Original release date: September 14, 2015
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
-
Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
-
Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe — shockwave_player | Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6681. | 2015-09-08 | 10.0 | CVE-2015-6680 CONFIRM |
| adobe — shockwave_player | Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6680. | 2015-09-08 | 10.0 | CVE-2015-6681 CONFIRM |
| ffmpeg — ffmpeg | The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted image with two or more of these chunks. | 2015-09-05 | 7.5 | CVE-2015-6818 CONFIRM |
| ffmpeg — ffmpeg | Multiple integer underflows in the ff_mjpeg_decode_frame function in libavcodec/mjpegdec.c in FFmpeg before 2.7.2 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data. | 2015-09-05 | 7.5 | CVE-2015-6819 CONFIRM |
| ffmpeg — ffmpeg | The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matching AAC frame syntax element before proceeding with Spectral Band Replication calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted AAC data. | 2015-09-05 | 7.5 | CVE-2015-6820 CONFIRM |
| ffmpeg — ffmpeg | The ff_mpv_common_init function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted MPEG data. | 2015-09-05 | 7.5 | CVE-2015-6821 CONFIRM |
| ffmpeg — ffmpeg | The destroy_buffers function in libavcodec/sanm.c in FFmpeg before 2.7.2 does not properly maintain height and width values in the video context, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via crafted LucasArts Smush video data. | 2015-09-05 | 7.5 | CVE-2015-6822 CONFIRM |
| ffmpeg — ffmpeg | The allocate_buffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have unspecified other impact via crafted Apple Lossless Audio Codec (ALAC) data. | 2015-09-05 | 7.5 | CVE-2015-6823 CONFIRM |
| ffmpeg — ffmpeg | The sws_init_context function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certain pixbuf data structures, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have unspecified other impact via crafted video data. | 2015-09-05 | 7.5 | CVE-2015-6824 CONFIRM |
| ffmpeg — ffmpeg | The ff_frame_thread_init function in libavcodec/pthread_frame.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via a crafted file, as demonstrated by an AVI file. | 2015-09-05 | 7.5 | CVE-2015-6825 CONFIRM |
| ffmpeg — ffmpeg | The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted (1) RV30 or (2) RV40 RealVideo data. | 2015-09-05 | 7.5 | CVE-2015-6826 CONFIRM |
| isc — bind | buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. | 2015-09-04 | 7.8 | CVE-2015-5722 CONFIRM |
| isc — bind | openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response. | 2015-09-04 | 7.1 | CVE-2015-5986 CONFIRM |
| libvdpau_project — libvdpau | libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, related to the VDPAU_DRIVER_PATH environment variable. | 2015-09-08 | 7.2 | CVE-2015-5198 CONFIRM UBUNTU MLIST |
| libvdpau_project — libvdpau | Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAU_DRIVER environment variable. | 2015-09-08 | 7.2 | CVE-2015-5199 CONFIRM UBUNTU MLIST |
| microsoft — edge | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2491 and CVE-2015-2541. | 2015-09-08 | 9.3 | CVE-2015-2485 MS MS |
| microsoft — edge | Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499. | 2015-09-08 | 9.3 | CVE-2015-2486 MS MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499. | 2015-09-08 | 9.3 | CVE-2015-2487 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2492, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499. | 2015-09-08 | 9.3 | CVE-2015-2490 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2485 and CVE-2015-2541. | 2015-09-08 | 9.3 | CVE-2015-2491 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499. | 2015-09-08 | 9.3 | CVE-2015-2492 MS |
| microsoft — internet_explorer | The (1) VBScript and (2) JScript engines in Microsoft Internet Explorer 8 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Scripting Engine Memory Corruption Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2493 MS |
| microsoft — edge | Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2498, and CVE-2015-2499. | 2015-09-08 | 9.3 | CVE-2015-2494 MS MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, and CVE-2015-2499. | 2015-09-08 | 9.3 | CVE-2015-2498 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, and CVE-2015-2498. | 2015-09-08 | 9.3 | CVE-2015-2499 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2500 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2501 MS |
| microsoft — .net_framework | Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 improperly counts objects before performing an array copy, which allows remote attackers to (1) execute arbitrary code via a crafted XAML browser application (XBAP) or (2) bypass Code Access Security restrictions via a crafted .NET Framework application, aka “.NET Elevation of Privilege Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2504 MS |
| microsoft — windows_10 | atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (system crash) via a crafted OpenType font, aka “OpenType Font Parsing Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2506 MS |
| microsoft — windows_10 | The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka “Font Driver Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2512. | 2015-09-08 | 7.2 | CVE-2015-2507 MS |
| microsoft — windows_10 | The Adobe Type Manager Library in Microsoft Windows 10 allows local users to gain privileges via a crafted application, aka “Font Driver Elevation of Privilege Vulnerability.” | 2015-09-08 | 7.2 | CVE-2015-2508 MS |
| microsoft — windows_7 | Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Media Center link (mcl) file, aka “Windows Media Center RCE Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2509 MS |
| microsoft — live_meeting_console | Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted OpenType font, aka “Graphics Component Buffer Overflow Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2510 MS |
| microsoft — windows_10 | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka “Win32k Memory Corruption Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2517, CVE-2015-2518, and CVE-2015-2546. | 2015-09-08 | 7.2 | CVE-2015-2511 MS |
| microsoft — windows_10 | The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka “Font Driver Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2507. | 2015-09-08 | 7.2 | CVE-2015-2512 MS |
| microsoft — windows_10 | Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka “Windows Journal RCE Vulnerability,” a different vulnerability than CVE-2015-2514 and CVE-2015-2530. | 2015-09-08 | 9.3 | CVE-2015-2513 MS |
| microsoft — windows_10 | Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka “Windows Journal RCE Vulnerability,” a different vulnerability than CVE-2015-2513 and CVE-2015-2530. | 2015-09-08 | 9.3 | CVE-2015-2514 MS |
| microsoft — windows_10 | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka “Win32k Memory Corruption Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2511, CVE-2015-2518, and CVE-2015-2546. | 2015-09-08 | 7.2 | CVE-2015-2517 MS |
| microsoft — windows_10 | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka “Win32k Memory Corruption Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2511, CVE-2015-2517, and CVE-2015-2546. | 2015-09-08 | 7.2 | CVE-2015-2518 MS |
| microsoft — windows_10 | Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka “Windows Journal Integer Overflow RCE Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2519 MS |
| microsoft — excel | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2520 MS |
| microsoft — excel | Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2521 MS |
| microsoft — excel | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2523 MS |
| microsoft — windows_10 | Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka “Windows Task Management Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2528. | 2015-09-08 | 7.2 | CVE-2015-2524 MS |
| microsoft — windows_10 | Task Scheduler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass intended filesystem restrictions and delete arbitrary files via unspecified vectors, aka “Windows Task File Deletion Elevation of Privilege Vulnerability.” | 2015-09-08 | 7.2 | CVE-2015-2525 MS |
| microsoft — windows_10 | The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka “Win32k Elevation of Privilege Vulnerability.” | 2015-09-08 | 7.2 | CVE-2015-2527 MS |
| microsoft — windows_10 | Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka “Windows Task Management Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2524. | 2015-09-08 | 7.2 | CVE-2015-2528 MS |
| microsoft — windows_10 | Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka “Windows Journal RCE Vulnerability,” a different vulnerability than CVE-2015-2513 and CVE-2015-2514. | 2015-09-08 | 9.3 | CVE-2015-2530 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2485 and CVE-2015-2491. | 2015-09-08 | 9.3 | CVE-2015-2541 MS |
| microsoft — edge | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2542 MS MS |
| microsoft — office | Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka “Microsoft Office Malformed EPS File Vulnerability.” | 2015-09-08 | 9.3 | CVE-2015-2545 MS |
| microsoft — windows_10 | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka “Win32k Memory Corruption Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2511, CVE-2015-2517, and CVE-2015-2518. | 2015-09-08 | 7.2 | CVE-2015-2546 MS |
Medium Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| cisco — telepresence_system_software_ix | Cisco TelePresence IX5000 8.0.3 stores a private key associated with an X.509 certificate under the web root with insufficient access control, which allows remote attackers to obtain cleartext versions of HTTPS traffic or spoof devices via a direct request to the certificate directory, aka Bug ID CSCuu63501. | 2015-09-04 | 5.0 | CVE-2015-6276 CISCO |
| freebit — elphonebtnv6_activex_control | Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ELPhoneBtnV6 ActiveX control allows remote attackers to execute arbitrary code via a crafted HTML document, related to the discontinued “Click to Live” service. | 2015-09-07 | 6.8 | CVE-2015-5624 JVNDB JVN |
| guide-park — bbs_x102 | Cross-site scripting (XSS) vulnerability in guide-park.com BBS X102 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2015-09-05 | 4.3 | CVE-2015-2985 JVNDB JVN |
| lemon-s_php — twit_bbs | Cross-site scripting (XSS) vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter. | 2015-09-07 | 4.3 | CVE-2015-2989 JVNDB JVN |
| libvdpau_project — libvdpau | The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors. | 2015-09-08 | 6.3 | CVE-2015-5200 CONFIRM UBUNTU MLIST |
| microsoft — internet_explorer | Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka “Information Disclosure Vulnerability.” | 2015-09-08 | 5.0 | CVE-2015-2483 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 10 and 11 uses an incorrect flag during certain filesystem accesses, which allows remote attackers to delete arbitrary files via unspecified vectors, aka “Tampering Vulnerability.” | 2015-09-08 | 6.4 | CVE-2015-2484 MS |
| microsoft — internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka “Elevation of Privilege Vulnerability.” | 2015-09-08 | 4.3 | CVE-2015-2489 MS |
| microsoft — exchange_server | Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to obtain sensitive stacktrace information via a crafted request, aka “Exchange Information Disclosure Vulnerability.” | 2015-09-08 | 5.0 | CVE-2015-2505 MS |
| microsoft — windows_10 | Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (data loss) via a crafted .jnt file, aka “Windows Journal DoS Vulnerability.” | 2015-09-08 | 4.3 | CVE-2015-2516 MS |
| microsoft — .net_framework | Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to cause a denial of service to an ASP.NET web site via crafted requests, aka “MVC Denial of Service Vulnerability.” | 2015-09-08 | 5.0 | CVE-2015-2526 MS |
| microsoft — lync_server | Cross-site scripting (XSS) vulnerability in the jQuery engine in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Skype for Business Server and Lync Server XSS Information Disclosure Vulnerability.” | 2015-09-08 | 4.3 | CVE-2015-2531 MS |
| microsoft — lync_server | Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Lync Server XSS Information Disclosure Vulnerability.” | 2015-09-08 | 4.3 | CVE-2015-2532 MS |
| microsoft — windows_server_2008 | Active Directory in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service outage) by creating multiple machine accounts, aka “Active Directory Denial of Service Vulnerability.” | 2015-09-08 | 4.0 | CVE-2015-2535 MS |
| microsoft — lync_server | Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Skype for Business Server and Lync Server XSS Elevation of Privilege Vulnerability.” | 2015-09-08 | 4.3 | CVE-2015-2536 MS |
| microsoft — exchange_server | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka “Exchange Spoofing Vulnerability.” | 2015-09-08 | 4.3 | CVE-2015-2543 MS |
| microsoft — exchange_server | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka “Exchange Spoofing Vulnerability.” | 2015-09-08 | 4.3 | CVE-2015-2544 MS |
| neojapan — desknet_neo | Directory traversal vulnerability in zhtml.cgi in NEOJAPAN desknet NEO 2.0R1.0 through 2.5R1.4 allows remote authenticated users to read arbitrary files via a crafted parameter. | 2015-09-04 | 4.0 | CVE-2015-2990 CONFIRM JVNDB JVN |
| nscripter_project — nscripter | Buffer overflow in NScripter before 3.00 allows remote attackers to execute arbitrary code via crafted save data. | 2015-09-04 | 6.8 | CVE-2015-2991 CONFIRM JVNDB JVN |
| opendocman — opendocman | Cross-site scripting (XSS) vulnerability in OpenDocMan before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter. | 2015-09-07 | 4.3 | CVE-2015-5625 JVNDB JVN |
| openstack — compute | OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance. | 2015-09-08 | 6.8 | CVE-2015-3241 CONFIRM REDHAT |
| rakuto — rktsns2 | Cross-site scripting (XSS) vulnerability in rakuto.net hitSuji (rktSNS2) 0.2.2b allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2015-09-05 | 4.3 | CVE-2015-2986 JVNDB JVN |
| redhat — openshift_origin | The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service (master process crash) via crafted JSON data. | 2015-09-08 | 4.0 | CVE-2015-5250 CONFIRM CONFIRM REDHAT |
| spice_project — spice | Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors. | 2015-09-08 | 6.9 | CVE-2015-3247 SECTRACK REDHAT REDHAT REDHAT |
Low Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| microsoft — sharepoint_foundation | Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content, aka “Microsoft SharePoint XSS Spoofing Vulnerability.” | 2015-09-08 | 3.5 | CVE-2015-2522 MS |
| microsoft — windows_10 | The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka “Kernel ASLR Bypass Vulnerability.” | 2015-09-08 | 2.1 | CVE-2015-2529 MS |
| microsoft — windows_10 | Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted application, aka “Hyper-V Security Feature Bypass Vulnerability.” | 2015-09-08 | 1.9 | CVE-2015-2534 MS |
| redhat — enterprise_virtualization | The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view. | 2015-09-08 | 3.7 | CVE-2015-1841 SECTRACK REDHAT |
This product is provided subject to this Notification and this Privacy & Use policy.