def:12514 update

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

def:12514 update

Josh Turpin

I’ve updated the title for def:12514 (CVE-2011-0347):

 

Previous title: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

 

New title: Vulnerability in Microsoft Internet Explorer Could Allow GUI Corruption

 

The reason for this change is because def:12514 is referencing the wrong title because the NVD site is referencing the wrong Microsoft reference. (http://technet.microsoft.com/en-us/security/advisory/2490606) This Microsoft Security Advisory is related to CVE-2010-3970.

 

Regards,

 

Josh Turpin
www.symantec.com
________________________________

 
[hidden email]
________________________________

 

wordlogo

 

This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.

 

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].

def-12514.xml (12K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: def:12514 update

Sedlacek, W B

This is a great start, but how does one get NVD to change their page on this CVE and point to the correct KB article on technet?

 

W. Brian Sedlacek

DCS-1, Continuous Monitoring

Phone:  5-7443

Cell:  412-7443

Pager:  4-8741

E-Mail:  [hidden email]

 

From: Josh Turpin [mailto:[hidden email]]
Sent: Monday, March 26, 2012 1:11 PM
To: [hidden email]
Subject: [OVAL-DISCUSSION-LIST] def:12514 update

 

I’ve updated the title for def:12514 (CVE-2011-0347):

 

Previous title: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

 

New title: Vulnerability in Microsoft Internet Explorer Could Allow GUI Corruption

 

The reason for this change is because def:12514 is referencing the wrong title because the NVD site is referencing the wrong Microsoft reference. (http://technet.microsoft.com/en-us/security/advisory/2490606) This Microsoft Security Advisory is related to CVE-2010-3970.

 

Regards,

 

Josh Turpin
www.symantec.com
________________________________

 
[hidden email]
________________________________

 

wordlogo

 

This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.

 

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].
Reply | Threaded
Open this post in threaded view
|

Re: def:12514 update

Jon Baker
Administrator

That reference seems to have come from the cve entry. I have cc’d the cve team on this message so that they are aware of the issue.

 

Thanks,

 

Jon

 

============================================

Jonathan O. Baker

G022 - IA Industry Collaboration

The MITRE Corporation

Email: [hidden email]

 

From: Sedlacek, W B [mailto:[hidden email]]
Sent: Monday, March 26, 2012 3:56 PM
To: oval-discussion-list OVAL Discussion List/Closed Public Discussi
Subject: Re: [OVAL-DISCUSSION-LIST] def:12514 update

 

This is a great start, but how does one get NVD to change their page on this CVE and point to the correct KB article on technet?

 

W. Brian Sedlacek

DCS-1, Continuous Monitoring

Phone:  5-7443

Cell:  412-7443

Pager:  4-8741

E-Mail:  [hidden email]

 

From: Josh Turpin [hidden email]
Sent: Monday, March 26, 2012 1:11 PM
To: [hidden email]
Subject: [OVAL-DISCUSSION-LIST] def:12514 update

 

I’ve updated the title for def:12514 (CVE-2011-0347):

 

Previous title: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

 

New title: Vulnerability in Microsoft Internet Explorer Could Allow GUI Corruption

 

The reason for this change is because def:12514 is referencing the wrong title because the NVD site is referencing the wrong Microsoft reference. (http://technet.microsoft.com/en-us/security/advisory/2490606) This Microsoft Security Advisory is related to CVE-2010-3970.

 

Regards,

 

Josh Turpin
www.symantec.com
________________________________

 
[hidden email]
________________________________

 

wordlogo

 

This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.

 

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].
Reply | Threaded
Open this post in threaded view
|

Re: def:12514 update

Sedlacek, W B

Thank you for taking care of this.  I didn’t have any idea how to get this done.

 

W. Brian Sedlacek

DCS-1, Continuous Monitoring

Phone:  5-7443

Cell:  412-7443

Pager:  4-8741

E-Mail:  [hidden email]

 

From: Baker, Jon [mailto:[hidden email]]
Sent: Monday, March 26, 2012 2:04 PM
To: [hidden email]
Subject: Re: [OVAL-DISCUSSION-LIST] def:12514 update

 

That reference seems to have come from the cve entry. I have cc’d the cve team on this message so that they are aware of the issue.

 

Thanks,

 

Jon

 

============================================

Jonathan O. Baker

G022 - IA Industry Collaboration

The MITRE Corporation

Email: [hidden email]

 

From: Sedlacek, W B [hidden email]
Sent: Monday, March 26, 2012 3:56 PM
To: oval-discussion-list OVAL Discussion List/Closed Public Discussi
Subject: Re: [OVAL-DISCUSSION-LIST] def:12514 update

 

This is a great start, but how does one get NVD to change their page on this CVE and point to the correct KB article on technet?

 

W. Brian Sedlacek

DCS-1, Continuous Monitoring

Phone:  5-7443

Cell:  412-7443

Pager:  4-8741

E-Mail:  [hidden email]

 

From: Josh Turpin [hidden email]
Sent: Monday, March 26, 2012 1:11 PM
To: [hidden email]
Subject: [OVAL-DISCUSSION-LIST] def:12514 update

 

I’ve updated the title for def:12514 (CVE-2011-0347):

 

Previous title: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

 

New title: Vulnerability in Microsoft Internet Explorer Could Allow GUI Corruption

 

The reason for this change is because def:12514 is referencing the wrong title because the NVD site is referencing the wrong Microsoft reference. (http://technet.microsoft.com/en-us/security/advisory/2490606) This Microsoft Security Advisory is related to CVE-2010-3970.

 

Regards,

 

Josh Turpin
www.symantec.com
________________________________

 
[hidden email]
________________________________

 

wordlogo

 

This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.

 

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].
Reply | Threaded
Open this post in threaded view
|

Re: def:12514 update

jasenj1
In reply to this post by Josh Turpin
This submission has been processed and is now available in the OVAL Repository.

- Jasen.

From: Josh Turpin <[hidden email]>
Reply-To: "OVAL Discussion List (Closed Public Discussion)" <[hidden email]>
Date: Mon, 26 Mar 2012 12:10:38 -0700
To: <[hidden email]>
Subject: [OVAL-DISCUSSION-LIST] def:12514 update

I’ve updated the title for def:12514 (CVE-2011-0347):

 

Previous title: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

 

New title: Vulnerability in Microsoft Internet Explorer Could Allow GUI Corruption

 

The reason for this change is because def:12514 is referencing the wrong title because the NVD site is referencing the wrong Microsoft reference. (http://technet.microsoft.com/en-us/security/advisory/2490606) This Microsoft Security Advisory is related to CVE-2010-3970.

 

Regards,

 

Josh Turpin
www.symantec.com

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].