in the date extension, affecting the php parse date function. **Recommendations** For PHP versions prior to 5.6.32, update to version 5.6.32 or later. For PHP versions 7.x prior to 7.0.25, update to version 7.0.25 or later. For PHP versions 7.1.x prior to 7.1.11, update to version 7.1.11 or later. As a temporary workaround, consider restricting the use of the date extension's timelib meridian handling of 'front of' and 'back of' directives until a patch is available.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11 Safari versions prior to 11 iCloud versions prior to 7.0 on Windows iTunes versions prior to 12.7 on Windows tvOS versions prior to 11 **Description** The issue involves the WebKit component and allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via a crafted web site. **Recommendations** For iOS versions prior to 11, update to version 11 or later. For Safari versions prior to 11, update to version 11 or later. For iCloud versions prior to 7.0 on Windows, update to version 7.0 or later. For iTunes versions prior to 12.7 on Windows, update to version 12.7 or later. For tvOS versions prior to 11, update to version 11 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11 Safari versions prior to 11 iCloud versions prior to 7.0 on Windows iTunes versions prior to 12.7 on Windows tvOS versions prior to 11 **Description** The issue involves the WebKit component and allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via a crafted web site. **Recommendations** For iOS versions prior to 11, update to version 11 or later. For Safari versions prior to 11, update to version 11 or later. For iCloud versions prior to 7.0 on Windows, update to version 7.0 or later. For iTunes versions prior to 12.7 on Windows, update to version 12.7 or later. For tvOS versions prior to 11, update to version 11 or later.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 11 Apple Safari versions prior to 11 Apple iCloud versions prior to 7.0 on Windows Apple iTunes versions prior to 12.7 on Windows Apple tvOS versions prior to 11 **Description** The issue involves the WebKit component and allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via a crafted web site. **Recommendations** For iOS versions prior to 11, update to version 11 or later. For Safari versions prior to 11, update to version 11 or later. For iCloud versions prior to 7.0 on Windows, update to version 7.0 or later. For iTunes versions prior to 12.7 on Windows, update to version 12.7 or later. For tvOS versions prior to 11, update to version 11 or later.

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.6.31 PHP versions 7.x prior to 7.0.21 PHP versions 7.1.x prior to 7.1.7 **Description** A stack-based buffer overflow in the `zend ini do op()` function could cause a denial of service or potentially allow executing code. This issue is relevant for PHP applications that accept untrusted input for the `parse ini string` or `parse ini file` function. **Recommendations** For PHP versions prior to 5.6.31, update to version 5.6.31 or later. For PHP versions 7.x prior to 7.0.21, update to version 7.0.21 or later. For PHP versions 7.1.x prior to 7.1.7, update to version 7.1.7 or later. As a temporary workaround, consider restricting the use of the `parse ini string` and `parse ini file` functions to trusted input only, until a patch is available.

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.6.31 PHP versions 7.x prior to 7.0.21 PHP versions 7.1.x prior to 7.1.7 **Description** The issue is related to the openssl extension in PHP, specifically with the PEM sealing code not checking the return value of the OpenSSL sealing function. This could lead to a crash of the PHP interpreter due to an interpretation conflict for a negative number. The problem is also associated with insufficient checking of unusual or exceptional states, which could allow a remote attacker to cause a denial of service. **Recommendations** For PHP versions prior to 5.6.31, update to version 5.6.31 or later. For PHP versions 7.x prior to 7.0.21, update to version 7.0.21 or later. For PHP versions 7.1.x prior to 7.1.7, update to version 7.1.7 or later.

**Name of the Vulnerable Software and Affected Versions** Adobe Reader versions (affected versions not specified) Adobe Acrobat versions (affected versions not specified) **Description** The issue is caused by a buffer overflow in Adobe Reader and Adobe Acrobat, allowing a remote attacker to execute arbitrary code or cause a denial of service (memory corruption). **Recommendations** For Adobe Reader, update to a version that contains a fix for this issue. For Adobe Acrobat, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libxml2 versions prior to 2.9.4 Apple iOS versions prior to 9.3.2 OS X versions prior to 10.11.5 tvOS versions prior to 9.2.1 watchOS versions prior to 2.2.1 **Description** The issue is caused by a buffer overflow in the libxml2 library, which can be exploited by a remote attacker using a specially crafted XML document. This can lead to arbitrary code execution or a denial of service due to memory corruption. The vulnerability is also described as a use-after-free issue in the `xmlDictComputeFastKey` function, allowing remote attackers to cause a denial of service. **Recommendations** For libxml2 versions prior to 2.9.4, update to version 2.9.4 or later. For Apple iOS versions prior to 9.3.2, update to version 9.3.2 or later. For OS X versions prior to 10.11.5, update to version 10.11.5 or later. For tvOS versions prior to 9.2.1, update to version 9.2.1 or later. For watchOS versions prior to 2.2.1, update to version 2.2.1 or later. As a temporary workaround, consider restricting the use of the `xmlDictComputeFastKey` function until a patch is available. Avoid using specially crafted XML documents that could exploit the buffer overflow issue.

**Name of the Vulnerable Software and Affected Versions** libxml2 versions prior to 2.9.4 Apple iOS versions prior to 9.3.2 Apple OS X versions prior to 10.11.5 **Description** The issue is caused by a buffer overflow in the libxml2 library, which can be exploited by a remote attacker using a specially crafted XML document. This can lead to arbitrary code execution or a denial of service (memory corruption). The vulnerability is also described as a use-after-free issue in the `xmlSAX2AttributeNs` function, allowing remote attackers to cause a denial of service via a crafted XML document. **Recommendations** For libxml2 versions prior to 2.9.4, update to version 2.9.4 or later to resolve the issue. For Apple iOS versions prior to 9.3.2, update to version 9.3.2 or later to resolve the issue. For Apple OS X versions prior to 10.11.5, update to version 10.11.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `xmlSAX2AttributeNs` function until a patch is available. Avoid using specially crafted XML documents that could exploit the buffer overflow vulnerability.

**Name of the Vulnerable Software and Affected Versions** libxml2 versions prior to 2.9.4 Apple iOS versions prior to 9.3.2 OS X versions prior to 10.11.5 tvOS versions prior to 9.2.1 watchOS versions prior to 2.2.1 **Description** The issue is caused by multiple use-after-free vulnerabilities in the `htmlParsePubidLiteral` and `htmlParseSystemiteral` functions in libxml2. This allows remote attackers to cause a denial of service via a crafted XML document. Additionally, the vulnerability can be exploited to execute arbitrary code or cause a denial of service due to a buffer overflow, by using a specially formed XML document. **Recommendations** For libxml2 versions prior to 2.9.4, update to version 2.9.4 or later. For Apple iOS versions prior to 9.3.2, update to version 9.3.2 or later. For OS X versions prior to 10.11.5, update to version 10.11.5 or later. For tvOS versions prior to 9.2.1, update to version 9.2.1 or later. For watchOS versions prior to 2.2.1, update to version 2.2.1 or later. As a temporary workaround, consider restricting the use of libxml2 until a patch is available. Avoid using the `htmlParsePubidLiteral` and `htmlParseSystemiteral` functions in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** libxml2 versions prior to 2.9.4 **Description** The issue is related to the xmlParseElementDecl function in parser.c, which allows context-dependent attackers to cause a denial of service. This can be achieved through a crafted file, involving xmlParseName, and may result in a heap-based buffer underread and application crash. The vulnerability is also associated with a buffer overflow in memory. **Recommendations** For versions prior to 2.9.4, update to version 2.9.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of the xmlParseElementDecl function until a patch is available. Avoid using the xmlParseName function in conjunction with xmlParseElementDecl until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** libxml2 in Apple iOS versions prior to 9.2 libxml2 in Apple OS X versions prior to 10.11.2 libxml2 in Apple tvOS versions prior to 9.1 **Description** The issue allows remote attackers to obtain sensitive information or cause a denial of service due to memory corruption via a crafted XML document. **Recommendations** For iOS versions prior to 9.2, update to version 9.2 or later. For OS X versions prior to 10.11.2, update to version 10.11.2 or later. For tvOS versions prior to 9.1, update to version 9.1 or later.

**Name of the Vulnerable Software and Affected Versions** libxml2 in Apple iOS versions prior to 9.2 libxml2 in Apple OS X versions prior to 10.11.2 libxml2 in Apple tvOS versions prior to 9.1 **Description** The issue allows remote attackers to obtain sensitive information or cause a denial of service due to memory corruption via a crafted XML document. **Recommendations** For libxml2 in Apple iOS versions prior to 9.2, update to iOS 9.2 or later. For libxml2 in Apple OS X versions prior to 10.11.2, update to OS X 10.11.2 or later. For libxml2 in Apple tvOS versions prior to 9.1, update to tvOS 9.1 or later.