The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28919417.
Monthly Archives: August 2016
CVE-2016-3849
The ION driver in Android before 2016-08-05 on Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28939740.
CVE-2016-3850
Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted header field in a boot image, aka Android internal bug 27917291 and Qualcomm internal bug CR945164.
CVE-2016-3851
The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X devices allows attackers to gain privileges by leveraging access to a privileged process, aka internal bug 29189941.
CVE-2016-3852
The MediaTek Wi-Fi driver in Android before 2016-08-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29141147 and MediaTek internal bug ALPS02751738.
CVE-2016-3853
Google Play services in Android before 2016-08-05 on Nexus devices allow local users to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26803208.
CVE-2016-3857
The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.
VMware vSphere Hypervisor (ESXi) HTTP Response Injection
The SySS GmbH found out that the web server of VMware ESXi 6 is vulnerable to HTTP response injection attacks, as arbitrarily supplied URL parameters are copied in the HTTP header Location of the server response without sufficient input validation. Thus, an attacker can create a specially crafted URL with a specific URL parameter that injects attacker-controlled data to the response of the VMware ESXi web server. Depending on the context, this allows different attacks. If such a URL is visited by a victim, it may for example be possible to set web browser cookies in the victim’s web browser, execute arbitrary JavaScript code, or poison caches of proxy servers.
VMware Releases Security Update
Original release date: August 05, 2016
VMware has released a security update to address vulnerabilities in vCenter Server, vSphere Hypervisor (ESXi), Workstation Pro, Workstation Player, Fusion, and Tools. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review VMware Security Advisories VMSA-2016-0010 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Apple Releases Security Update
Original release date: August 05, 2016
Apple has released a security update to address a vulnerability in iOS. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. The update is for iPhone 4s and later, iPad 2 and later, and iPod touch (5th generation) and later.
US-CERT encourages users and administrators to review the Apple security page for iOS and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.