Vulnerabilities: CVEs, Hashes, Application Installers Report February 26-March 5, 2018
March 23, 2018
The OPSWAT Metadefender Vulnerability Engine identifies known application vulnerabilities and reports them by severity level. The Vulnerability Engine allows system administrators to identify vulnerabilities in files and data being brought into a secure network and on endpoints within a network, significantly expediting remediation of the issue.
Common Vulnerabilities and Exposures (CVE) is a catalog of publicly known cyber security vulnerabilities that's sponsored by the United States Department of Homeland Security. The first table below lists the new CVEs and product versions for which support was added to the Metadefender database during the week of February 26 - March 5, 2018. The second table lists the hashes and application installers for which support was added.
Newly Supported CVEs and Product Versions as of March 5, 2018
| PRODUCT | VENDOR | VERSION | CVE | CVE DETAILS | CVSS SCORE |
|---|---|---|---|---|---|
| Microsoft Office | Microsoft Corporation | 16 and prior | CVE-2017-8570 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2017-8570 | 9.3 |
| Microsoft Office | Microsoft Corporation | 16 and prior | CVE-2018-0798 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-0798 | 9.3 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7333 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7333 | 5.0 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7332 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7332 | 5.0 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7322 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7322 | 5.0 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7325 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7325 | 5.0 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7321 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7321 | 5.0 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7324 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7324 | 5.0 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7323 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7323 | 5.0 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7327 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7327 | 5.0 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7326 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7326 | 5.0 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7330 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7330 | 5.0 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7329 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7329 | 5.0 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7331 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7331 | 5.0 |
| Wireshark | The Wireshark developer community | 2.2.6 and prior | CVE-2018-7328 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-7328 | 5.0 |
| Adobe Flash Player | Adobe Systems Inc. | NONE and prior | CVE-2018-4878 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-4878 | 7.5 |
| Adobe Flash Player | Adobe Systems Inc. | NONE and prior | CVE-2018-4877 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-4877 | 10.0 |
| Adobe Flash Player | Adobe Systems Inc. | NONE and prior | CVE-2018-4878 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-4878 | 7.5 |
| Adobe Flash Player | Adobe Systems Inc. | NONE and prior | CVE-2018-4877 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-4877 | 10.0 |
| Microsoft Word | Microsoft Corporation | 16 and prior | CVE-2018-0798 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-0798 | 9.3 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2678 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2678 | 4.3 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2677 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2677 | 4.3 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2639 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2639 | 6.8 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2634 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2634 | 4.3 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2637 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2637 | 5.8 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2638 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2638 | 5.1 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2663 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2663 | 4.3 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2641 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2641 | 2.6 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2633 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2633 | 5.1 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2582 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2582 | 4.3 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2602 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2602 | 3.7 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2588 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2588 | 4.0 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2579 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2579 | 4.3 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2599 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2599 | 5.8 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2629 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2629 | 2.6 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2603 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2603 | 5.0 |
| Java | Oracle Corporation | 9.0.01.0 and prior | CVE-2018-2618 | https://metadefender.opswat.com/vulnerabilities#!/CVE-2018-2618 | 4.3 |
Newly Supported Hashes as of March 5, 2018
| HASH | CVES |
|---|---|
| 43AF1E590F4C2B8017F7EB913212DF4748F95882 | CVE-2017-5130 |
| 06889BFCE5DDF2F87EB223A0A98B88B0FD9F63DF | CVE-2017-5130 |
| 7425F44B29F6030FF23FA61AB884E2F9AE92EB8F | CVE-2017-5130 |
| A96C3119A58691B705EA171CEF4D6524B10DD6E1 | CVE-2017-5130 |
| A7DDB8A803975D1FB3E978D2B6850B6922370A3F | CVE-2017-5130 |
| A6EB72EB1FAD1F8130878E3FF62B6FEAC8EE0A4E | CVE-2017-5130 |
| A663E2FEEFCEA746814CF036AFE1ECD6C484FAA5 | CVE-2017-5130 |
| A61B4EFBA398339DE755FF5107C04B5AACB46B9B | CVE-2017-5130 |
| A2AAF786BEC2AD2546332E37CE04C9E0D54EFFE4 | CVE-2017-5130 |
| F15CD202839050B8EC0CAA9C0421534FCA6F39E0 | CVE-2017-5130 |
| 9EAB971C99DE04EBDFC39221DA9618CEA67E0A55 | CVE-2017-5130 |
| E1BF285CEABB395EEEACFF031EECD53867C495F1 | CVE-2017-5130 |
| 711EF521CCD8929AAA963E5C45806BA20D4AF91F | CVE-2017-5130 |
| 9FF745E766D4FB7A5AE2964F19965E026B4D14E5 | CVE-2017-5130 |
| AB314FE5FA4A1EC0F519CEED1154E1663CFF7C38 | CVE-2017-5130 |
| 5F200F0279818F05BE3EFE27AE50B9FD9B030A89 | CVE-2017-5130 |
| 93068255D8705693A44C2B0E704171C64B4F682A | CVE-2017-5130 |
| 9E0E0EB7E9137EBDC21CB4BE64450ADDD5AB5936 | CVE-2017-5130 |
| 5E62C24CD60173DD9E78E83DB312A1B33A6E50FA | CVE-2017-5130 |
| E7BC89A31408884048C343C0180F92019BB921AB | CVE-2017-5130 |
| 90E6C5961FC469112851395DDF99E7E84217788A | CVE-2017-5130 |
| 90BA488A130BE6F76E250231B79FCB5BD42358F3 | CVE-2017-5130 |
| 55108C37F57826ED0F7BB230198E1CC8AF938CDD | CVE-2017-5130 |
| 4A49BCA4E9DBF2D4C5B644705ACDB21828FC7D78 | CVE-2017-5130 |
| D04CA3B9CB2FBCFF3746EE82A9856BD7B195B847 | CVE-2017-5130 |
| 502245C30B74837659AF2C975DEFF408096AB78A | CVE-2017-5130 |
| D3E74668AC4CEF1560E57D05989D7160ED2689BB | CVE-2017-5130 |
| 39BA3050974F217C692E16A881B68EB5795A801B | CVE-2017-5130 |
| 886FBE9D8AAA0DCED297137C0795403AE9FC5CDF | CVE-2017-5130 |
| 861F73D4DE9094A24FFDD3CE3D1964D860459559 | CVE-2017-5130 |
| A6113A99D863261E03680C9D5BDFF12E01B1ACB0 | CVE-2017-5130 |
| 4B687A42696FDF16058A596A001C48890D0C812A | CVE-2017-5130 |
| 9BF806BBC3A63657D392B2DD8EDEC31252658953 | CVE-2017-5130 |
| E22BB15887C7A7AA9858D587DF7768F26E34CB83 | CVE-2017-5130 |
| 0A44B9AA047483B0EDDA4029F427E38E1347FCF1 | CVE-2017-5130 |
| 810F425B27353893C51600FC0C1770800DDFCF71 | CVE-2017-5130 |
| 4381F5C8F708BE370E992C90A94D2ACC01E84D9F | CVE-2017-5130 |
| 769BFD105C3F5B4714A9C10DA27150B900BD6A61 | CVE-2017-5130 |
| 755AAF6A6AF636987640905B1747475C49F1F5CE | CVE-2017-5130 |
| BD5C62E33B2975FF650970A5E08EFB3546CE47E6 | CVE-2017-5130 |
| 99259BC9804FCC3D2F2ED2594A5A464B66619DB7 | CVE-2017-5130 |
| 7913E05FE93FD90436B128320B50E296482C3B09 | CVE-2017-5130 |
| D33AE8F5CEC465F490AFF36C5BAD45743383C164 | CVE-2017-5130 |
| 702098511AB65F899B89D00884A5A3EA9BA44835 | CVE-2017-5130 |
| FFE76AAEE5871FA9065550E4E33F5D59C1307F57 | CVE-2017-5130 |
| 6EE8090B87F7BFD1CAEFED8FE06F9CCF6D086B17 | CVE-2017-5130 |
| 891688E3E16FE0DC88CD3C9DCED2A520745C827C | CVE-2017-5130 |
| 6DECA3FB0696BF84380E00812CD1932ACB32C3BB | CVE-2017-5130 |
| 6BF53D512F3A250B1A8807A1CEED371CFAFAB8FA | CVE-2017-5130 |
- Infographic: File Upload Security – A Mission Against Malware
- File Upload Protection – 10 Best Practices for Preventing Threats
- Can You Spot the Social Engineering Techniques in a Phishing Email?
- We Released an Advanced Email Security Comparison Guide
- Vulnerabilities: CVEs, Hashes, Application Installers Report January 22-29, 2018
- 6 Potential Security Gaps in File Transfer Process for Critical Infrastructure
- Police Handing Out Malware-Infected USBs Is Not an Isolated Incident
- 10 Things to Include in Your Employee Cyber Security Policy
- 11 of the Largest Data Breaches of All Time (Updated)