Monthly Archives: August 2015
Parrot Drones Easily Taken Down Or Hijacked
Kaspersky Lab Spam and Phishing in Q2 2015 Report: Exploiting World Events and Targeting the Vulnerable with ‘$2 million’ Offers
BitTorrent family susceptible to DRDoS attacks
A new study shows that applications belonging to the BitTorrent family are vulnerable to DRDoS attacks.
The post BitTorrent family susceptible to DRDoS attacks appeared first on We Live Security.
SB15-229: Vulnerability Summary for the Week of August 10, 2015
Original release date: August 17, 2015
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
-
Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
-
Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors. | 2015-08-13 | 10.0 | CVE-2015-5125 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5127 CONFIRM |
| adobe — air | Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5541. | 2015-08-13 | 10.0 | CVE-2015-5129 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5130 CONFIRM |
| adobe — air | Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5132 and CVE-2015-5133. | 2015-08-13 | 10.0 | CVE-2015-5131 CONFIRM |
| adobe — air | Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5131 and CVE-2015-5133. | 2015-08-13 | 10.0 | CVE-2015-5132 CONFIRM |
| adobe — air | Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5131 and CVE-2015-5132. | 2015-08-13 | 10.0 | CVE-2015-5133 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5134 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5539 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5540 CONFIRM |
| adobe — air | Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5129. | 2015-08-13 | 10.0 | CVE-2015-5541 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. | 2015-08-13 | 10.0 | CVE-2015-5544 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. | 2015-08-13 | 10.0 | CVE-2015-5545 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. | 2015-08-13 | 10.0 | CVE-2015-5546 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. | 2015-08-13 | 10.0 | CVE-2015-5547 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. | 2015-08-13 | 10.0 | CVE-2015-5548 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5552, and CVE-2015-5553. | 2015-08-13 | 10.0 | CVE-2015-5549 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5550 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5551 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5553. | 2015-08-13 | 10.0 | CVE-2015-5552 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5552. | 2015-08-13 | 10.0 | CVE-2015-5553 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified “type confusion,” a different vulnerability than CVE-2015-5555, CVE-2015-5558, and CVE-2015-5562. | 2015-08-13 | 10.0 | CVE-2015-5554 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified “type confusion,” a different vulnerability than CVE-2015-5554, CVE-2015-5558, and CVE-2015-5562. | 2015-08-13 | 10.0 | CVE-2015-5555 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5556 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5557 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified “type confusion,” a different vulnerability than CVE-2015-5554, CVE-2015-5555, and CVE-2015-5562. | 2015-08-13 | 10.0 | CVE-2015-5558 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5559 CONFIRM |
| adobe — air | Integer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors. | 2015-08-13 | 10.0 | CVE-2015-5560 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5561 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified “type confusion,” a different vulnerability than CVE-2015-5554, CVE-2015-5555, and CVE-2015-5558. | 2015-08-13 | 10.0 | CVE-2015-5562 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5564, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5563 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, and CVE-2015-5565. | 2015-08-13 | 10.0 | CVE-2015-5564 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, and CVE-2015-5564. | 2015-08-13 | 10.0 | CVE-2015-5565 CONFIRM |
| apache — groovy | The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object. | 2015-08-13 | 7.5 | CVE-2015-3253 BID BUGTRAQ MISC CONFIRM |
| belkin — n300_dual-band_wi-fi_range_extender_firmware | Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the (1) sub_dir parameter in a formUSBStorage request; pinCode parameter in a (2) formWpsStart or (3) formiNICWpsStart request; (4) wps_enrolee_pin parameter in a formWlanSetupWPS request; or unspecified parameters in a (5) formWlanMP, (6) formBSSetSitesurvey, (7) formHwSet, or (8) formConnectionSetting request. | 2015-08-13 | 9.0 | CVE-2015-5536 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
| bittorrent — bittorrent | BitTorrent and uTorrent allow remote attackers to inject command line parameters and execute arbitrary commands via a crafted URL using the (1) bittorrent or (2) magnet protocol. | 2015-08-13 | 9.3 | CVE-2015-5474 MISC |
| bittorrent — bootstrap-dht | The lazy_bdecode function in BitTorrent DHT bootstrap server (bootstrap-dht ) allows remote attackers to execute arbitrary code via a crafted packet, related to “improper indexing.” | 2015-08-13 | 7.5 | CVE-2015-5685 CONFIRM MISC MISC |
| cacti — cacti | SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter. | 2015-08-11 | 7.5 | CVE-2015-4634 DEBIAN CONFIRM SUSE CONFIRM |
| clusterlabs — pacemaker | Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command. | 2015-08-12 | 7.5 | CVE-2015-1867 CONFIRM CONFIRM REDHAT |
| clutter_project — clutter | The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures. | 2015-08-12 | 7.2 | CVE-2015-3213 CONFIRM CONFIRM MISC CONFIRM REDHAT |
| libidn_project — libidn | The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read. | 2015-08-12 | 7.5 | CVE-2015-2059 CONFIRM MLIST SUSE FEDORA FEDORA CONFIRM |
| linux — linux_kernel | The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an “I/O vector array overrun.” | 2015-08-08 | 7.2 | CVE-2015-1805 CONFIRM CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| microsoft — internet_explorer | Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2452. | 2015-08-14 | 9.3 | CVE-2015-2441 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2444. | 2015-08-14 | 9.3 | CVE-2015-2442 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability.” | 2015-08-14 | 9.3 | CVE-2015-2443 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2442. | 2015-08-14 | 9.3 | CVE-2015-2444 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2447. | 2015-08-14 | 9.3 | CVE-2015-2446 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2446. | 2015-08-14 | 9.3 | CVE-2015-2447 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability.” | 2015-08-14 | 9.3 | CVE-2015-2448 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2451. | 2015-08-14 | 9.3 | CVE-2015-2450 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2450. | 2015-08-14 | 9.3 | CVE-2015-2451 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2441. | 2015-08-14 | 9.3 | CVE-2015-2452 MS |
| redhat — jboss_bpm_suite | XML external entity (XXE) vulnerability in the dashbuilder import facility (DocumentBuilders in org.jboss.dashboard.export.ImportManagerImpl) in Red Hat JBoss BPM Suite before 6.1.2 allows remote attackers to read arbitrary files, conduct server-side request forgery (SSRF) attacks, and have other unspecified impact via a crafted XML document. | 2015-08-11 | 7.5 | CVE-2015-1818 REDHAT |
| redhat — libuser | libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges. | 2015-08-11 | 7.2 | CVE-2015-3246 MISC CONFIRM REDHAT REDHAT SUSE |
| sierrawireless — aleos | Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote attackers to obtain administrative access via a (1) SSH or (2) TELNET session. | 2015-08-07 | 10.0 | CVE-2015-2897 CERT-VN |
| xen — xen | Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands. | 2015-08-12 | 7.2 | CVE-2015-5154 CONFIRM CONFIRM |
| xen — xen | Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice. | 2015-08-12 | 7.2 | CVE-2015-5166 CONFIRM |
Medium Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| ansibleworks — ansible | Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject’s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 2015-08-12 | 4.3 | CVE-2015-3908 MLIST CONFIRM SUSE |
| apache — subversion | mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name. | 2015-08-12 | 5.0 | CVE-2015-3184 SECTRACK CONFIRM |
| apache — subversion | The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path. | 2015-08-12 | 4.0 | CVE-2015-3187 SECTRACK CONFIRM |
| artifex — afpl_ghostscript | Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write. | 2015-08-11 | 6.8 | CVE-2015-3228 CONFIRM UBUNTU DEBIAN MLIST CONFIRM CONFIRM CONFIRM |
| fortinet — fortios | FortiOS 5.0.x before 5.0.12 and 5.2.x before 5.2.4 supports anonymous, export, RC4, and possibly other weak ciphers when using TLS to connect to FortiGuard servers, which allows man-in-the-middle attackers to spoof TLS content by modifying packets. | 2015-08-11 | 6.4 | CVE-2015-2323 SECTRACK CONFIRM |
| fortinet — fortios | Cross-site scripting (XSS) vulnerability in the DHCP Monitor page the Web User Interface (WebUI) in Fortinet FortiOS before 5.2.4 on FortiGate devices allows remote attackers to inject arbitrary web script or HTML via a crafted hostname. | 2015-08-11 | 4.3 | CVE-2015-3626 SECTRACK CONFIRM |
| fortinet — fortios | The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field. | 2015-08-11 | 5.0 | CVE-2015-5965 MISC CONFIRM |
| htacg — tidy | Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href. | 2015-08-11 | 6.8 | CVE-2015-5522 CONFIRM UBUNTU MLIST MLIST MLIST DEBIAN |
| htacg — tidy | The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation. | 2015-08-11 | 4.3 | CVE-2015-5523 CONFIRM UBUNTU MLIST MLIST MLIST DEBIAN |
| jabberd2 — jabberd2 | c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID. | 2015-08-12 | 6.5 | CVE-2015-2058 CONFIRM MLIST MLIST |
| jobmanager — job_manager | Cross-site scripting (XSS) vulnerability in the Job Manager plugin 0.7.22 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the email field. | 2015-08-13 | 4.3 | CVE-2015-2321 EXPLOIT-DB MISC |
| juniper — pulse_connect_secure | Pulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, PCS6500, and MAG PSC360 8.1 before 8.1r5, 8.0 before 8.0r13, 7.4 before 7.4r13.5, and 7.1 before 7.1r22.2 and PPS 5.1 before 5.1R5 and 5.0 before 5.0R13, when Hardware Acceleration is enabled, does not properly validate the Finished TLS handshake message, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted Finished message. | 2015-08-11 | 4.3 | CVE-2015-5369 MISC CONFIRM SECTRACK CONFIRM |
| linuxcontainers — lxc | lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*. | 2015-08-12 | 4.9 | CVE-2015-1331 CONFIRM CONFIRM UBUNTU DEBIAN SUSE |
| linuxcontainers — lxc | attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a poc filesystem with a crafted (1) AppArmor profile or (2) SELinux label. | 2015-08-12 | 4.6 | CVE-2015-1334 CONFIRM UBUNTU DEBIAN SUSE SUSE |
| microsoft — internet_explorer | Microsoft Internet Explorer 10 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka “ASLR Bypass.” | 2015-08-14 | 4.3 | CVE-2015-2445 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 7 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka “ASLR Bypass.” | 2015-08-14 | 4.3 | CVE-2015-2449 MS |
| mozilla — firefox_os | Cross-site scripting (XSS) vulnerability in the Search app in Gaia in Mozilla Firefox OS before 2.2 allows remote attackers to inject arbitrary HTML via a crafted search link that is mishandled after re-opening the browser or opening the tab view. | 2015-08-07 | 4.3 | CVE-2015-2744 CONFIRM CONFIRM |
| mozilla — firefox_os | Multiple cross-site scripting (XSS) vulnerabilities in the Search app in Gaia in Mozilla Firefox OS before 2.2 allow remote attackers to inject arbitrary HTML via the (1) name or (2) title field in card content associated with a search link that is mishandled after a HOME button press or a Show Windows action, as demonstrated by embedding an arbitrary application or spoofing the account-creation page. | 2015-08-07 | 4.3 | CVE-2015-2745 CONFIRM CONFIRM CONFIRM |
| mozilla — firefox_os | Mozilla Firefox OS before 2.2 does not require the wifi-manage privilege for reading a Wi-Fi system message, which allows attackers to obtain potentially sensitive information via a crafted app. | 2015-08-07 | 4.3 | CVE-2015-4494 CONFIRM CONFIRM |
| mozilla — firefox | The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015. | 2015-08-07 | 4.3 | CVE-2015-4495 CONFIRM CONFIRM CONFIRM CONFIRM |
| mozilla — firefox_os | Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics layer in Mozilla Firefox OS before 2.2 might allow attackers to cause a denial of service (memory corruption) via a negative value of a size parameter. | 2015-08-07 | 5.0 | CVE-2015-5962 CONFIRM CONFIRM |
| openafs — openafs | vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network. | 2015-08-12 | 4.3 | CVE-2015-3282 CONFIRM MLIST CONFIRM DEBIAN |
| openafs — openafs | OpenAFS before 1.6.13 allows remote attackers to spoof bos commands via unspecified vectors. | 2015-08-12 | 6.8 | CVE-2015-3283 CONFIRM MLIST CONFIRM DEBIAN |
| openafs — openafs | Buffer overflow in the Solaris kernel extension in OpenAFS before 1.6.13 allows local users to cause a denial of service (panic or deadlock) or possibly have other unspecified impact via a large group list when joining a PAG. | 2015-08-12 | 4.6 | CVE-2015-3286 CONFIRM MLIST CONFIRM |
| openafs — openafs | The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC. | 2015-08-12 | 4.0 | CVE-2015-3287 CONFIRM MLIST CONFIRM DEBIAN |
| qtranslate_project — qtranslate | Cross-site scripting (XSS) vulnerability in the qTranslate plugin 2.5.39 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the qtranslate page to wp-admin/options-general.php. | 2015-08-13 | 4.3 | CVE-2015-5535 MISC BUGTRAQ MISC |
| redhat — jboss_operations_network | Cross-site scripting (XSS) vulnerability in the 404 error page in Red Hat JBoss Operations Network before 3.3.3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 2015-08-11 | 4.3 | CVE-2015-3267 SECTRACK REDHAT |
| redhat — jboss_portal | The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBoss Portal 6.2.0, does not properly enforce the security constraints of servlets, which allows remote attackers to gain access to resources via a request that asks to render a non-JSF resource. | 2015-08-11 | 5.8 | CVE-2015-5176 REDHAT |
| sqlite — sqlite | Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements. | 2015-08-12 | 5.0 | CVE-2013-7443 CONFIRM CONFIRM CONFIRM MLIST MLIST UBUNTU |
| websense — content_gateway | Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content Gateway before 8.0.0 HF02 allows remote administrators to cause a denial of service (crash) via a crafted diagnostic command line request to submit_net_debug.cgi. | 2015-08-12 | 4.0 | CVE-2015-5718 MISC CONFIRM BUGTRAQ FULLDISC |
| xceedium — xsuite | Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium Xsuite 2.3.0 and 2.4.3.0 allows remote attackers to inject arbitrary web script or HTML via the fileName parameter. | 2015-08-13 | 4.3 | CVE-2015-4665 MISC MISC |
| xceedium — xsuite | Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.3.0 and 2.4.3.0 allows remote attackers to read arbitrary files via a ….// (quadruple dot double slash) in the logFile parameter. | 2015-08-13 | 5.0 | CVE-2015-4666 MISC MISC |
| xen — xen | The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors. | 2015-08-12 | 5.0 | CVE-2015-5165 CONFIRM |
| xmltooling_project — xmltooling | XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Service Provider (SP), does not properly handle integer conversion exceptions, which allows remote attackers to cause a denial of service (crash) via schema-invalid XML data. | 2015-08-12 | 5.0 | CVE-2015-0851 CONFIRM DEBIAN CONFIRM |
| yodobashi — yodobashi | The Yodobashi application 1.2.1.0 and earlier for Android allows remote attackers to execute arbitrary Java methods, and consequently obtain sensitive information or execute OS commands, via a crafted HTML document. | 2015-08-07 | 6.8 | CVE-2015-2980 JVNDB JVN CONFIRM |
Low Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| mozilla — firefox_os | Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code protection mechanism and access USB Mass Storage (UMS) media volumes by using the USB interface for a mount operation. | 2015-08-07 | 1.9 | CVE-2015-5960 CONFIRM CONFIRM |
| mozilla — firefox_os | The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content from an external web server URL into the System process, which allows man-in-the-middle attackers to bypass intended access restrictions by spoofing that server. | 2015-08-07 | 3.3 | CVE-2015-5961 CONFIRM CONFIRM |
| openafs — openafs | pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kernel memory via crafted commands. | 2015-08-12 | 2.1 | CVE-2015-3284 CONFIRM MLIST CONFIRM DEBIAN |
| openafs — openafs | The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command. | 2015-08-12 | 2.1 | CVE-2015-3285 CONFIRM MLIST CONFIRM DEBIAN |
| redhat — libuser | Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field. | 2015-08-11 | 2.1 | CVE-2015-3245 MISC CONFIRM REDHAT REDHAT |
This product is provided subject to this Notification and this Privacy & Use policy.
Ravensburg Ravens On the Rise
You have never heard about the Ravensburg Ravens before? Then it’s about time!
The post Ravensburg Ravens On the Rise appeared first on Avira Blog.
Betatester 2016 competition winners
We can finally announce the winners of the 2016 Beta competition! 
The Betatester of the year, and winner of €600, is:
- Jayakrishnan P, from India
Also, the 9 winners of €200 are:
- Anil Kumar E.S, from India
- Saravana Kumar S., from India
- Andreas Ntonas, from Greece
- S/o Ramakrishnan, from India
- HUANG JIN KAI, from Taiwan
- Lauri Säde, from Estonia
- Manuel Gredilla, from Spain
- Alex Molina, from Spain
- Juan Pablo Sarria Aguilera, from Spain
Thanks to all those who participated for your comments and suggestions – your opinions are always important to us!
The post Betatester 2016 competition winners appeared first on MediaCenter Panda Security.
Oracle CSO numbers, security hygiene and fixes at the same time
Posted by Security Explorations on Aug 17
Hello All,
As a party who had numerous occasions to deal with Oracle in the past, I’d
like to write a few words of comment to the company’s CSO’s blog post [1].
These are grouped under separate sections below.
[“we find 87% of security vulnerabilities ourselves”]
Oracle CSO’s stated that the company finds 87% of security vulnerabilities
itself, security researchers find about 3% and the rest are found by…
Google announces a restructure – it’s now owned by Alphabet
Why the restructure? According to Larry it’s to help them streamline management of their various companies and also stay focused on their initiatives and new opportunities. It’s “ …about businesses prospering through strong leaders and independence.” – Larry Page.
So Search, Youtube, Apps, Maps, Android and Advertising remain under Google and according to their filing with the US Securities and Exchange Commission, “Businesses such as Calico, Nest, and Fiber, as well as its investing arms, such as Google Ventures and Google Capital, and incubator projects, such as Google X, will be managed separately from the Google business.”
For anyone who enjoys innovation in tech, this should come as exciting news – it means Google’s core internet product teams will be even more focused on improving and innovating their internet products; and we might start to see more ambitious and technological milestone projects being developed by Google X and Google Ventures.
Congratulations Google, uh…I mean Alphabet, for moving tech forward. Let’s see what you do next.
Sagemcom F@ST 3864 V2 Admin Password Disclosure
Sagemcom F@ST 3864 V2 suffers from a remote administrative password disclosure vulnerability.