Category Archives: US-CERT

US-CERT Alerts – Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

IRS Releases Ninth Security Tip

January 19, 2016 007admin Leave a comment

Original release date: January 19, 2016

The Internal Revenue Service (IRS) has released the ninth in a series of tips intended to help the public protect personal and financial data online and at home. This tip describes new procedures taken by the IRS, state governments, and the tax industry to provide a safer, more secure filing environment for taxpayers. Recommendations include new password standards, security questions, out-of-band email verification, and a lockout feature.

US-CERT encourages users and administrators to review the IRS Security Awareness Tax Tip Number 9 for additional information.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

SB16-018: Vulnerability Summary for the Week of January 11, 2016

January 18, 2016 007admin Leave a comment

Original release date: January 18, 2016

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
adobe — acrobat	Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.	2016-01-14	10.0	CVE-2016-0933 CONFIRM
adobe — acrobat	Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG 2000 data, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.	2016-01-14	9.3	CVE-2016-0936 CONFIRM MISC
adobe — acrobat	Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0940, and CVE-2016-0941.	2016-01-14	9.3	CVE-2016-0937 CONFIRM MISC
adobe — acrobat	The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.	2016-01-14	9.3	CVE-2016-0938 CONFIRM MISC
adobe — acrobat	Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0941.	2016-01-14	10.0	CVE-2016-0940 CONFIRM
adobe — acrobat	Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.	2016-01-14	10.0	CVE-2016-0942 CONFIRM
adobe — acrobat	Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0945, and CVE-2016-0946.	2016-01-14	10.0	CVE-2016-0944 CONFIRM
adobe — acrobat	Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0946.	2016-01-14	10.0	CVE-2016-0945 CONFIRM
adobe — acrobat	Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0945.	2016-01-14	10.0	CVE-2016-0946 CONFIRM
adobe — acrobat	Untrusted search path vulnerability in Adobe Download Manager, as used in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X, allows local users to gain privileges via a crafted resource in an unspecified directory.	2016-01-14	7.2	CVE-2016-0947 CONFIRM
apache — activemq	Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.	2016-01-08	7.5	CVE-2015-5254 CONFIRM MLIST FEDORA FEDORA CONFIRM
apache — subversion	Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.	2016-01-08	9.0	CVE-2015-5259 SECTRACK CONFIRM
apple — mac_os_x	Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors.	2016-01-11	7.2	CVE-2015-6980 CONFIRM APPLE
avm — fritz!_os	AVM FRITZ!OS before 6.30 extracts the contents of firmware updates before verifying their cryptographic signature, which allows remote attackers to create symlinks or overwrite critical files, and consequently execute arbitrary code, via a crafted firmware image.	2016-01-08	9.3	CVE-2014-8886 MISC CONFIRM BUGTRAQ FULLDISC
blueman_project — blueman	The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.3 allows local users to gain privileges via the dhcp_handler argument.	2016-01-08	7.2	CVE-2015-8612 MISC CONFIRM CONFIRM MLIST MLIST DEBIAN
dell — pre-boot_authentication_driver	Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x0022201c IOCTL call.	2016-01-08	7.2	CVE-2015-6856 MISC BID BUGTRAQ FULLDISC MISC
f5 — big-ip_access_policy_manager	F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and 11.6.0 before 11.6.0 HF4 allow remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors related to processing a Citrix Remote Desktop connection through a virtual server configured with a remote desktop profile, aka an “Out-of-bounds memory vulnerability.”	2016-01-12	10.0	CVE-2015-8098 CONFIRM SECTRACK
f5 — big-ip_access_policy_manager	BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 2000, 4000, 5000, 7000, and 10000 platforms do not properly sync passwords with the Always-On Management (AOM) subsystem, which might allow remote attackers to obtain login access to AOM via an (1) expired or (2) default password.	2016-01-12	10.0	CVE-2015-8611 CONFIRM SECTRACK
fortinet — forticlient	Fortinet FortiClient Linux SSLVPN before build 2313, when installed on Linux in a home directory that is world readable and executable, allows local users to gain privileges via the helper/subroc setuid program.	2016-01-08	7.2	CVE-2015-7362 CONFIRM
huawei — mate_7_firmware	Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application.	2016-01-12	9.3	CVE-2015-8088 CONFIRM
huawei — ale_firmware	The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service (crash) via a crafted application with the system or camera permission, a different vulnerability than CVE-2015-8226.	2016-01-08	7.1	CVE-2015-8225 CONFIRM
huawei — ale_firmware	The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service (crash) via a crafted application with the system or camera permission, a different vulnerability than CVE-2015-8225.	2016-01-08	7.1	CVE-2015-8226 CONFIRM
huawei — espace_8950	Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of crafted ARP packets.	2016-01-11	7.8	CVE-2015-8230 CONFIRM
huawei — espace_7910	Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers with established sessions to cause a denial of service (device restart) via unspecified packets.	2016-01-11	7.8	CVE-2015-8231 CONFIRM
joomla — joomla!	SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors.	2016-01-12	7.5	CVE-2015-8769 CONFIRM BID
juniper — screenos	Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service (system crash) or execute arbitrary code via crafted SSH negotiation.	2016-01-08	9.3	CVE-2015-7754 SECTRACK BID CONFIRM
libtiff_project — libtiff	The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.	2016-01-08	7.5	CVE-2015-7554 BUGTRAQ MLIST FULLDISC MISC
libtiff_project — libtiff	Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image.	2016-01-08	7.5	CVE-2015-8668 BUGTRAQ MISC
mcafee — epolicy_orchestrator	Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041, and 5.3.x before 5.3.1 Hotfix 1106041 allow remote attackers to execute arbitrary code via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.	2016-01-08	7.5	CVE-2015-8765 CERT-VN CONFIRM
microsoft — jscript	The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka “Scripting Engine Memory Corruption Vulnerability.”	2016-01-13	9.3	CVE-2016-0002 MS MS
microsoft — edge	Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka “Microsoft Edge Memory Corruption Vulnerability.”	2016-01-13	9.3	CVE-2016-0003 MS
microsoft — windows_10	Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka “Win32k Remote Code Execution Vulnerability.”	2016-01-13	9.3	CVE-2016-0009 MS
microsoft — excel_for_mac	Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.”	2016-01-13	9.3	CVE-2016-0010 MS
microsoft — windows_10	DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka “DirectShow Heap Corruption Remote Code Execution Vulnerability.”	2016-01-13	9.3	CVE-2016-0015 MS
microsoft — windows_10	The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password accounts via a modified RDP client, aka “Windows Remote Desktop Protocol Security Bypass Vulnerability.”	2016-01-13	9.3	CVE-2016-0019 MS
microsoft — windows_7	Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka “MAPI DLL Loading Elevation of Privilege Vulnerability.”	2016-01-13	7.2	CVE-2016-0020 MS
microsoft — edge	The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka “Scripting Engine Memory Corruption Vulnerability.”	2016-01-13	9.3	CVE-2016-0024 MS
microsoft — silverlight	Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a denial of service (object-header corruption) via a crafted web site, aka “Silverlight Runtime Remote Code Execution Vulnerability.”	2016-01-13	9.3	CVE-2016-0034 MS
microsoft — excel	Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.”	2016-01-13	9.3	CVE-2016-0035 MS
owncloud — owncloud	ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php.	2016-01-08	7.5	CVE-2016-1499 MISC CONFIRM
pygments — pygments	The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name.	2016-01-08	9.3	CVE-2015-8557 MISC UBUNTU MLIST MLIST FULLDISC MISC
qemu — qemu	The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.	2016-01-12	7.8	CVE-2015-1779 MLIST MLIST MLIST UBUNTU SECTRACK BID MLIST MLIST DEBIAN REDHAT REDHAT SUSE SUSE FEDORA FEDORA
sap — afaria	SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to “Insecure signature,” aka SAP Security Note 2134905.	2016-01-08	9.4	CVE-2015-8753 MISC
zarafa — zarafa_collaboration_platform	zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*.	2016-01-11	7.2	CVE-2015-6566 CONFIRM CONFIRM CONFIRM FEDORA

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
acquia — mollom	The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors.	2016-01-08	5.0	CVE-2015-8754 MISC CONFIRM
adobe — acrobat	Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FileAttachment annotation, a different vulnerability than CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.	2016-01-14	6.8	CVE-2016-0931 CONFIRM MISC
adobe — acrobat	Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0934, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941.	2016-01-14	6.8	CVE-2016-0932 CONFIRM MISC
adobe — acrobat	Use-after-free vulnerability in AGM.dll in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2016-0932, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941.	2016-01-14	6.8	CVE-2016-0934 CONFIRM MISC
adobe — acrobat	Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted ExtGState dictionary.	2016-01-14	6.8	CVE-2016-0935 CONFIRM MISC
adobe — acrobat	Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.	2016-01-14	6.8	CVE-2016-0939 CONFIRM MISC
adobe — acrobat	Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0940.	2016-01-14	6.8	CVE-2016-0941 CONFIRM MISC
adobe — acrobat	Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X mishandle the Global object, which allows attackers to bypass JavaScript API execution restrictions via unspecified vectors.	2016-01-14	6.8	CVE-2016-0943 CONFIRM MISC
apple — mac_os_x	Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass intended Gatekeeper restrictions and gain privileges via a Trojan horse program that is loaded from an unexpected directory by an application that has a valid Apple digital signature.	2016-01-11	6.9	CVE-2015-7024 CONFIRM APPLE
apple — quicktime	Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.	2016-01-08	6.8	CVE-2015-7085 CONFIRM APPLE
apple — quicktime	Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.	2016-01-08	6.8	CVE-2015-7086 CONFIRM APPLE
apple — quicktime	Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.	2016-01-08	6.8	CVE-2015-7087 CONFIRM APPLE
apple — quicktime	Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.	2016-01-08	6.8	CVE-2015-7088 CONFIRM APPLE
apple — quicktime	Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.	2016-01-08	6.8	CVE-2015-7089 CONFIRM APPLE
apple — quicktime	Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.	2016-01-08	6.8	CVE-2015-7090 CONFIRM APPLE
apple — quicktime	Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7092, and CVE-2015-7117.	2016-01-08	6.8	CVE-2015-7091 CONFIRM APPLE
apple — quicktime	Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted TXXX frame within an ID3 tag in MP3 data in a movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, and CVE-2015-7117.	2016-01-08	6.8	CVE-2015-7092 CONFIRM MISC APPLE
apple — apple_tv	libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7116.	2016-01-09	4.3	CVE-2015-7115 CONFIRM CONFIRM CONFIRM APPLE APPLE APPLE
apple — apple_tv	libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7115.	2016-01-09	4.3	CVE-2015-7116 CONFIRM CONFIRM CONFIRM APPLE APPLE APPLE
apple — quicktime	Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, and CVE-2015-7092.	2016-01-08	6.8	CVE-2015-7117 CONFIRM APPLE
avm — fritz!_os	Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message.	2016-01-12	4.3	CVE-2015-7242 CONFIRM BUGTRAQ MISC MISC
bluecoat — advanced_secure_gateway	Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in conjunction with a “clear text” one in a coaching page, as demonstrated by “http://www.%humbug-URL%.local/bluecoat-splash-API?%BASE64-URL%.”	2016-01-08	5.8	CVE-2015-8597 CONFIRM SECTRACK MISC
f5 — big-ip_access_policy_manager	dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors.	2016-01-12	6.9	CVE-2015-7393 CONFIRM SECTRACK SECTRACK
f5 — big-ip_access_policy_manager	BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP profile for a virtual server is configured with Congestion Metrics Cache enabled, allow remote attackers to cause a denial of service (Traffic Management Microkernel (TMM) restart) via crafted ICMP packets, related to Path MTU (PMTU) discovery.	2016-01-12	4.3	CVE-2015-7759 CONFIRM SECTRACK
ffmpeg — ffmpeg	FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.	2016-01-14	4.3	CVE-2016-1897 MLIST MISC MISC
firebirdsql — firebird	FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter.	2016-01-13	4.0	CVE-2016-1569 MLIST MLIST CONFIRM CONFIRM
huawei — vcn500	The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 does not properly invalidate the session ID when an “abnormal exit” occurs, which allows remote attackers to conduct replay attacks via the session ID.	2016-01-11	5.8	CVE-2015-8331 CONFIRM
huawei — vcn500	The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 allows remote authenticated users to change the IP address of the media server via crafted packets.	2016-01-11	5.5	CVE-2015-8333 CONFIRM
huawei — vcn500	Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows remote authenticated users to obtain sensitive information by triggering log generation and then reading the log.	2016-01-11	4.0	CVE-2015-8335 CONFIRM
ibm — websphere_commerce	Multiple open redirect vulnerabilities in the Aurora starter store in IBM WebSphere Commerce 7.0 through Feature Pack 8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referrer parameter.	2016-01-09	5.8	CVE-2015-7397 CONFIRM CONFIRM AIXAPAR
ibm — integration_bus	IBM WebSphere Message Broker 7 before 7.0.0.8 and 8 before 8.0.0.6 and IBM Integration Bus 9 before 9.0.0.3 and 10 before 10.0.0.0 allow remote attackers to obtain sensitive information about the HTTP server via unspecified vectors.	2016-01-11	5.0	CVE-2015-7399 CONFIRM AIXAPAR
ibm — jazz_reporting_service	Cross-site request forgery (CSRF) vulnerability in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.	2016-01-09	6.8	CVE-2015-7465 CONFIRM
ibm — jazz_reporting_service	Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended query restrictions or modify the LDAP directory, via unspecified vectors.	2016-01-09	4.0	CVE-2015-7466 CONFIRM
microsoft — sharepoint_foundation	Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka “Microsoft SharePoint Security Feature Bypass,” a different vulnerability than CVE-2016-0011.	2016-01-13	4.3	CVE-2015-6117 MS
microsoft — internet_explorer	Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka “Internet Explorer Elevation of Privilege Vulnerability.”	2016-01-13	4.3	CVE-2016-0005 MS
microsoft — windows_10	The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka “Windows Mount Point Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0007.	2016-01-13	6.9	CVE-2016-0006 MS
microsoft — windows_10	The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka “Windows Mount Point Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0006.	2016-01-13	6.9	CVE-2016-0007 MS
microsoft — windows_7	The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka “Windows GDI32.dll ASLR Bypass Vulnerability.”	2016-01-13	4.3	CVE-2016-0008 MS
microsoft — excel	Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office 2016, Excel 2016, PowerPoint 2016, Visio 2016, Word 2016, and Visual Basic 6.0 Runtime allow remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka “Microsoft Office ASLR Bypass.”	2016-01-13	4.3	CVE-2016-0012 MS
microsoft — windows_10	Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka “DLL Loading Elevation of Privilege Vulnerability.”	2016-01-13	6.9	CVE-2016-0014 MS
microsoft — windows_10	Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka “DLL Loading Remote Code Execution Vulnerability.”	2016-01-13	6.9	CVE-2016-0016 MS
microsoft — windows_10	Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka “DLL Loading Remote Code Execution Vulnerability.”	2016-01-13	6.9	CVE-2016-0018 MS
microsoft — exchange_server	Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Exchange Spoofing Vulnerability,” a different vulnerability than CVE-2016-0031.	2016-01-13	4.3	CVE-2016-0029 MS
microsoft — exchange_server	Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, and 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Exchange Spoofing Vulnerability.”	2016-01-13	4.3	CVE-2016-0030 MS
microsoft — exchange_server	Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Exchange Spoofing Vulnerability,” a different vulnerability than CVE-2016-0029.	2016-01-13	4.3	CVE-2016-0031 MS
microsoft — exchange_server	Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, 2013 Cumulative Update 11, and 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Exchange Spoofing Vulnerability.”	2016-01-13	4.3	CVE-2016-0032 MS
mozilla — firefox_os	Cross-site scripting (XSS) vulnerability in the internationalization feature in the default homescreen app in Mozilla Firefox OS before 2.5 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted web site that is mishandled during “Add to home screen” bookmarking.	2016-01-08	4.3	CVE-2015-8510 CONFIRM CONFIRM
mozilla — firefox_os	Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors.	2016-01-08	6.9	CVE-2015-8511 CONFIRM CONFIRM
nex-forms_lite_project — nex-forms_lite	Multiple cross-site scripting (XSS) vulnerabilities in the NEX-Forms Lite plugin 2.1.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the form_fields parameter in a (1) do_edit or (2) do_insert action to wp-admin/admin-ajax.php.	2016-01-08	4.3	CVE-2014-7151 MISC MISC
opencart — opencart	Cross-site scripting (XSS) vulnerability in OpenCart before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the zone_id parameter to index.php.	2016-01-12	4.3	CVE-2015-4671 CONFIRM CONFIRM MISC
owncloud — owncloud	Cross-site scripting (XSS) vulnerability in the OCS discovery provider component in ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a URL.	2016-01-08	4.3	CVE-2016-1498 CONFIRM
owncloud — owncloud	ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authenticated users to obtain sensitive information via unspecified vectors, which reveals the installation path in the resulting exception messages.	2016-01-08	4.0	CVE-2016-1501 CONFIRM
phusionpassenger — phusion_passenger	agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an _ (underscore) character instead of a – (dash) character in an HTTP header, as demonstrated by an X_User header.	2016-01-08	4.3	CVE-2015-7519 CONFIRM CONFIRM CONFIRM MLIST MLIST SUSE
python — python	The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack.	2016-01-13	5.0	CVE-2016-1494 MISC CONFIRM MLIST MLIST
qemu — qemu	Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.	2016-01-08	6.8	CVE-2015-7512 SECTRACK BID MLIST CONFIRM
quassel-irc — quassel	The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the “/op *” command in a query.	2016-01-08	5.0	CVE-2015-8547 CONFIRM CONFIRM MLIST MLIST SUSE
ssp-europe — secure_data_space	Multiple cross-site scripting (XSS) vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to api/v3/public/shares/downloads/, the (2) authType parameter to api/v3/auth/login, or the (3) login parameter to api/v3/auth/reset_password.	2016-01-11	4.3	CVE-2015-7706 CONFIRM BUGTRAQ FULLDISC MISC
symphony-cms — symphony_cms	Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Navigation Group, or (3) Label parameter to blueprints/sections/edit/1.	2016-01-08	4.3	CVE-2015-8376 FULLDISC FULLDISC
symphony-cms — symphony_cms	Multiple cross-site scripting (XSS) vulnerabilities in content/content.systempreferences.php in Symphony CMS before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via the (1) email_sendmail[from_name], (2) email_sendmail[from_address], (3) email_smtp[from_name], (4) email_smtp[from_address], (5) email_smtp[host], (6) email_smtp[port], (7) jit_image_manipulation[trusted_external_sites], or (8) maintenance_mode[ip_whitelist] parameters to system/preferences.	2016-01-08	4.3	CVE-2015-8766 CONFIRM CONFIRM FULLDISC
titan_framework_project — titan_framework	Multiple cross-site scripting (XSS) vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to iframe-googlefont-preview.php or the (2) text parameter to iframe-font-preview.php.	2016-01-08	4.3	CVE-2014-6444 MISC MISC
typo3 — typo3	Cross-site scripting (XSS) vulnerability in the Extension Manager in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to extension data during an extension installation.	2016-01-08	4.3	CVE-2015-8757 SECTRACK BID CONFIRM
typo3 — typo3	The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka “Cross-Site Flashing.”	2016-01-08	4.3	CVE-2015-8760 SECTRACK BID CONFIRM
values_project — values	The Values module 7.x-1.x before 7.x-1.2 for Drupal does not properly check permissions, which allows remote administrators with the “Import value sets” permission to execute arbitrary PHP code via the exported values list in a ctools import.	2016-01-08	6.0	CVE-2015-8761 MISC CONFIRM BID CONFIRM
zip_attachments_project — zip_attachments	Directory traversal vulnerability in download.php in the Zip Attachments plugin before 1.5.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the za_file parameter.	2016-01-08	5.0	CVE-2015-4694 CONFIRM MISC MISC MISC MLIST MLIST

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
atlassian — jira	Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA Service Desk 3.0.3 installer attaches the wrong image to e-mail notifications when a user views an issue with inline wiki markup referencing an image attachment, which might allow remote attackers to obtain sensitive information by updating a different issue that includes wiki markup for an external image reference.	2016-01-08	3.5	CVE-2015-8481 CONFIRM CONFIRM BID
field_group_project — field_group	Cross-site scripting (XSS) vulnerability in the Field Group module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with permission to configure field display settings to inject arbitrary web script or HTML via an element attribute.	2016-01-08	3.5	CVE-2016-1565 MISC CONFIRM
gummi_project — gummi	Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux.	2016-01-08	2.1	CVE-2015-7758 CONFIRM MLIST MLIST SUSE
huawei — document_security_management	Huawei Document Security Management (DSM) with software before V100R002C05SPC661 does not clear the clipboard when closing a secure file, which allows local users to obtain sensitive information by pasting the contents to another file.	2016-01-08	2.1	CVE-2015-8303 CONFIRM
microsoft — sharepoint_foundation	Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka “Microsoft SharePoint Security Feature Bypass,” a different vulnerability than CVE-2015-6117.	2016-01-13	3.5	CVE-2016-0011 MS
mozilla — firefox_os	The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proximate attackers to obtain access by entering many passcode guesses.	2016-01-08	2.1	CVE-2015-8512 CONFIRM CONFIRM
owncloud — owncloud	ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2, when the “file_versions” application is enabled, does not properly check the return value of getOwner, which allows remote authenticated users to read the files with names starting with “.v” and belonging to a sharing user by leveraging an incoming share.	2016-01-08	3.5	CVE-2016-1500 CONFIRM
puppetlabs — puppet_enterprise	Puppet Server in Puppet Enterprise before 3.8.x before 3.8.3 and 2015.2.x before 2015.2.3 uses world-readable permissions for the private key of the Certification Authority (CA) certificate during the initial installation and configuration, which might allow local users to obtain sensitive information via unspecified vectors.	2016-01-08	1.9	CVE-2015-7328 CONFIRM
typo3 — typo3	Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors.	2016-01-08	3.5	CVE-2015-8755 SECTRACK BID CONFIRM
typo3 — typo3	Cross-site scripting (XSS) vulnerability in the search result view in the Indexed Search (indexed_search) component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrary web script or HTML via unspecified vectors.	2016-01-08	3.5	CVE-2015-8756 SECTRACK CONFIRM
typo3 — typo3	Multiple cross-site scripting (XSS) vulnerabilities in unspecified frontend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors.	2016-01-08	3.5	CVE-2015-8758 SECTRACK BID CONFIRM
typo3 — typo3	Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field.	2016-01-08	3.5	CVE-2015-8759 BID CONFIRM
xen — xen	The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback method, which allows local HVM guest OS users to cause a denial of service via a large number of changes to the callback method (HVM_PARAM_CALLBACK_IRQ).	2016-01-08	2.1	CVE-2015-8615 CONFIRM SECTRACK

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

OpenSSH Client Vulnerability

January 14, 2016 007admin Leave a comment

Original release date: January 14, 2016

OpenSSH version 7.1p2 has been released to address vulnerabilities in versions 5.4 through 7.1p1. Exploitation of one of these vulnerabilities may allow a remote attacker to obtain sensitive information from an affected system.

Users and administrators are encouraged to review the OpenSSH Release Notes and Vulnerability Note VU#456088 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

Cisco Releases Security Updates

January 13, 2016 007admin Leave a comment

Original release date: January 13, 2016

Cisco has released security updates to address vulnerabilities in Wireless LAN Controller software, Identity Services Engine software, and Aironet 1800 Series Access Points. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected device.

US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

Wireless LAN Controller unauthorized-access vulnerability
Identity Services Engine unauthorized-access vulnerability 1 and vulnerability 2
Aironet 1800 Series Access Point denial-of-service vulnerability and default-account vulnerability

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

ISC Releases Security Updates

January 12, 2016 007admin Leave a comment

Original release date: January 12, 2016

Internet Systems Consortium (ISC) has released security updates to address a vulnerability in the ISC Dynamic Host Configuration Protocol (DHCP) software. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition.

Available updates include:

DHCP version 4.1-ESV-R12-P1
DHCP version 4.3.3-P1

Users and administrators are encouraged to review ISC Knowledge Base Article AA-01334 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

Microsoft Releases January 2016 Security Bulletin

January 12, 2016 007admin Leave a comment

Original release date: January 12, 2016

Microsoft has released nine updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review Microsoft Security Bulletins MS16-001 through MS16-010 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

Adobe Releases Security Updates for Acrobat and Reader

January 12, 2016 007admin Leave a comment

Original release date: January 12, 2016

Adobe has released security updates to address multiple vulnerabilities in Acrobat and Reader. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review Adobe Security Bulletin APSB16-02 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

IRS Releases Eighth Security Tip

January 11, 2016 007admin Leave a comment

Original release date: January 11, 2016

The Internal Revenue Service (IRS) has released the eighth in a series of tips intended to help the public protect personal and financial data online and at home. A new tip will be available each Monday through the start of the tax season in January. This tip describes methods users should follow to protect their tax records. Recommendations include encrypting and backing up tax information stored electronically, storing hard copies of tax information under lock and key, and shredding old tax records before disposal.

US-CERT encourages users and administrators to review the IRS Security Awareness Tax Tip Number 8 for additional information.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

SB16-011: Vulnerability Summary for the Week of January 4, 2016

January 11, 2016 007admin Leave a comment

Original release date: January 11, 2016

High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
google — android	mediaserver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 25070493 and 24686670.	2016-01-06	10.0	CVE-2015-6636 CONFIRM
google — android	The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 25307013.	2016-01-06	9.3	CVE-2015-6637 CONFIRM
google — android	The Imagination Technologies driver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 24673908.	2016-01-06	9.3	CVE-2015-6638 CONFIRM
google — android	The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875.	2016-01-06	9.3	CVE-2015-6639 CONFIRM
google — android	The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or cause a denial of service (vma list corruption) via a crafted application, aka internal bug 20017123.	2016-01-06	9.3	CVE-2015-6640 CONFIRM CONFIRM
google — android	The kernel in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24157888.	2016-01-06	7.8	CVE-2015-6642 CONFIRM
google — android	Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows physically proximate attackers to modify settings or bypass a reset protection mechanism via unspecified vectors, aka internal bug 25290269.	2016-01-06	7.2	CVE-2015-6643 CONFIRM
google — android	SyncManager in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to cause a denial of service (continuous rebooting) via a crafted application, aka internal bug 23591205.	2016-01-06	7.1	CVE-2015-6645 CONFIRM
google — android	The System V IPC implementation in the kernel in Android before 6.0 2016-01-01 allows attackers to cause a denial of service (global kernel resource consumption) by leveraging improper interaction between IPC resource allocation and the memory manager, aka internal bug 22300191, a different vulnerability than CVE-2015-7613.	2016-01-06	7.8	CVE-2015-6646 CONFIRM
google — android	The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24441554.	2016-01-06	9.3	CVE-2015-6647 CONFIRM
hp — j8692a	HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6859.	2016-01-05	7.2	CVE-2015-6860 HP
hp — ucmdb_browser	HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors.	2016-01-07	7.2	CVE-2015-6862 HP
ibm — i_access	Buffer overflow in IBM i Access 7.1 on Windows allows local users to gain privileges via unspecified vectors.	2016-01-02	7.2	CVE-2015-2023 AIXAPAR CONFIRM
ibm — tivoli_monitoring	The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 before FP7 allows remote authenticated users to execute arbitrary commands by leveraging Take Action view authority and providing crafted input.	2016-01-03	8.5	CVE-2015-5003 CONFIRM AIXAPAR
ibm — security_access_manager_9.0_firmware	IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.	2016-01-02	8.5	CVE-2015-5018 CONFIRM AIXAPAR AIXAPAR
ibm — connections	IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 does not properly detect recursion during XML entity expansion, which allows remote attackers to cause a denial of service (CPU consumption and application crash) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.	2016-01-03	7.8	CVE-2015-5038 CONFIRM AIXAPAR
ibm — spectrum_protect_for_virtual_environments	The Data Protection extension in the VMware GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 7.1 before 7.1.3.0 and Tivoli Storage FlashCopy Manager for VMware (aka Spectrum Protect Snapshot) 4.1 before 4.1.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.	2016-01-02	10.0	CVE-2015-7426 CONFIRM
ibm — tivoli_common_reporting	IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.	2016-01-02	10.0	CVE-2015-7450 CONFIRM
ipswitch — whatsup_gold	The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold before 16.4 does not properly validate serialized XML objects, which allows remote attackers to conduct SQL injection attacks via a crafted SOAP request.	2016-01-07	7.5	CVE-2015-8261 CERT-VN
pcre — perl_compatible_regular_expression_library	The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+”){99}-))(?J)(?’R'(?’R'<((?’RR'(?’R’){97)?J)?J)(?’R'(?’R’){99\|(:(?\|(?’R’)(k’R’)\|((?’R’)))H’R’R)(H’R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.	2016-01-02	7.5	CVE-2016-1283 CONFIRM

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
apache — hadoop	The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for IBM Spectrum Scale and General Parallel File System (GPFS) allows local users to read or write to arbitrary GPFS data via unspecified vectors.	2016-01-02	4.6	CVE-2015-7430 CONFIRM
cisco — ios_xr	Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, and 5.3.2 does not properly restrict the number of Path Computation Elements (PCEs) for OSPF LSA opaque area updates, which allows remote attackers to cause a denial of service (device reload) via a crafted update, aka Bug ID CSCuw83486.	2016-01-04	5.0	CVE-2015-6432 CISCO
cisco — unified_communications_manager	SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCut66767.	2016-01-07	4.0	CVE-2015-6433 CISCO
cisco — prime_infrastructure	Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a “cross-frame scripting (XFS)” issue, aka Bug ID CSCux64856.	2016-01-07	4.3	CVE-2015-6434 CISCO
dx_library_project — dx_library	Buffer overflow in the CL_vsprintf function in Takumi Yamada DX Library before 3.16 allows remote attackers to execute arbitrary code via a crafted string.	2016-01-07	6.8	CVE-2016-1131 JVNDB JVN CONFIRM
eucalyptus — eucalyptus	HP Helion Eucalyptus 4.1.x before 4.1.2 and HPE Helion Eucalyptus 4.2.x before 4.2.1 allow remote authenticated users to bypass intended access restrictions and modify arbitrary (1) access key credentials by leveraging knowledge of a key ID or (2) signing certificates by leveraging knowledge of a certificate ID.	2016-01-04	4.6	CVE-2014-5040 CONFIRM HP
eucalyptus — eucalyptus	HPE Helion Eucalyptus 3.4.0 through 4.2.0 allows remote authenticated users to bypass an intended AssumeRole permission requirement and assume an IAM role by leveraging a policy setting for a user’s account.	2016-01-05	4.6	CVE-2015-6861 HP
google — android	Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146.	2016-01-06	4.3	CVE-2015-6644 CONFIRM
hp — jg786a_hp_flexfabric_12500_4-port_100gbe_cfp_fd	HP H3C Comware 5 and 7 devices allow remote attackers to bypass intended access restrictions or cause a denial of service via “Virtual routing and forwarding (VRF) hopping.”	2016-01-05	6.4	CVE-2015-5434 HP
hp — storeonce_backup_system_software	Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.	2016-01-05	6.8	CVE-2015-5445 HP
hp — storeonce_backup_system_software	HP StoreOnce Backup system software before 3.13.1 allows remote attackers to execute arbitrary code via unspecified vectors.	2016-01-05	5.8	CVE-2015-5446 HP
hp — insight_management	HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensitive information via unspecified vectors.	2016-01-05	4.3	CVE-2015-6858 HP
hp — network_switch_software	HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6860.	2016-01-05	4.6	CVE-2015-6859 HP
ibm — qradar_security_information_and_event_manager	Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.5 Patch 6 allows remote authenticated users to read arbitrary files via a crafted URL.	2016-01-02	4.0	CVE-2015-2007 CONFIRM
ibm — websphere_mq_light	IBM WebSphere MQ Light 1.x before 1.0.2 mishandles abbreviated TLS handshakes, which allows remote attackers to cause a denial of service (MQXR service crash) via unspecified vectors.	2016-01-01	5.0	CVE-2015-4941 CONFIRM
ibm — websphere_mq_light	IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to cause a denial of service (MQXR service crash) via a series of connect and disconnect actions.	2016-01-01	5.0	CVE-2015-4943 CONFIRM
ibm — tealeaf_customer_experience	The portal in IBM Tealeaf Customer Experience before 8.7.1.8814, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows remote attackers to read arbitrary charts by specifying an internal chart name.	2016-01-02	5.0	CVE-2015-4989 CONFIRM
ibm — change_and_configuration_management_database	IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before 7.6.0.2 IFIX002; Maximo Asset Management 7.5.0 before 7.5.0.8 IFIX005, 7.5.1, and 7.6.0 before 7.6.0.2 IFIX002 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allow remote authenticated users to bypass intended access restrictions and establish a login session by entering an expired password.	2016-01-03	5.5	CVE-2015-5017 CONFIRM
ibm — infosphere_biginsights	The Big SQL component in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0 allows remote authenticated users to bypass intended access restrictions and truncate arbitrary tables via unspecified vectors.	2016-01-02	4.0	CVE-2015-5020 CONFIRM
ibm — curam_social_program_management	SQL injection vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.	2016-01-03	6.5	CVE-2015-5023 CONFIRM
ibm — connections	Cross-site request forgery (CSRF) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.	2016-01-03	6.8	CVE-2015-5037 CONFIRM AIXAPAR
ibm — openpages_grc_platform	SQL injection vulnerability in the API in IBM OpenPages GRC Platform 7.0 before 7.0.0.4 IF3 and 7.1 before 7.1.0.1 IF6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.	2016-01-01	6.5	CVE-2015-5049 CONFIRM
ibm — maximo_asset_management	IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.2 IF1 for SmartCloud Control Desk allow remote authenticated users to bypass intended access restrictions on query results via unspecified vectors.	2016-01-03	4.0	CVE-2015-5051 CONFIRM
ibm — maximo_asset_management	The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.1 FP1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.1 FP1 for SmartCloud Control Desk allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or modify data, via unspecified vectors.	2016-01-02	5.5	CVE-2015-7396 CONFIRM
ibm — mashups_center	The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.	2016-01-02	6.8	CVE-2015-7400 CONFIRM AIXAPAR
ibm — mashups_center	Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in IBM Mashup Center 3.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.	2016-01-02	6.8	CVE-2015-7407 CONFIRM AIXAPAR
ibm — sterling_b2b_integrator	The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.	2016-01-01	5.8	CVE-2015-7410 CONFIRM
ibm — mq_appliance_m2000	Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7421.	2016-01-01	5.0	CVE-2015-7420 CONFIRM
ibm — mq_appliance_m2000	Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7420.	2016-01-01	5.0	CVE-2015-7421 CONFIRM
ibm — spectrum_protect_for_virtual_environments	The Data Protection extension in the VMware GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 7.1 before 7.1.4 and Tivoli Storage FlashCopy Manager for VMware (aka Spectrum Protect Snapshot) 4.1 before 4.1.4 allows remote authenticated users to restore arbitrary virtual machines and consequently obtain sensitive information by visiting the vSphere inventory.	2016-01-02	4.0	CVE-2015-7429 CONFIRM
ibm — sterling_b2b_integrator	Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM Sterling B2B Integrator 5.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.	2016-01-02	4.3	CVE-2015-7431 CONFIRM AIXAPAR
ibm — installation_manager	consoleinst.sh in IBM Installation Manager before 1.7.4.4 and 1.8.x before 1.8.4 and Packaging Utility before 1.7.4.4 and 1.8.x before 1.8.4 allows local users to gain privileges via a Trojan horse program that is located in /tmp with a name based on a predicted PID value.	2016-01-02	6.2	CVE-2015-7442 CONFIRM
ibm — maximo_asset_management	IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 FP9, 7.5.1, and 7.6 before 7.6.0.3 FP3 for SmartCloud Control Desk allow remote authenticated users to obtain sensitive information via the REST API.	2016-01-02	4.0	CVE-2015-7452 CONFIRM
ibm — spectrum_scale	IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote authenticated users to discover object-storage admin passwords via unspecified vectors.	2016-01-01	4.0	CVE-2015-7456 AIXAPAR CONFIRM
mozilla — bugzilla	Template.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2 does not properly construct CSV files, which allows remote attackers to obtain sensitive information by leveraging a web browser that interprets CSV data as JavaScript code.	2016-01-03	4.3	CVE-2015-8509 CONFIRM BUGTRAQ
nodejs — node.js	Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.	2016-01-02	5.0	CVE-2015-8027 CONFIRM CONFIRM CONFIRM AIXAPAR
wireshark — wireshark	epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in Wireshark 1.10.12 through 1.10.14 mishandles a certain strdup return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-3182 CONFIRM CONFIRM
wireshark — wireshark	epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8711 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8712 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8713 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8714 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.	2016-01-04	4.3	CVE-2015-8715 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8716 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8717 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the “Match MSG/RES packets for async NLM” option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8718 CONFIRM CONFIRM
wireshark — wireshark	The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8719 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8720 CONFIRM CONFIRM
wireshark — wireshark	Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.	2016-01-04	4.3	CVE-2015-8721 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8722 CONFIRM CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8723 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8724 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8725 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.	2016-01-04	4.3	CVE-2015-8726 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8727 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8728 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a ” character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.	2016-01-04	4.3	CVE-2015-8729 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8730 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8731 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8732 CONFIRM CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.	2016-01-04	4.3	CVE-2015-8733 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8734 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The get_value function in epan/dissectors/packet-btatt.c in the Bluetooth Attribute (aka BT ATT) dissector in Wireshark 2.0.x before 2.0.1 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (invalid write operation and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8735 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a trailer, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted file.	2016-01-04	4.3	CVE-2015-8736 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The mp2t_open function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not validate the bit rate, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.	2016-01-04	4.3	CVE-2015-8737 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The s7comm_decode_ud_cpu_szl_subfunc function in epan/dissectors/packet-s7comm_szl_ids.c in the S7COMM dissector in Wireshark 2.0.x before 2.0.1 does not validate the list count in an SZL response, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8738 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the IPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to access a packet scope, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.	2016-01-04	4.3	CVE-2015-8739 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8740 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8741 CONFIRM CONFIRM CONFIRM
wireshark — wireshark	The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet.	2016-01-04	4.3	CVE-2015-8742 CONFIRM CONFIRM CONFIRM

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
google — android	Wi-Fi in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows remote attackers to obtain sensitive Wi-Fi information by leveraging access to the local physical environment, aka internal bug 25266660.	2016-01-06	3.3	CVE-2015-5310 CONFIRM
google — android	Bluetooth in Android 6.0 before 2016-01-01 allows remote attackers to obtain sensitive Contacts information by leveraging pairing, aka internal bug 23607427.	2016-01-06	2.9	CVE-2015-6641 CONFIRM
hp — storeonce_backup_system_software	Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.	2016-01-05	3.5	CVE-2015-5447 HP
ibm — rational_collaborative_lifecycle_management	Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.	2016-01-02	3.5	CVE-2015-1928 CONFIRM
ibm — rational_collaborative_lifecycle_management	Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Team Concert (RTC) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Requirements Composer (RRC) 2.x and 3.x before 3.0.1.6 IF7 and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0; and Rational Software Architect Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote attackers to cause a denial of service via unknown vectors.	2016-01-02	3.3	CVE-2015-1971 CONFIRM
ibm — mq_appliance_m2000	The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an intended password requirement and read private keys by leveraging the existence of a stash file.	2016-01-02	1.9	CVE-2015-1985 CONFIRM
ibm — rational_collaborative_lifecycle_management	Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 allows local users to bypass intended access restrictions via unspecified vectors.	2016-01-03	2.1	CVE-2015-4946 CONFIRM
ibm — rational_collaborative_lifecycle_management	Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 uses weak permissions for unspecified project areas, which allows remote authenticated users to obtain sensitive information via unknown vectors.	2016-01-03	2.7	CVE-2015-4962 CONFIRM
ibm — tealeaf_customer_experience	The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows local users to discover credentials by leveraging privileges during an unspecified connection type.	2016-01-02	1.9	CVE-2015-4990 CONFIRM
ibm — rational_clearquest	IBM Rational ClearQuest 7.1.x and 8.0.0.x before 8.0.0.17 and 8.0.1.x before 8.0.1.10 allows local users to spoof database servers and discover credentials via unspecified vectors.	2016-01-02	3.6	CVE-2015-4996 CONFIRM
ibm — connections	Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-5036.	2016-01-03	3.5	CVE-2015-5035 CONFIRM AIXAPAR
ibm — connections	Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-5035.	2016-01-03	3.5	CVE-2015-5036 CONFIRM AIXAPAR
ibm — curam_social_program_management	Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.	2016-01-02	3.5	CVE-2015-7402 CONFIRM
ibm — general_parallel_file_system	IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors.	2016-01-02	2.1	CVE-2015-7403 CONFIRM
ibm — qradar_security_information_and_event_manager	Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.6 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified field.	2016-01-01	3.5	CVE-2015-7409 CONFIRM
ibm — urbancode_deploy	Multiple cross-site scripting (XSS) vulnerabilities in IBM UrbanCode Deploy 6.0 before 6.0.1.12, 6.1 before 6.1.3.2, and 6.2 before 6.2.0.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted URL.	2016-01-01	3.5	CVE-2015-7415 CONFIRM
ibm — i_access	AFP Workbench Viewer in IBM i Access 7.1 on Windows allows remote attackers to cause a denial of service (viewer crash) via a crafted workbench file.	2016-01-02	2.1	CVE-2015-7416 AIXAPAR CONFIRM
ibm — i_access	Buffer overflow in IBM i Access 7.1 on Windows allows local users to cause a denial of service (application crash) via unspecified vectors.	2016-01-02	2.1	CVE-2015-7422 AIXAPAR CONFIRM
ibm — tivoli_common_reporting	IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 allows local users to bypass the Cognos Application Firewall (CAF) protection mechanism via leading whitespace in the BackURL field.	2016-01-02	1.9	CVE-2015-7435 CONFIRM
ibm — tivoli_common_reporting	IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 preserves user permissions across group-add and group-remove operations, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging administrative changes to group membership.	2016-01-02	1.9	CVE-2015-7436 CONFIRM
ibm — sterling_b2b_integrator	Queue Watcher in IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive information via unspecified vectors.	2016-01-02	2.1	CVE-2015-7437 CONFIRM AIXAPAR
ibm — sterling_b2b_integrator	IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services information by leveraging database access.	2016-01-02	1.9	CVE-2015-7438 CONFIRM AIXAPAR
ibm — b2b_advanced_communications	IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.x before 1.0.0.4, when guest access is configured, allow remote authenticated users to obtain sensitive information by reading error messages in responses.	2016-01-01	3.5	CVE-2015-7445 CONFIRM AIXAPAR
ibm — maximo_asset_management	Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.9 IF2 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 IF2, 7.5.1, and 7.6 before 7.6.0.3 FP3 for SmartCloud Control Desk allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.	2016-01-02	3.5	CVE-2015-7451 CONFIRM
mozilla — bugzilla	Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2, when a local dot configuration is used, allows remote attackers to inject arbitrary web script or HTML via a crafted bug summary.	2016-01-03	2.6	CVE-2015-8508 CONFIRM BUGTRAQ

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

Mozilla Releases Security Updates

January 8, 2016 007admin Leave a comment

Original release date: January 08, 2016

Mozilla has released security updates to address a vulnerability in Firefox. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information from an affected system.

Available updates include:

Firefox 43.0.2
Firefox ESR 38.5.2

US-CERT encourages users and administrators to review Mozilla Security Advisory 2015-150 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

007 Software

Category Archives: US-CERT

IRS Releases Ninth Security Tip

SB16-018: Vulnerability Summary for the Week of January 11, 2016

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

OpenSSH Client Vulnerability

Cisco Releases Security Updates

ISC Releases Security Updates

Microsoft Releases January 2016 Security Bulletin

Adobe Releases Security Updates for Acrobat and Reader

IRS Releases Eighth Security Tip

SB16-011: Vulnerability Summary for the Week of January 4, 2016

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Mozilla Releases Security Updates

Software and Security Information