US-CERT Alerts – Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.
Original release date: January 08, 2016
Apple has released a security update to address multiple vulnerabilities in QuickTime for Windows 7 and Windows Vista. Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system.
Users and administrators are encouraged to review the Apple security update page for QuickTime 7.7.9 and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: January 08, 2016
VMware has released security updates to address a vulnerability in VMware ESXi, Fusion, Player, and Workstation. Exploitation of this vulnerability may allow escalation of privileges.
US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2016-0001 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: January 06, 2016
WordPress 4.4 and prior versions contain a cross-site scripting vulnerability. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website.
Users and administrators are encouraged to review the WordPress Security and Maintenance Release and upgrade to WordPress 4.4.1.
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: January 04, 2016
The Internal Revenue Service (IRS) has released the seventh in a series of tips intended to help the public protect personal and financial data online and at home. A new tip will be available each Monday through the start of the tax season in January. This tip describes methods users can follow to protect their information on the Internet. Recommendations include the exclusive use of encrypted websites to transfer sensitive information, prevention of oversharing on social media, and password protection.
US-CERT encourages users and administrators to review the IRS Security Awareness Tax Tip Number 7 and the US-CERT Security Tip Preventing and Responding to Identity Theft for additional information.
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: January 04, 2016
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe — air | Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8460, CVE-2015-8636, and CVE-2015-8645. | 2015-12-28 | 10.0 | CVE-2015-8459 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8636, and CVE-2015-8645. | 2015-12-28 | 9.3 | CVE-2015-8460 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | 2015-12-28 | 9.3 | CVE-2015-8634 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | 2015-12-28 | 9.3 | CVE-2015-8635 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8460, and CVE-2015-8645. | 2015-12-28 | 9.3 | CVE-2015-8636 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | 2015-12-28 | 9.3 | CVE-2015-8638 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | 2015-12-28 | 9.3 | CVE-2015-8639 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | 2015-12-28 | 9.3 | CVE-2015-8640 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | 2015-12-28 | 9.3 | CVE-2015-8641 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | 2015-12-28 | 9.3 | CVE-2015-8642 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | 2015-12-28 | 9.3 | CVE-2015-8643 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code by leveraging an unspecified “type confusion.” | 2015-12-28 | 9.3 | CVE-2015-8644 CONFIRM |
| adobe — air | Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8460, and CVE-2015-8636. | 2015-12-28 | 9.3 | CVE-2015-8645 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | 2015-12-28 | 9.3 | CVE-2015-8646 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | 2015-12-28 | 9.3 | CVE-2015-8647 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8649, and CVE-2015-8650. | 2015-12-28 | 9.3 | CVE-2015-8648 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, and CVE-2015-8650. | 2015-12-28 | 9.3 | CVE-2015-8649 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, and CVE-2015-8649. | 2015-12-28 | 9.3 | CVE-2015-8650 CONFIRM |
| adobe — air | Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors. | 2015-12-28 | 9.3 | CVE-2015-8651 CONFIRM |
| ampedwireless — r10000_firmware | The web administration interface on Amped Wireless R10000 devices with firmware 2.5.2.11 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. | 2015-12-31 | 9.3 | CVE-2015-7277 CERT-VN |
| belkin — n600_db_wi-fi_dual-band_n+_router_f9k1102_firmware | The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. | 2015-12-31 | 9.3 | CVE-2015-5988 CERT-VN |
| belkin — n600_db_wi-fi_dual-band_n+_router_f9k1102_firmware | Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side JavaScript code for authorization, which allows remote attackers to obtain administrative privileges via certain changes to LockStatus and Login_Success values. | 2015-12-31 | 10.0 | CVE-2015-5989 CERT-VN |
| corega — cg-wlbargs_firmware | Corega CG-WLBARGS devices allow remote attackers to perform administrative operations via unspecified vectors. | 2015-12-30 | 10.0 | CVE-2015-7792 JVNDB JVN CONFIRM |
| emc — vplex_geosynchrony | EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5.5 before Patch 1 has a default password for the root account, which allows local users to gain privileges by leveraging a login session. | 2015-12-28 | 7.2 | CVE-2015-6850 BUGTRAQ |
| ephiphanyheathdata — cardio_server | The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles authentication requests, which allows remote attackers to conduct LDAP injection attacks, and consequently bypass intended access restrictions, via a crafted URL. | 2015-12-27 | 7.5 | CVE-2015-6538 CERT-VN CONFIRM |
| epiphanyhealthdata — cardio_server | SQL injection vulnerability in the login page in Epiphany Cardio Server 3.3 allows remote attackers to execute arbitrary SQL commands via a crafted URL. | 2015-12-27 | 7.5 | CVE-2015-6537 CERT-VN CONFIRM |
| idera — uptime_infrastructure_monitor | Buffer overflow in the up.time client in Idera Uptime Infrastructure Monitor 7.4 might allow remote attackers to execute arbitrary code via long command input. | 2015-12-31 | 7.5 | CVE-2015-2895 CERT-VN |
| linux — linux_kernel | The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application. | 2015-12-28 | 7.2 | CVE-2015-8660 CONFIRM CONFIRM MLIST CONFIRM |
| mediabridge — medialink_mwn-wapr300n_firmware | The web management interface on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 has a default password of admin for the admin account and a default password of password for the medialink account, which allows remote attackers to obtain administrative privileges by leveraging a Wi-Fi session. | 2015-12-31 | 7.9 | CVE-2015-5994 CERT-VN |
| readynet_solutions — wrt300n-dd_firmware | The web administration interface on ReadyNet WRT300N-DD devices with firmware 1.0.26 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. | 2015-12-31 | 10.0 | CVE-2015-7280 CERT-VN |
| seagate — goflex_sattelite | Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 have a default password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session. | 2015-12-31 | 10.0 | CVE-2015-2874 CONFIRM CONFIRM CERT-VN |
| seagate — goflex_sattelite | Absolute path traversal vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to read arbitrary files via a full pathname in a download request during a Wi-Fi session. | 2015-12-31 | 7.8 | CVE-2015-2875 CONFIRM CONFIRM CERT-VN |
| seagate — goflex_sattelite | Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to execute arbitrary code by uploading a file to /media/sda2 during a Wi-Fi session. | 2015-12-31 | 8.3 | CVE-2015-2876 CONFIRM CONFIRM CERT-VN |
| tenda — n3_wireless_n150 | Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 and Tenda N3 Wireless N150 devices allow remote attackers to obtain administrative access via a certain admin substring in an HTTP Cookie header. | 2015-12-31 | 10.0 | CVE-2015-5995 CERT-VN |
| zte — zxhn_h108n_r1a_firmware | Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getpage parameter. | 2015-12-30 | 7.8 | CVE-2015-7250 CONFIRM CERT-VN |
| zte — zxhn_h108n_r1a_firmware | ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session. | 2015-12-30 | 10.0 | CVE-2015-7251 CONFIRM CERT-VN |
| zyxel — nbg-418n | ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors. | 2015-12-31 | 10.0 | CVE-2015-6016 CONFIRM CERT-VN |
| zyxel — pmg5318-b20a_firmware | The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with firmware before 1.00(AANC.2)C0 allows remote attackers to execute arbitrary commands via the PingIPAddr parameter. | 2015-12-31 | 10.0 | CVE-2015-6018 CONFIRM CERT-VN |
| zyxel — pmg5318-b20a_firmware | ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote authenticated users to obtain administrative privileges by leveraging access to the user account. | 2015-12-31 | 8.3 | CVE-2015-6020 CONFIRM CERT-VN |
| zyxel — nbg-418n_firmware | The web administration interface on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 has a default password of 1234 for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. | 2015-12-31 | 9.3 | CVE-2015-7283 CERT-VN |
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| ampedwireless — r10000_firmware | Cross-site request forgery (CSRF) vulnerability on Amped Wireless R10000 devices with firmware 2.5.2.11 allows remote attackers to hijack the authentication of arbitrary users. | 2015-12-31 | 6.8 | CVE-2015-7278 CERT-VN |
| ampedwireless — r10000_firmware | Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value. | 2015-12-31 | 5.0 | CVE-2015-7279 CERT-VN |
| asus — wl-330nul_firmware | ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to execute arbitrary commands via unspecified vectors. | 2015-12-30 | 5.8 | CVE-2015-7788 CONFIRM JVNDB JVN |
| asus — wl-330nul_firmware | Cross-site scripting (XSS) vulnerability on ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2015-12-30 | 4.3 | CVE-2015-7790 CONFIRM JVNDB JVN |
| belkin — n600_db_wi-fi_dual-band_n+_router_f9k1102_firmware | Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value. | 2015-12-31 | 5.0 | CVE-2015-5987 CERT-VN |
| belkin — n600_db_wi-fi_dual-band_n+_router_f9k1102_firmware | Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 allows remote attackers to hijack the authentication of arbitrary users. | 2015-12-31 | 6.8 | CVE-2015-5990 CERT-VN |
| bokublock — bbadminviewscontrol | SQL injection vulnerability in the BOKUBLOCK (1) BbAdminViewsControl213 plugin before 1.1 and (2) BbAdminViewsControl plugin before 2.1 for EC-CUBE allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 2015-12-30 | 4.0 | CVE-2015-7784 CONFIRM CONFIRM JVNDB JVN |
| buffalotech — airstation_extreme_n600 | Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value. | 2015-12-26 | 5.0 | CVE-2015-8262 CERT-VN |
| cisco — jabber | Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419. | 2015-12-26 | 4.3 | CVE-2015-6409 CISCO |
| corega — cg-wlbaragm_firmware | Corega CG-WLBARAGM devices provide an open proxy service, which allows remote attackers to trigger outbound network traffic via unspecified vectors. | 2015-12-30 | 5.0 | CVE-2015-7793 JVNDB JVN CONFIRM |
| corega — cg-wlncm4g_firmware | Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a denial of service (traffic amplification) via crafted queries. | 2015-12-30 | 5.0 | CVE-2015-7794 JVNDB JVN CONFIRM |
| emc — secure_remote_services | Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x before 3.10 allows remote authenticated users to read log files via a crafted parameter. | 2015-12-28 | 4.0 | CVE-2015-6852 BUGTRAQ |
| ibm — infosphere_biginsights | Untrusted search path vulnerability in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0, when a DB2 database is used, allows local users to gain privileges via a Trojan horse library that is loaded by a setuid or setgid program. | 2015-12-31 | 6.9 | CVE-2015-1947 CONFIRM |
| ibm — websphere_portal | IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF09 allows remote attackers to bypass intended Portal AccessControl REST API access restrictions and obtain sensitive information via unspecified vectors. | 2015-12-31 | 5.0 | CVE-2015-7447 CONFIRM AIXAPAR |
| idera — uptime_infrastructure_monitor | Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and 7.2 allows remote attackers to cause a denial of service (application crash) via format string specifiers. | 2015-12-31 | 5.0 | CVE-2015-2894 CERT-VN |
| idera — uptime_infrastructure_monitor | The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS, process, and event-log information via a command. | 2015-12-31 | 5.0 | CVE-2015-2896 CERT-VN |
| ipswitch — whatsup_gold | Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to WrFreeFormText.asp in the Reports component or (2) the Find Device parameter. | 2015-12-26 | 6.5 | CVE-2015-6004 CERT-VN MISC CONFIRM |
| let’s_php! — frame_high-speed_chat | Cross-site scripting (XSS) vulnerability in Let’s PHP! Frame high-speed chat before 2015-09-22 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2015-12-30 | 4.3 | CVE-2015-7782 JVNDB JVN |
| let’s_php! — pbbs | Cross-site scripting (XSS) vulnerability in Let’s PHP! p++BBS before 4.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2015-12-27 | 4.3 | CVE-2015-7783 CONFIRM JVNDB JVN |
| linux — linux_kernel | Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. | 2015-12-28 | 5.4 | CVE-2013-7446 MLIST MLIST MLIST CONFIRM CONFIRM MISC CONFIRM MLIST MLIST CONFIRM CONFIRM |
| linux — linux_kernel | fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015. | 2015-12-28 | 4.9 | CVE-2015-7509 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| linux — linux_kernel | Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937. | 2015-12-28 | 5.9 | CVE-2015-7990 MLIST CONFIRM CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux — linux_kernel | The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application. | 2015-12-28 | 6.9 | CVE-2015-8543 CONFIRM CONFIRM MLIST CONFIRM |
| mediabridge — medialink_mwn-wapr300n_firmware | Cross-site request forgery (CSRF) vulnerability on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 allows remote attackers to hijack the authentication of arbitrary users. | 2015-12-31 | 6.8 | CVE-2015-5996 CERT-VN |
| netgear — wnr1000v3 | NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port. | 2015-12-26 | 5.0 | CVE-2015-8263 CERT-VN |
| nttdata — web_analytics_service | Cross-site scripting (XSS) vulnerability in the NTT DATA Smart Sourcing JavaScript module 2003-11-26 through 2013-07-09 for Web Analytics Service allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2015-12-29 | 4.3 | CVE-2015-7786 CONFIRM JVNDB JVN CONFIRM |
| orientdb — orientdb | The JSONP endpoint in the Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict callback values, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and obtain sensitive information, via a crafted HTTP request. | 2015-12-31 | 6.8 | CVE-2015-2912 CERT-VN CONFIRM |
| orientdb — orientdb | server/network/protocol/http/OHttpSessionManager.java in the Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 improperly relies on the java.util.Random class for generation of random Session ID values, which makes it easier for remote attackers to predict a value by determining the internal state of the PRNG in this class. | 2015-12-31 | 4.3 | CVE-2015-2913 CERT-VN CONFIRM |
| orientdb — orientdb | The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. | 2015-12-31 | 4.3 | CVE-2015-2918 CERT-VN |
| pacom — 1000_ccu_gms | Pacom 1000 CCU and RTU GMS devices allow remote attackers to spoof the controller-to-base data stream by leveraging improper use of cryptography. | 2015-12-31 | 6.8 | CVE-2014-3260 MISC |
| phpmyadmin — phpmyadmin | libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. | 2015-12-26 | 5.0 | CVE-2015-8669 CONFIRM CONFIRM |
| readynet_solutions — wrt300n-dd_firmware | Cross-site request forgery (CSRF) vulnerability on ReadyNet WRT300N-DD devices with firmware 1.0.26 allows remote attackers to hijack the authentication of arbitrary users. | 2015-12-31 | 6.8 | CVE-2015-7281 CERT-VN |
| readynet_solutions — wrt300n-dd | ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port. | 2015-12-31 | 4.3 | CVE-2015-7282 CERT-VN |
| rsi_video_technologies — frontel_protocol | The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and performing a “jumbled up” calculation with this number. | 2015-12-26 | 4.3 | CVE-2015-8252 CERT-VN MISC |
| rsi_video_technologies — frontel_protocol | The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive (1) message or (2) MJPEG video data by sniffing the network. | 2015-12-26 | 4.3 | CVE-2015-8253 CERT-VN MISC |
| rsi_video_technologies — frontel_protocol | The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity protection, which makes it easier for man-in-the-middle attackers to (1) initiate a false alarm or (2) deactivate an alarm by modifying the client-server data stream. | 2015-12-26 | 4.3 | CVE-2015-8254 CERT-VN MISC |
| samba — samba | The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets. | 2015-12-29 | 5.0 | CVE-2015-3223 CONFIRM CONFIRM CONFIRM CONFIRM |
| samba — samba | vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share. | 2015-12-29 | 5.0 | CVE-2015-5252 CONFIRM CONFIRM CONFIRM |
| samba — samba | Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c, libsmb_server.c, and smbXcli_base.c. | 2015-12-29 | 4.3 | CVE-2015-5296 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| samba — samba | The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy directory. | 2015-12-29 | 5.0 | CVE-2015-5299 CONFIRM CONFIRM CONFIRM |
| samba — samba | ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value. | 2015-12-29 | 5.0 | CVE-2015-5330 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| samba — samba | The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets. | 2015-12-29 | 5.0 | CVE-2015-7540 CONFIRM CONFIRM CONFIRM CONFIRM |
| samba — samba | The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535. | 2015-12-29 | 6.0 | CVE-2015-8467 CONFIRM CONFIRM CONFIRM |
| tails_project — tails | Tails before 1.7 includes the wget program but does not prevent automatic fallback from passive FTP to active FTP, which allows remote FTP servers to discover the Tor client IP address by reading a (1) PORT or (2) EPRT command. NOTE: within wget itself, the automatic fallback is not considered a vulnerability by CVE. | 2015-12-27 | 5.0 | CVE-2015-7665 CONFIRM MLIST MLIST MLIST CONFIRM MLIST CONFIRM |
| toshiba — 4690_operating_system | Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly restricted, allows remote attackers to read potentially sensitive system environment variables via a crafted request to TCP port 54138. | 2015-12-31 | 4.3 | CVE-2014-4876 CONFIRM CERT-VN |
| welcart — welcart | Multiple SQL injection vulnerabilities in admin.php in the Collne Welcart plugin before 1.5.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) search[column] or (2) switch parameter. | 2015-12-29 | 6.5 | CVE-2015-7791 CONFIRM JVNDB JVN |
| zte — zxhn_h108n_r1a_firmware | ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote attackers to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability than CVE-2015-8703. | 2015-12-30 | 5.0 | CVE-2015-7248 CONFIRM CERT-VN |
| zte — zxhn_h108n_r1a_firmware | ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote authenticated users to bypass intended access restrictions via a modified request, as demonstrated by leveraging the support account to change a password via a cgi-bin/webproc accountpsd action. | 2015-12-30 | 6.8 | CVE-2015-7249 CONFIRM CERT-VN |
| zte — zxhn_h108n_r1a_firmware | Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to inject arbitrary web script or HTML via the errorpage parameter. | 2015-12-30 | 4.3 | CVE-2015-7252 CONFIRM CERT-VN |
| zte — zxhn_h108n_r1a_firmware | ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10 W300 devices W300V1.0.0f_ER1_PE allow remote authenticated users to bypass intended access restrictions, and discover credentials and keys, by reading the configuration file, a different vulnerability than CVE-2015-7248. | 2015-12-30 | 4.0 | CVE-2015-8703 CONFIRM CERT-VN |
| zyxel — p-660hw-t1_v2_firmware | Multiple cross-site scripting (XSS) vulnerabilities in Forms/rpAuth_1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0) allow remote attackers to inject arbitrary web script or HTML via the (1) LoginPassword or (2) hiddenPassword parameter. | 2015-12-31 | 4.3 | CVE-2015-6017 CONFIRM CERT-VN |
| zyxel — pmg5318-b20a_firmware | The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 does not terminate sessions upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation. | 2015-12-31 | 5.0 | CVE-2015-6019 CONFIRM CERT-VN |
| zyxel — nbg-418n | Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 allows remote attackers to hijack the authentication of arbitrary users. | 2015-12-31 | 6.8 | CVE-2015-7284 CERT-VN |
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| asus — wl-330nul_firmware | ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors. | 2015-12-30 | 3.3 | CVE-2015-7787 CONFIRM JVNDB JVN |
| asus — wl-330nul | ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to cause a denial of service via unspecified vectors. | 2015-12-30 | 3.3 | CVE-2015-7789 CONFIRM JVNDB JVN |
| ipswitch — whatsup_gold | Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow Monitor Credentials field, (6) the Flow Monitor Threshold Name field, (7) the Task Library Name field, (8) the Task Library Description field, (9) the Policy Library Name field, (10) the Policy Library Description field, (11) the Template Library Name field, (12) the Template Library Description field, (13) the System Script Library Name field, (14) the System Script Library Description field, or (15) the CLI Settings Library Description field. | 2015-12-26 | 3.5 | CVE-2015-6005 CERT-VN MISC CONFIRM |
| linux — linux_kernel | The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application. | 2015-12-28 | 1.9 | CVE-2015-7884 CONFIRM CONFIRM MLIST CONFIRM |
| linux — linux_kernel | The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application. | 2015-12-28 | 2.1 | CVE-2015-7885 CONFIRM CONFIRM MLIST CONFIRM |
| linux — linux_kernel | fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action. | 2015-12-28 | 2.1 | CVE-2015-8374 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux — linux_kernel | The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application. | 2015-12-28 | 1.9 | CVE-2015-8569 MLIST CONFIRM CONFIRM MLIST MISC CONFIRM |
| rarlab — winrar | The file-execution functionality in WinRAR before 5.30 beta 5 allows local users to gain privileges via a Trojan horse file with a name similar to an extensionless filename that was selected by the user. | 2015-12-30 | 3.7 | CVE-2015-5663 JVNDB JVN |
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: December 29, 2015
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adcon — a840_telemetry_gateway_base_station_firmware | Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded credentials, which allows remote attackers to obtain administrative access via unspecified vectors. | 2015-12-23 | 10.0 | CVE-2015-7930 MISC |
| adobe — air | Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8460, CVE-2015-8636, and CVE-2015-8645. | 2015-12-28 | 10.0 | CVE-2015-8459 CONFIRM |
| adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, and CVE-2015-8649. | 2015-12-28 | 9.3 | CVE-2015-8650 CONFIRM |
| apache — hbase | Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote attackers to cause a denial of service (daemon outage), obtain sensitive information, or modify data via unspecified client traffic. | 2015-12-21 | 7.5 | CVE-2015-1836 CONFIRM MLIST |
| dovestones — ad_self_password_reset | The PasswordReset.Controllers.ResetController.ChangePasswordIndex method in PasswordReset.dll in Dovestones AD Self Password Reset before 3.0.4.0 allows remote attackers to reset arbitrary passwords via a crafted request with a valid username. | 2015-12-23 | 7.5 | CVE-2015-8267 CERT-VN CONFIRM |
| emc — isilon_onefs | EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 before 7.2.1.1 allows remote authenticated administrators to bypass a SmartLock root-login restriction by creating a root account and establishing a login session. | 2015-12-21 | 9.0 | CVE-2015-4545 BUGTRAQ |
| emc — vplex_geosynchrony | EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5,5 before Patch 1 has a default password for the root account, which allows local users to gain privileges by leveraging a login session. | 2015-12-28 | 7.2 | CVE-2015-6850 BUGTRAQ |
| ephiphanyheathdata — cardio_server | The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles authentication requests, which allows remote attackers to conduct LDAP injection attacks, and consequently bypass intended access restrictions, via a crafted URL. | 2015-12-27 | 7.5 | CVE-2015-6538 CERT-VN CONFIRM |
| epiphanyhealthdata — cardio_server | SQL injection vulnerability in the login page in Epiphany Cardio Server 3.3 allows remote attackers to execute arbitrary SQL commands via a crafted URL. | 2015-12-27 | 7.5 | CVE-2015-6537 CERT-VN CONFIRM |
| ewon — ewon_firmware | eWON devices with firmware before 10.1s0 do not trigger the discarding of browser session data in response to a log-off action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. | 2015-12-23 | 7.5 | CVE-2015-7924 MISC CONFIRM |
| ffmpeg — ffmpeg | The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted H.264 data. | 2015-12-23 | 7.5 | CVE-2015-8661 CONFIRM |
| ffmpeg — ffmpeg | The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data. | 2015-12-23 | 7.5 | CVE-2015-8662 CONFIRM |
| ffmpeg — ffmpeg | The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file. | 2015-12-23 | 7.5 | CVE-2015-8663 CONFIRM |
| google — chrome | The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_manager.cc, midi_manager_alsa.cc, and midi_manager_mac.cc, a different vulnerability than CVE-2015-8664. | 2015-12-23 | 10.0 | CVE-2015-6792 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| google — chrome | Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an RGBA pixel array with crafted dimensions, a different vulnerability than CVE-2015-6792. | 2015-12-23 | 7.5 | CVE-2015-8664 CONFIRM CONFIRM CONFIRM CONFIRM |
| honeywell — midas_black_firmware | Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allow remote attackers to discover cleartext passwords by sniffing the network. | 2015-12-21 | 9.3 | CVE-2015-7908 MISC |
| isc — kea | The kea-dhcp4 and kea-dhcp6 servers 0.9.2 and 1.0.0-beta in ISC Kea, when certain debugging settings are used, allow remote attackers to cause a denial of service (daemon crash) via a malformed packet. | 2015-12-22 | 7.1 | CVE-2015-8373 CONFIRM |
| juniper — screenos | Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows remote attackers to obtain administrative access by entering an unspecified password during a (1) SSH or (2) TELNET session. | 2015-12-19 | 10.0 | CVE-2015-7755 MISC CONFIRM MISC MISC MISC MISC CONFIRM MISC |
| linux — linux_kernel | The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application. | 2015-12-28 | 7.2 | CVE-2015-8660 CONFIRM CONFIRM MLIST CONFIRM |
| loytec — l-switch_and_l-ip_firmware | LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices allow remote attackers to read a password-hash backup file via unspecified vectors. | 2015-12-21 | 10.0 | CVE-2015-7906 MISC |
| moxa — oncell_central_manager | The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action. | 2015-12-21 | 7.5 | CVE-2015-6480 MISC MISC |
| moxa — oncell_central_manager | The login function in the RequestController class in Moxa OnCell Central Manager before 2.2 has a hardcoded root password, which allows remote attackers to obtain administrative access via a login session. | 2015-12-21 | 7.5 | CVE-2015-6481 MISC MISC |
| rsa — securid_web_agent | EMC RSA SecurID Web Agent before 8.0 allows physically proximate attackers to bypass the privacy-screen protection mechanism by leveraging an unattended workstation and running DOM Inspector. | 2015-12-22 | 7.2 | CVE-2015-6851 BUGTRAQ |
| saia_burgess_controls — pcd1.m0xx0_firmware | Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx0, PCD7.D4xxD, PCD7.D4xxV, PCD7.D4xxWTPF, and PCD7.D4xxxT5F devices before 1.24.50 and PCD3.T665 and PCD3.T666 devices before 1.24.41 have hardcoded credentials, which allows remote attackers to obtain administrative access via an FTP session. | 2015-12-22 | 10.0 | CVE-2015-7911 MISC |
| schneider-electric — bmxnoc0401 | Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data. | 2015-12-21 | 10.0 | CVE-2015-7937 MISC CONFIRM |
| vmware — vcenter_orchestrator | Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | 2015-12-20 | 7.5 | CVE-2015-6934 CONFIRM |
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adcon — a840_telemetry_gateway_base_station_firmware | The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station does not authenticate the station device, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information by reading cleartext packet data, related to the lack of SSL support. | 2015-12-23 | 5.8 | CVE-2015-7931 MISC |
| adcon — a840_telemetry_gateway_base_station_firmware | Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to obtain sensitive information by sniffing the network. | 2015-12-23 | 5.0 | CVE-2015-7932 MISC |
| adcon — a840_telemetry_gateway_base_station_firmware | The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors. | 2015-12-23 | 5.0 | CVE-2015-7934 MISC |
| adobe — acrobat | Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2015-6696 and CVE-2015-6698. | 2015-12-21 | 6.8 | CVE-2015-8458 CONFIRM MISC |
| apache — hive | The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, mishandles simple unauthenticated and anonymous bind configurations, which allows remote attackers to bypass authentication via a crafted LDAP request. | 2015-12-21 | 4.3 | CVE-2015-1772 CONFIRM MLIST |
| buffalotech — airstation_extreme_n600 | Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value. | 2015-12-26 | 5.0 | CVE-2015-8262 CERT-VN |
| cisco — jabber | Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419. | 2015-12-26 | 4.3 | CVE-2015-6409 CISCO |
| cisco — ios | The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236. | 2015-12-19 | 5.0 | CVE-2015-6429 CISCO |
| cisco — ios_xe | Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of service (device reload) via a packet with the 00-00-00-00-00-00 source MAC address, aka Bug ID CSCux48405. | 2015-12-22 | 6.1 | CVE-2015-6431 CISCO |
| eaton — proview | Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does not properly initialize padding fields in Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data. | 2015-12-22 | 4.3 | CVE-2015-6471 MISC |
| ewon — ewon_firmware | Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot. | 2015-12-23 | 6.8 | CVE-2015-7925 MISC CONFIRM |
| ewon — ewon_firmware | eWON devices with firmware before 10.1s0 omit RBAC for I/O server information and status requests, which allows remote attackers to obtain sensitive information via an unspecified URL. | 2015-12-23 | 5.0 | CVE-2015-7926 MISC CONFIRM |
| ewon — ewon_firmware | Cross-site scripting (XSS) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2015-12-23 | 4.3 | CVE-2015-7927 MISC CONFIRM |
| ewon — ewon_firmware | eWON devices with firmware before 10.1s0 do not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. | 2015-12-23 | 5.0 | CVE-2015-7928 MISC CONFIRM |
| ewon — ewon_firmware | eWON devices with firmware through 10.1s0 support unspecified GET requests, which might allow remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history. | 2015-12-23 | 5.0 | CVE-2015-7929 MISC CONFIRM |
| honeywell — midas_black_firmware | Directory traversal vulnerability in the web server on Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allows remote attackers to bypass authentication, and write to a configuration file or trigger a calibration or test, via unspecified vectors. | 2015-12-21 | 6.4 | CVE-2015-7907 MISC |
| ibm — websphere_portal | Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-4998. | 2015-12-21 | 4.3 | CVE-2015-4993 CONFIRM AIXAPAR |
| ibm — websphere_portal | Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-4993. | 2015-12-21 | 4.3 | CVE-2015-4998 CONFIRM AIXAPAR |
| ibm — websphere_portal | IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote authenticated users to cause a denial of service (memory consumption) via a crafted document. | 2015-12-21 | 6.8 | CVE-2015-5001 CONFIRM AIXAPAR |
| ibm — websphere_portal | Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF19 and 8.5.0 through CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 2015-12-21 | 4.3 | CVE-2015-7413 CONFIRM AIXAPAR |
| ipswitch — whatsup_gold | Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to WrFreeFormText.asp in the Reports component or (2) the Find Device parameter. | 2015-12-26 | 6.5 | CVE-2015-6004 CERT-VN MISC CONFIRM |
| juniper — screenos | The encryption implementation in Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 makes it easier for remote attackers to discover the plaintext content of VPN sessions by sniffing the network for ciphertext data and conducting an unspecified decryption attack. | 2015-12-19 | 5.0 | CVE-2015-7756 MISC CONFIRM MISC MISC MISC CONFIRM MISC |
| let’s_php! — pbbs | Cross-site scripting (XSS) vulnerability in Let’s PHP! p++BBS before 4.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2015-12-27 | 4.3 | CVE-2015-7783 CONFIRM JVNDB JVN |
| linux — linux_kernel | Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. | 2015-12-28 | 5.4 | CVE-2013-7446 MLIST MLIST MLIST CONFIRM CONFIRM MISC CONFIRM MLIST MLIST CONFIRM CONFIRM |
| linux — linux_kernel | fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015. | 2015-12-28 | 4.9 | CVE-2015-7509 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| linux — linux_kernel | Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937. | 2015-12-28 | 5.9 | CVE-2015-7990 MLIST CONFIRM CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux — linux_kernel | The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application. | 2015-12-28 | 6.9 | CVE-2015-8543 CONFIRM CONFIRM MLIST CONFIRM |
| motorola — moscad_ip_gateway_firmware | Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors. | 2015-12-22 | 5.0 | CVE-2015-7935 MISC |
| motorola — moscad_ip_gateway_firmware | Cross-site request forgery (CSRF) vulnerability in Motorola Solutions MOSCAD IP Gateway allows remote attackers to hijack the authentication of administrators for requests that modify a password. | 2015-12-22 | 6.8 | CVE-2015-7936 MISC |
| netgear — wnr1000v3 | NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port. | 2015-12-26 | 5.0 | CVE-2015-8263 CERT-VN |
| opcsystems — opc_systems.net | Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | 2015-12-22 | 6.9 | CVE-2015-7917 MISC |
| phpmyadmin — phpmyadmin | libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. | 2015-12-26 | 5.0 | CVE-2015-8669 CONFIRM CONFIRM |
| rsi_video_technologies — frontel_protocol | The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and performing a “jumbled up” calculation with this number. | 2015-12-26 | 4.3 | CVE-2015-8252 CERT-VN MISC |
| rsi_video_technologies — frontel_protocol | The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive (1) message or (2) MJPEG video data by sniffing the network. | 2015-12-26 | 4.3 | CVE-2015-8253 CERT-VN MISC |
| rsi_video_technologies — frontel_protocol | The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity protection, which makes it easier for man-in-the-middle attackers to (1) initiate a false alarm or (2) deactivate an alarm by modifying the client-server data stream. | 2015-12-26 | 4.3 | CVE-2015-8254 CERT-VN MISC |
| searchblox — searchblox | SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the config file, and consequently cause a denial of service (application crash), via unspecified vectors. | 2015-12-21 | 6.4 | CVE-2015-7919 MISC |
| tails_project — tails | Tails before 1.7 includes the wget program but does not prevent automatic fallback from passive FTP to active FTP, which allows remote FTP servers to discover the Tor client IP address by reading a (1) PORT or (2) EPRT command. NOTE: within wget itself, the automatic fallback is not considered a vulnerability by CVE. | 2015-12-27 | 5.0 | CVE-2015-7665 CONFIRM MLIST MLIST MLIST CONFIRM MLIST CONFIRM |
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| ipswitch — whatsup_gold | Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow Monitor Credentials field, (6) the Flow Monitor Threshold Name field, (7) the Task Library Name field, (8) the Task Library Description field, (9) the Policy Library Name field, (10) the Policy Library Description field, (11) the Template Library Name field, (12) the Template Library Description field, (13) the System Script Library Name field, (14) the System Script Library Description field, or (15) the CLI Settings Library Description field. | 2015-12-26 | 3.5 | CVE-2015-6005 CERT-VN MISC CONFIRM |
| linux — linux_kernel | The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application. | 2015-12-28 | 1.9 | CVE-2015-7884 CONFIRM CONFIRM MLIST CONFIRM |
| linux — linux_kernel | The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application. | 2015-12-28 | 2.1 | CVE-2015-7885 CONFIRM CONFIRM MLIST CONFIRM |
| linux — linux_kernel | fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action. | 2015-12-28 | 2.1 | CVE-2015-8374 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux — linux_kernel | The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application. | 2015-12-28 | 1.9 | CVE-2015-8569 MLIST CONFIRM CONFIRM MLIST MISC CONFIRM |
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: December 28, 2015
Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
Users and administrators are encouraged to review Adobe Security Bulletin APSB16-01 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: December 28, 2015
The Internal Revenue Service (IRS) has released the sixth in a series of tips intended to help the public protect personal and financial data online and at home. A new tip will be available each Monday through the start of the tax season in January. This tip describes the types of fraud alerts provided by the three major credit bureaus that may help protect financial information from identity theft.
US-CERT encourages users and administrators to review the IRS Security Awareness Tax Tip Number 6 and the US-CERT Tip Preventing and Responding to Identity Theft for additional information.
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: December 22, 2015
Joomla has released version 3.4.7 of its content management system (CMS) software to address two vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected website.
Users and administrators are encouraged to review the Joomla Release News and US-CERT’s Alert on Content Management Systems Security and Associated Risks and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: December 22, 2015
The Internal Revenue Service (IRS) has released the fifth in a series of tips intended to help the public protect personal and financial data online and at home. This tip focuses on guarding personal information for family members who are susceptible to cyber threats. Recommendations include keeping security software active, limiting information shared on social media, never clicking on embedded links or attachments from unknown email sources, and discussing how family members can avoid identity theft.
US-CERT encourages users and administrators to review the IRS Security Awareness Tax Tip Number 5 and the US-CERT Tip Preventing and Responding to Identity Theft for additional information.
This product is provided subject to this Notification and this Privacy & Use policy.