Category Archives: US-CERT

US-CERT Alerts – Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

SB15-334: Vulnerability Summary for the Week of November 16, 2015

November 30, 2015 007admin Leave a comment

Original release date: November 30, 2015

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
apple — iphone_os	The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument.	2015-11-21	7.5	CVE-2015-7036 MISC CONFIRM CONFIRM
arris — na_model_862_gw_mono_firmware	Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remote attackers to obtain access via the web management interface, SSH, TELNET, or SNMP.	2015-11-21	9.3	CVE-2015-7289 CERT-VN
cisco — virtual_topology_system	Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379.	2015-11-23	7.8	CVE-2015-6377 CISCO
csl_dualcom — gprs_cs2300-r_firmware	CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers’ installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message.	2015-11-24	7.5	CVE-2015-7287 CONFIRM CERT-VN MISC
gnome — gnome_display_manager	GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.	2015-11-24	7.2	CVE-2015-7496 CONFIRM CONFIRM MLIST MLIST FEDORA
huawei — vp_9660_firmware	The built-in web server in Huawei VP9660 multi-point control unit with software before V200R001C30SPC700 allows a remote administrator to obtain sensitive information or cause a denial of service via a crafted message.	2015-11-24	8.5	CVE-2015-8227 CONFIRM
nvidia — gpu_driver	The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of service (resource consumption), or possibly have unspecified other impact via unknown vectors related to the follow_pfn kernel-mode API call.	2015-11-24	10.0	CVE-2015-5053 CONFIRM
nvidia — gpu_driver	nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784.	2015-11-24	7.7	CVE-2015-7865 MISC SECTRACK CONFIRM
nvidia — gpu_driver	Unquoted Windows search path vulnerability in the Smart Maximize Helper (nvSmartMaxApp.exe) in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to gain privileges via a Trojan horse application, as demonstrated by C:Program.exe.	2015-11-24	7.2	CVE-2015-7866 SECTRACK CONFIRM
sap — plant_connectivity	The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (memory corruption and agent crash) via crafted xMII requests, aka SAP Security Note 2238619.	2015-11-24	7.8	CVE-2015-8330 MISC MISC
tibbo — aggregate	The Ice Faces servlet in ag_server_service.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows remote attackers to upload and execute arbitrary Java code via a crafted XML document.	2015-11-21	10.0	CVE-2015-7912 MISC MISC
tibbo — aggregate	ag_server_service.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows local users to execute arbitrary Java code with SYSTEM privileges by using the Apache Axis AdminService deployment method to publish a class.	2015-11-21	7.2	CVE-2015-7913 MISC MISC
valve — steam	Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain privileges via a Trojan horse steam.exe file.	2015-11-24	7.2	CVE-2015-7985 BUGTRAQ
vbulletin — vbulletin	The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in the arguments parameter to ajax/api/hook/decodeArguments.	2015-11-24	7.5	CVE-2015-7808 EXPLOIT-DB MISC MISC MISC MISC MISC

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
apache — cordova	Apache Cordova-Android before 4.1.0, when an application relies on a remote server, improperly implements a JavaScript whitelist protection mechanism, which allows attackers to bypass intended access restrictions via a crafted URI.	2015-11-23	4.3	CVE-2015-5256 CONFIRM
apache — cordova	Apache Cordova-Android before 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for attackers to conduct bridge hijacking attacks by predicting a value.	2015-11-23	5.0	CVE-2015-8320 CONFIRM
apple — iphone_os	The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows attackers to bypass background-execution limitations via a crafted app.	2015-11-21	4.3	CVE-2015-5787 CONFIRM
apple — iphone_os	The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.	2015-11-21	4.3	CVE-2015-5859 CONFIRM CONFIRM
arris — na_model_862_gw_mono_firmware	Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have predictable technician passwords, which makes it easier for remote attackers to obtain access via the web management interface, related to a “password of the day” issue.	2015-11-21	4.3	CVE-2009-5149 CERT-VN MISC MISC MISC
arris — na_model_862_gw_mono_firmware	Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to inject arbitrary web script or HTML via the pwd parameter.	2015-11-21	4.3	CVE-2015-7290 CERT-VN
arris — na_model_862_gw_mono_firmware	Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to hijack the authentication of arbitrary users.	2015-11-21	6.8	CVE-2015-7291 CERT-VN
cisco — telepresence_video_communication_server_software	Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv72412.	2015-11-21	6.8	CVE-2015-6376 CISCO
cisco — adaptive_security_appliance_software	The XML parser in the management interface in Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote authenticated users to cause a denial of service (device crash) via a crafted XML document, aka Bug ID CSCut14223.	2015-11-24	6.8	CVE-2015-6379 CISCO
cisco — firepower_extensible_operating_system	An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to execute arbitrary OS commands via crafted parameters, aka Bug ID CSCux10622.	2015-11-23	6.5	CVE-2015-6380 CISCO
csl_dualcom — gprs_cs2300-r_firmware	CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response.	2015-11-24	5.8	CVE-2015-7285 CONFIRM CERT-VN MISC
csl_dualcom — gprs_cs2300-r_firmware	CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic.	2015-11-24	6.4	CVE-2015-7286 CONFIRM CERT-VN MISC
csl_dualcom — gprs_cs2300-r_firmware	CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a “4 2” command.	2015-11-24	4.3	CVE-2015-7288 CONFIRM CERT-VN MISC
hp — operations_orchestration	Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.	2015-11-22	6.8	CVE-2015-5451 HP
huawei — ar_firmware	Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via unspecified vectors.	2015-11-24	4.0	CVE-2015-8228 CONFIRM
huawei — espace_firmware	Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling packets from a registered device.	2015-11-24	4.0	CVE-2015-8229 CONFIRM
libpng — libpng	The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.	2015-11-24	5.0	CVE-2015-7981 CONFIRM UBUNTU MLIST MLIST DEBIAN CONFIRM CONFIRM CONFIRM
nvidia — gpu_driver	Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before 340.96, R352 before 352.63, and R358 before 358.16 on Linux allow local users to obtain sensitive information, cause a denial of service (crash), or possibly gain privileges via unknown vectors, which trigger uninitialized or out of bounds memory access. NOTE: this identifier has been SPLIT per ADT2 and ADT3 due to different vulnerability type and affected versions. See CVE-2015-8328 for the vulnerability in the NVAPI support layer in NVIDIA drivers for Windows.	2015-11-24	6.6	CVE-2015-7869 UBUNTU SECTRACK CONFIRM
nvidia — gpu_driver	Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or possibly gain privileges via unknown vectors. NOTE: this identifier was SPLIT from CVE-2015-7869 per ADT2 and ADT3 due to different vulnerability types and affected versions.	2015-11-24	6.6	CVE-2015-8328 SECTRACK CONFIRM
sap — manufacturing_integration_and_intelligence	SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) uses weak encryption (Base64 and DES), which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274.	2015-11-24	5.0	CVE-2015-8329 MISC
sddm_project — _sddm	daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated by the plasma-workspace breeze theme.	2015-11-24	4.6	CVE-2015-0856 CONFIRM CONFIRM BID MLIST FEDORA
void_project — void	Cross-site scripting (XSS) vulnerability in index.php in JosephErnest Void before 2015-10-02 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.	2015-11-21	4.3	CVE-2015-7777 CONFIRM JVNDB JVN

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
cisco — ios	The debug-logging (aka debug cns) feature in Cisco Networking Services (CNS) for IOS 15.2(2)E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010.	2015-11-21	2.1	CVE-2015-6375 CISCO
redhat — enterprise_linux	The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted (1) multiboot or (2) multiboot2 module in the configuration file or physically proximate attackers to bypass intended Secure Boot restrictions and execute non-verified code via the (3) boot menu.	2015-11-24	2.6	CVE-2015-5281 CONFIRM SECTRACK REDHAT

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

US-CERT Alerts Users to Holiday Phishing Scams and Malware Campaigns

November 25, 2015 007admin Leave a comment

Original release date: November 25, 2015

US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. E-cards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver infected attachments. Spoofed e-mail messages and fraudulent posts on social networking sites may request support for phony causes.

To avoid seasonal campaigns that could result in security breaches, identity theft, or financial loss, US-CERT encourages users to take the following actions:

Avoid following unsolicited links or downloading attachments from unknown sources.

Refer to our security Tips to learn more about Shopping Safely Online and Avoiding Social Engineering and Phishing Attacks .

Read the Federal Trade Commission’s blog on Cyber Monday shopping.

Visit the Federal Trade Commission’s Consumer Information page on Charity Scams.

If you believe you are a victim of a holiday phishing scam or malware campaign, consider the following actions:

File a complaint with the FBI’s Internet Crime Complaint Center (IC3).

Report the attack to the police and file a report with the Federal Trade Commission.

Contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account.

Immediately change any passwords you might have revealed and do not use that password in the future. Avoid reusing passwords on multiple sites.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

Dell Computers Contain CA Root Certificate Vulnerability

November 24, 2015 007admin Leave a comment

Original release date: November 24, 2015 | Last revised: November 25, 2015

Dell consumer personal computers using the preinstalled certificate authority (CA) root certificate (eDellRoot) contain a critical vulnerability. Exploitation of the vulnerability could allow a remote attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system.

The eDellRoot certificate originated from an update to the Dell Foundation Services (DFS) application on August 18, 2015. As of November 23, that update is no longer being provided. The certificate was also preinstalled on some systems between November 20-23, 2015. Dell is pushing a DFS software update to remove the vulnerable certificate from affected systems.

US-CERT encourages users and administrators to review Vulnerability Note VU#870761 and Dell’s blog post for more information and guidance on removing the certificate.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

SB15-327: Vulnerability Summary for the Week of November 16, 2015

November 23, 2015 007admin Leave a comment

Original release date: November 23, 2015

High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
adobe — premiere_clip	The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecified input, which has unknown impact and attack vectors.	2015-11-18	10.0	CVE-2015-8051 CONFIRM
arista — eos	Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1 allows remote attackers to execute arbitrary code as root by leveraging management-plane access, aka Bug 138716.	2015-11-19	10.0	CVE-2015-8236 CONFIRM
cisco — aironet_access_point_software	Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly establishing many SSHv2 connections, aka Bug ID CSCux13374.	2015-11-13	7.8	CVE-2015-6367 CISCO
cisco — firepower_extensible_operating_system	The Management I/O (MIO) component in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows local users to execute arbitrary OS commands as root via crafted CLI input, aka Bug ID CSCux10578.	2015-11-18	7.2	CVE-2015-6370 CISCO
dameware — mini_remote_control	Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline argument in a link.	2015-11-17	7.5	CVE-2015-8220 CONFIRM MISC
dracut_project — dracut	modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2 allows local users to have unspecified impact via a symlink attack on /tmp/dracut_block_uuid.map.	2015-11-19	7.2	CVE-2015-0794 SUSE MLIST MLIST
exemys — telemetry_web_server	Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body.	2015-11-19	7.8	CVE-2015-7910 MISC
ffmpeg — ffmpeg	The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data.	2015-11-16	7.5	CVE-2015-8216 CONFIRM
ffmpeg — ffmpeg	The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficiency Video Coding (HEVC) data.	2015-11-16	7.5	CVE-2015-8217 CONFIRM
ffmpeg — ffmpeg	The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data.	2015-11-16	7.5	CVE-2015-8219 CONFIRM
google — picasa	Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow.	2015-11-17	10.0	CVE-2015-8221 BUGTRAQ MISC MISC
huawei — espace_firmware	An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V200R003C00SPC300 does not properly initialize memory when processing timeout messages, which allows remote attackers to cause a denial of service (out-of-bounds memory access and device restart) via unknown vectors.	2015-11-19	7.8	CVE-2015-8083 CONFIRM
ibm — websphere_portal	IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows remote attackers to cause a denial of service (memory consumption) via crafted requests.	2015-11-13	7.8	CVE-2015-7419 CONFIRM AIXAPAR
mega-nerd — libsndfile	Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file.	2015-11-17	9.3	CVE-2015-7805 EXPLOIT-DB MLIST MLIST MISC MISC SUSE FEDORA
oracle — weblogic_server	The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.	2015-11-18	7.5	CVE-2015-4852 MISC CONFIRM CONFIRM MLIST MISC
piwik — piwik	Directory traversal vulnerability in core/ViewDataTable/Factory.php in Piwik before 2.15.0 allows remote attackers to include and execute arbitrary local files via the viewDataTable parameter.	2015-11-16	7.5	CVE-2015-7815 CONFIRM BUGTRAQ FULLDISC MISC MISC
piwik — piwik	The DisplayTopKeywords function in plugins/Referrers/Controller.php in Piwik before 2.15.0, which allows remote attackers to conduct PHP object injection attacks, conduct Server-Side Request Forgery (SSRF) attacks, and execute arbitrary PHP code via a crafted HTTP header.	2015-11-16	7.5	CVE-2015-7816 CONFIRM BUGTRAQ FULLDISC MISC MISC
samsung — galaxy_s6	The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file.	2015-11-16	7.5	CVE-2015-7897 EXPLOIT-DB MISC MISC MISC
schneider-electric — imt25_magnetic_flow_dtm	Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART Protocol allows remote authenticated users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HART reply.	2015-11-14	7.7	CVE-2015-3977 MISC CONFIRM
sudo_project — sudo	sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by “/home///file.txt.”	2015-11-17	7.2	CVE-2015-5602 EXPLOIT-DB CONFIRM FEDORA FEDORA CONFIRM

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
adobe — coldfusion	Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x before 3.0.0.354175, 3.1.x before 3.1.0.354180, 4.5.x before 4.5.1.354177, 4.6.2.x before 4.6.2.354178, and 4.7.x before 4.7.0.354178, allows remote attackers to send HTTP traffic to intranet servers via a crafted XML document, related to a Server-Side Request Forgery (SSRF) issue.	2015-11-18	4.3	CVE-2015-5255 CONFIRM CONFIRM
adobe — coldfusion	Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8053.	2015-11-18	4.3	CVE-2015-8052 CONFIRM
adobe — coldfusion	Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8052.	2015-11-18	4.3	CVE-2015-8053 CONFIRM
apache — cxf	The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a “wrapping attack.”	2015-11-18	4.0	CVE-2015-5253 CONFIRM SECTRACK MLIST CONFIRM
atutor — atutor	Unrestricted file upload vulnerability in mods/_core/properties/lib/course.inc.php in ATutor before 2.2 patch 6 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension as a customicon for a new course, then accessing it via a direct request to the file in content/.	2015-11-16	6.5	CVE-2014-9752 BUGTRAQ CONFIRM FULLDISC MISC MISC
atutor — atutor	Multiple eval injection vulnerabilities in mods/_standard/gradebook/edit_marks.php in ATutor 2.2 and earlier allow remote authenticated users with the AT_PRIV_GRADEBOOK privilege to execute arbitrary PHP code via the (1) asc or (2) desc parameter.	2015-11-16	6.5	CVE-2015-7712 BUGTRAQ FULLDISC MISC MISC
bastian_allgeier — kirby	Unrestricted file upload vulnerability in the Panel component in Bastian Allgeier Kirby before 2.1.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file that lacks an extension, and then renaming this file to have a .php extension.	2015-11-19	6.5	CVE-2015-7773 CONFIRM JVNDB JVN
blackberry — enterprise_server	The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a “cross frame scripting” issue.	2015-11-19	4.3	CVE-2015-4112 CONFIRM
canonical — ubuntu_linux	The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors.	2015-11-17	4.6	CVE-2015-8222 UBUNTU CONFIRM CONFIRM
cisco — prime_collaboration_assurance	Cross-site request forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 10.5(1) and 10.6 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus62712.	2015-11-18	6.8	CVE-2015-6330 CISCO
cisco — firesight_system_software	The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code, via a crafted certificate, aka Bug ID CSCuw06444.	2015-11-18	6.8	CVE-2015-6357 CISCO
cisco — videoscape_distribution_suite_service_manager	Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960.	2015-11-13	5.0	CVE-2015-6364 CISCO
cisco — ios	Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs supersede virtual PPP interface ACLs, which allows remote authenticated users to bypass intended network-traffic restrictions in opportunistic circumstances by using PPP, aka Bug ID CSCur61303.	2015-11-13	4.0	CVE-2015-6365 CISCO
cisco — firepower_extensible_operating_system	Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to read files via a crafted HTTP request, aka Bug ID CSCux10608.	2015-11-18	5.0	CVE-2015-6368 CISCO
cisco — firepower_extensible_operating_system	The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows physically proximate attackers to cause a denial of service via a crafted USB device that triggers invalid USB commands, aka Bug ID CSCux10531.	2015-11-18	4.9	CVE-2015-6369 CISCO
cisco — firepower_extensible_operating_system	Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to read arbitrary files via crafted parameters to unspecified scripts, aka Bug ID CSCux10621.	2015-11-18	4.0	CVE-2015-6371 CISCO
cisco — firepower_extensible_operating_system	Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux10614.	2015-11-18	4.3	CVE-2015-6372 CISCO
cisco — firepower_extensible_operating_system	Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux10611.	2015-11-18	6.8	CVE-2015-6373 CISCO
cisco — firepower_extensible_operating_system	The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID CSCux10604.	2015-11-18	4.3	CVE-2015-6374 CISCO
citrix — netscaler_application_delivery_controller_firmware	The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow attackers to obtain credentials via the browser cache.	2015-11-17	5.0	CVE-2015-7996 CONFIRM
citrix — netscaler_application_delivery_controller_firmware	Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.	2015-11-17	4.3	CVE-2015-7997 CONFIRM
citrix — netscaler_application_delivery_controller_firmware	The administration UI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allows attackers to obtain sensitive information via unspecified vectors.	2015-11-17	5.0	CVE-2015-7998 CONFIRM
d-link — dir-816l_firmware	Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DIR-816L Wireless Router with firmware before 2.06.B09_BETA allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin password, (2) change the network policy, or (3) possibly have other unspecified impact via crafted requests to hedwig.cgi and pigwidgeon.cgi.	2015-11-18	6.8	CVE-2015-5999 BUGTRAQ FULLDISC MISC CONFIRM
ffmpeg — ffmpeg	The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data.	2015-11-16	6.8	CVE-2015-8218 CONFIRM
gentoo — libsndfile	The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable.	2015-11-19	5.0	CVE-2014-9756 CONFIRM CONFIRM MLIST MLIST SUSE
gnome — networkmanager	GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.	2015-11-17	5.0	CVE-2015-0272 CONFIRM BID CONFIRM
gnu — gcc	The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors.	2015-11-17	5.0	CVE-2015-5276 CONFIRM CONFIRM SUSE
horde — groupware	Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter to admin/sqlshell.php, or (3) PHP code via the php parameter to admin/phpshell.php.	2015-11-19	6.8	CVE-2015-7984 MISC DEBIAN MLIST MLIST MLIST
huawei — espace_firmware	The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH packets.	2015-11-19	5.0	CVE-2015-7845 CONFIRM
huawei — ne_router_software	Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a “VPN routing and forwarding (VRF) hopping vulnerability.”	2015-11-19	5.0	CVE-2015-8087 CONFIRM
ibm — datapower_gateway	IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x before 7.0.0.10, 7.1.0.x before 7.1.0.7, and 7.2.x before 7.2.0.1 do not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session.	2015-11-13	5.0	CVE-2015-7427 CONFIRM AIXAPAR
ipsilon_project — ipsilon	providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider (SP) owner, which allows remote authenticated users to cause a denial of service via a duplicate SP name.	2015-11-17	4.0	CVE-2015-5217 CONFIRM CONFIRM CONFIRM MLIST
ipsilon_project — ipsilon	providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.2 and 1.1.x before 1.1.1 does not properly check permissions, which allows remote authenticated users to cause a denial of service by deleting a SAML2 Service Provider (SP).	2015-11-17	5.5	CVE-2015-5301 CONFIRM CONFIRM CONFIRM CONFIRM MLIST
linux — linux_kernel	The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a “double-chroot attack.”	2015-11-16	6.9	CVE-2015-2925 CONFIRM CONFIRM CONFIRM CONFIRM MLIST CONFIRM CONFIRM MLIST MLIST CONFIRM CONFIRM
linux — linux_kernel	drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted USB device.	2015-11-16	4.9	CVE-2015-5257 CONFIRM CONFIRM MLIST CONFIRM CONFIRM
linux — linux_kernel	The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.	2015-11-16	4.9	CVE-2015-5307 CONFIRM CONFIRM CONFIRM MLIST CONFIRM
linux — linux_kernel	Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c.	2015-11-16	4.4	CVE-2015-7312 MLIST MLIST
linux — linux_kernel	The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.	2015-11-16	4.7	CVE-2015-8104 CONFIRM CONFIRM CONFIRM MLIST CONFIRM
linux — linux_kernel	net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product.	2015-11-16	5.0	CVE-2015-8215 CONFIRM MISC CONFIRM CONFIRM CONFIRM
newphoria_corporation — applican	Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican framework before 1.13.0 for Android and iOS allows remote attackers to inject arbitrary web script or HTML via a crafted SSID that is encountered by an applican application, a different vulnerability than CVE-2015-7772.	2015-11-19	4.3	CVE-2015-7771 JVNDB JVN CONFIRM
newphoria_corporation — applican	Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican framework before 1.13.0 for Android and iOS allows remote attackers to inject arbitrary web script or HTML via a crafted URL that triggers WebView anchor attachment in an applican application, a different vulnerability than CVE-2015-7771.	2015-11-19	4.3	CVE-2015-7772 JVNDB JVN CONFIRM
open-xchange — ox_guard	Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard before 2.0.0-rev11 allows remote attackers to inject arbitrary web script or HTML via the uid field in a PGP public key, which is not properly handled in “Guard PGP Settings.”	2015-11-19	4.3	CVE-2015-7385 CONFIRM MISC
pc-egg — pwebmanager	PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role.	2015-11-13	6.5	CVE-2015-7774 CONFIRM JVNDB JVN
powerdns — authoritative	PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service (assertion failure and server crash) via crafted query packets.	2015-11-17	5.0	CVE-2015-5311 CONFIRM SECTRACK MLIST
strongswan — strongswan	The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message.	2015-11-18	5.0	CVE-2015-8023 CONFIRM UBUNTU DEBIAN
tibco — loglogic_unity	The Web Server component in TIBCO LogLogic Unity before 1.1.1 allows remote authenticated users to gain privileges, and consequently obtain sensitive information, via an HTTP request.	2015-11-18	4.0	CVE-2015-8090 CONFIRM CONFIRM
uc_profile_project — uc_profile	The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles in certain circumstances, which might allow remote attackers to obtain sensitive information from the anonymous user profile via unspecified vectors.	2015-11-17	4.3	CVE-2015-8232 MISC CONFIRM
wireshark — wireshark	The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying.	2015-11-14	4.3	CVE-2015-7830 CONFIRM CONFIRM CONFIRM
xen — xen	The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x through 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptable hypercall to the multicall interface.	2015-11-17	4.9	CVE-2015-7812 CONFIRM SECTRACK
xmlsoft — libxml2	libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.	2015-11-18	4.3	CVE-2015-7941 CONFIRM CONFIRM CONFIRM UBUNTU MLIST MLIST
xmlsoft — libxml2	The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.	2015-11-18	6.8	CVE-2015-7942 CONFIRM CONFIRM UBUNTU MLIST MLIST
xmlsoft — libxslt	The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a “type confusion” issue.	2015-11-17	5.0	CVE-2015-7995 CONFIRM CONFIRM BID MLIST MLIST

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
apple — apple_remote_desktop	The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box.	2015-11-13	3.7	CVE-2013-5229 JVNDB JVN CONFIRM
emc — vplex_geosynchrony	The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GUI passwords in a log file, which allows local users to obtain sensitive information by reading this file.	2015-11-18	2.1	CVE-2015-6847 BUGTRAQ
ibm — tivoli_storage_flashcopy_manager	IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka Spectrum Protect for Databases) 5.5 before 5.5.6.2, 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server (aka Spectrum Protect for Mail) 5.5 before 5.5.1.1, 6.1 and 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; and Tivoli Storage FlashCopy Manager for Windows (aka Spectrum Protect Snapshot) 2.x and 3.1 before 3.1.1.6, 3.2 before 3.2.1.8, and 4.1 before 4.1.4, when application tracing is configured, write cleartext passwords during changetsmpassword command execution, which allows local users to obtain sensitive information by reading the application trace output.	2015-11-13	1.9	CVE-2015-7404 CONFIRM AIXAPAR
linux — linux_kernel	The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.	2015-11-16	2.1	CVE-2015-7872 CONFIRM CONFIRM CONFIRM CONFIRM MLIST CONFIRM CONFIRM
mayo_project — mayo	Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the “Administer themes” permission to inject arbitrary web script or HTML via unspecified vectors related to theme settings.	2015-11-17	2.6	CVE-2015-8233 MISC CONFIRM CONFIRM
networkmanager_project — networkmanager	The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message, a similar issue to CVE-2015-2922.	2015-11-16	3.3	CVE-2015-2924 MLIST
xmlsoft — libxml2	The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.	2015-11-18	2.6	CVE-2015-8035 CONFIRM UBUNTU MLIST MLIST MLIST

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

VMware Releases Security Updates

November 19, 2015 007admin Leave a comment

Original release date: November 19, 2015

VMware has released security updates to address a vulnerability in vCenter, vCloud Director, and Horizon View. Exploitation of this vulnerability may allow an attacker to obtain sensitive information.

Users and administrators are encouraged to review VMware Security Advisory VMSA-2015-0008 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

IC3 Warns of Cyber Attacks Focused on Law Enforcement and Public Officials

November 18, 2015 007admin Leave a comment

Original release date: November 18, 2015

The Internet Crime Complaint Center (IC3) has issued an alert warning that law enforcement personnel and public officials may be at an increased risk of cyber attacks. In addition to doxing (the act of gathering and publishing individuals’ personal information without permission), threat actors have been observed compromising the email accounts of officers and officials. These target groups should protect their online presence and exposure.

Users are encouraged to review the IC3 Alert for details and recommended security measures. Refer to US-CERT Tip ST06-003 for information on staying safe on social networking sites.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

Adobe Releases Security Updates for ColdFusion, LiveCycle Data Services, and Adobe Premiere Clip

November 17, 2015 007admin Leave a comment

Original release date: November 17, 2015

Adobe has released security updates to address multiple vulnerabilities in ColdFusion, LiveCycle Data Services, and Adobe Premiere Clip. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review Adobe Security Bulletins for ColdFusion, LiveCycle Data Services, and Adobe Premier Clip and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

Apache Commons Collections Java Library Vulnerability

November 13, 2015 007admin Leave a comment

Original release date: November 13, 2015

US-CERT is aware of a deserialization vulnerability in the Apache Commons Collections (ACC) Java library. Java applications that either directly use ACC, or contain ACC in their classpath, may be vulnerable to arbitrary code execution.

US-CERT encourages users and administrators to review Vulnerability Note VU#576313 for more information and apply the necessary mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

Apache Commons Collections Java Library Vulnerability

November 13, 2015 007admin Leave a comment

Original release date: November 13, 2015

US-CERT encourages users and administrators to review Vulnerability Note VU#576313 for more information and apply the necessary mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

Google Releases Security Updates for Chrome and Chrome OS

November 11, 2015 007admin Leave a comment

Original release date: November 11, 2015

Google has released security updates to address vulnerabilities in Chrome and Chrome OS. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.

Updates available include:

Chrome 46.0.2490.86 for Windows, Mac and Linux
Chrome 46.0.2490.82 for all OS devices

Users and administrators are encouraged to review the Chrome page and Chrome OS page and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

007 Software

Category Archives: US-CERT

SB15-334: Vulnerability Summary for the Week of November 16, 2015

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

US-CERT Alerts Users to Holiday Phishing Scams and Malware Campaigns

Dell Computers Contain CA Root Certificate Vulnerability

SB15-327: Vulnerability Summary for the Week of November 16, 2015

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

VMware Releases Security Updates

IC3 Warns of Cyber Attacks Focused on Law Enforcement and Public Officials

Adobe Releases Security Updates for ColdFusion, LiveCycle Data Services, and Adobe Premiere Clip

Apache Commons Collections Java Library Vulnerability

Apache Commons Collections Java Library Vulnerability

Google Releases Security Updates for Chrome and Chrome OS

Software and Security Information