Category Archives: US-CERT

US-CERT Alerts – Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

SB15-334: Vulnerability Summary for the Week of November 16, 2015

Original release date: November 30, 2015

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0

  • Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9

  • Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
apple — iphone_os The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument. 2015-11-21 7.5 CVE-2015-7036
MISC
CONFIRM
CONFIRM
arris — na_model_862_gw_mono_firmware Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remote attackers to obtain access via the web management interface, SSH, TELNET, or SNMP. 2015-11-21 9.3 CVE-2015-7289
CERT-VN
cisco — virtual_topology_system Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379. 2015-11-23 7.8 CVE-2015-6377
CISCO
csl_dualcom — gprs_cs2300-r_firmware CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers’ installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message. 2015-11-24 7.5 CVE-2015-7287
CONFIRM
CERT-VN
MISC
gnome — gnome_display_manager GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key. 2015-11-24 7.2 CVE-2015-7496
CONFIRM
CONFIRM
MLIST
MLIST
FEDORA
huawei — vp_9660_firmware The built-in web server in Huawei VP9660 multi-point control unit with software before V200R001C30SPC700 allows a remote administrator to obtain sensitive information or cause a denial of service via a crafted message. 2015-11-24 8.5 CVE-2015-8227
CONFIRM
nvidia — gpu_driver The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of service (resource consumption), or possibly have unspecified other impact via unknown vectors related to the follow_pfn kernel-mode API call. 2015-11-24 10.0 CVE-2015-5053
CONFIRM
nvidia — gpu_driver nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784. 2015-11-24 7.7 CVE-2015-7865
MISC
SECTRACK
CONFIRM
nvidia — gpu_driver Unquoted Windows search path vulnerability in the Smart Maximize Helper (nvSmartMaxApp.exe) in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to gain privileges via a Trojan horse application, as demonstrated by C:Program.exe. 2015-11-24 7.2 CVE-2015-7866
SECTRACK
CONFIRM
sap — plant_connectivity The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (memory corruption and agent crash) via crafted xMII requests, aka SAP Security Note 2238619. 2015-11-24 7.8 CVE-2015-8330
MISC
MISC
tibbo — aggregate The Ice Faces servlet in ag_server_service.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows remote attackers to upload and execute arbitrary Java code via a crafted XML document. 2015-11-21 10.0 CVE-2015-7912
MISC
MISC
tibbo — aggregate ag_server_service.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows local users to execute arbitrary Java code with SYSTEM privileges by using the Apache Axis AdminService deployment method to publish a class. 2015-11-21 7.2 CVE-2015-7913
MISC
MISC
valve — steam Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain privileges via a Trojan horse steam.exe file. 2015-11-24 7.2 CVE-2015-7985
BUGTRAQ
vbulletin — vbulletin The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in the arguments parameter to ajax/api/hook/decodeArguments. 2015-11-24 7.5 CVE-2015-7808
EXPLOIT-DB
MISC
MISC
MISC
MISC
MISC

Back to top

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
apache — cordova Apache Cordova-Android before 4.1.0, when an application relies on a remote server, improperly implements a JavaScript whitelist protection mechanism, which allows attackers to bypass intended access restrictions via a crafted URI. 2015-11-23 4.3 CVE-2015-5256
CONFIRM
apache — cordova Apache Cordova-Android before 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for attackers to conduct bridge hijacking attacks by predicting a value. 2015-11-23 5.0 CVE-2015-8320
CONFIRM
apple — iphone_os The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows attackers to bypass background-execution limitations via a crafted app. 2015-11-21 4.3 CVE-2015-5787
CONFIRM
apple — iphone_os The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. 2015-11-21 4.3 CVE-2015-5859
CONFIRM
CONFIRM
arris — na_model_862_gw_mono_firmware Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have predictable technician passwords, which makes it easier for remote attackers to obtain access via the web management interface, related to a “password of the day” issue. 2015-11-21 4.3 CVE-2009-5149
CERT-VN
MISC
MISC
MISC
arris — na_model_862_gw_mono_firmware Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to inject arbitrary web script or HTML via the pwd parameter. 2015-11-21 4.3 CVE-2015-7290
CERT-VN
arris — na_model_862_gw_mono_firmware Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to hijack the authentication of arbitrary users. 2015-11-21 6.8 CVE-2015-7291
CERT-VN
cisco — telepresence_video_communication_server_software Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv72412. 2015-11-21 6.8 CVE-2015-6376
CISCO
cisco — adaptive_security_appliance_software The XML parser in the management interface in Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote authenticated users to cause a denial of service (device crash) via a crafted XML document, aka Bug ID CSCut14223. 2015-11-24 6.8 CVE-2015-6379
CISCO
cisco — firepower_extensible_operating_system An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to execute arbitrary OS commands via crafted parameters, aka Bug ID CSCux10622. 2015-11-23 6.5 CVE-2015-6380
CISCO
csl_dualcom — gprs_cs2300-r_firmware CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response. 2015-11-24 5.8 CVE-2015-7285
CONFIRM
CERT-VN
MISC
csl_dualcom — gprs_cs2300-r_firmware CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic. 2015-11-24 6.4 CVE-2015-7286
CONFIRM
CERT-VN
MISC
csl_dualcom — gprs_cs2300-r_firmware CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a “4 2” command. 2015-11-24 4.3 CVE-2015-7288
CONFIRM
CERT-VN
MISC
hp — operations_orchestration Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. 2015-11-22 6.8 CVE-2015-5451
HP
huawei — ar_firmware Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via unspecified vectors. 2015-11-24 4.0 CVE-2015-8228
CONFIRM
huawei — espace_firmware Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling packets from a registered device. 2015-11-24 4.0 CVE-2015-8229
CONFIRM
libpng — libpng The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read. 2015-11-24 5.0 CVE-2015-7981
CONFIRM
UBUNTU
MLIST
MLIST
DEBIAN
CONFIRM
CONFIRM
CONFIRM
nvidia — gpu_driver Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before 340.96, R352 before 352.63, and R358 before 358.16 on Linux allow local users to obtain sensitive information, cause a denial of service (crash), or possibly gain privileges via unknown vectors, which trigger uninitialized or out of bounds memory access. NOTE: this identifier has been SPLIT per ADT2 and ADT3 due to different vulnerability type and affected versions. See CVE-2015-8328 for the vulnerability in the NVAPI support layer in NVIDIA drivers for Windows. 2015-11-24 6.6 CVE-2015-7869
UBUNTU
SECTRACK
CONFIRM
nvidia — gpu_driver Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or possibly gain privileges via unknown vectors. NOTE: this identifier was SPLIT from CVE-2015-7869 per ADT2 and ADT3 due to different vulnerability types and affected versions. 2015-11-24 6.6 CVE-2015-8328
SECTRACK
CONFIRM
sap — manufacturing_integration_and_intelligence SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) uses weak encryption (Base64 and DES), which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274. 2015-11-24 5.0 CVE-2015-8329
MISC
sddm_project — _sddm daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated by the plasma-workspace breeze theme. 2015-11-24 4.6 CVE-2015-0856
CONFIRM
CONFIRM
BID
MLIST
FEDORA
void_project — void Cross-site scripting (XSS) vulnerability in index.php in JosephErnest Void before 2015-10-02 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. 2015-11-21 4.3 CVE-2015-7777
CONFIRM
JVNDB
JVN

Back to top

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
cisco — ios The debug-logging (aka debug cns) feature in Cisco Networking Services (CNS) for IOS 15.2(2)E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010. 2015-11-21 2.1 CVE-2015-6375
CISCO
redhat — enterprise_linux The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted (1) multiboot or (2) multiboot2 module in the configuration file or physically proximate attackers to bypass intended Secure Boot restrictions and execute non-verified code via the (3) boot menu. 2015-11-24 2.6 CVE-2015-5281
CONFIRM
SECTRACK
REDHAT

Back to top


This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT Alerts Users to Holiday Phishing Scams and Malware Campaigns

Original release date: November 25, 2015

US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. E-cards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver infected attachments. Spoofed e-mail messages and fraudulent posts on social networking sites may request support for phony causes.

To avoid seasonal campaigns that could result in security breaches, identity theft, or financial loss, US-CERT encourages users to take the following actions:

  • Avoid following unsolicited links or downloading attachments from unknown sources.

If you believe you are a victim of a holiday phishing scam or malware campaign, consider the following actions:

  • Contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account.
  • Immediately change any passwords you might have revealed and do not use that password in the future. Avoid reusing passwords on multiple sites.

This product is provided subject to this Notification and this Privacy & Use policy.

Dell Computers Contain CA Root Certificate Vulnerability

Original release date: November 24, 2015 | Last revised: November 25, 2015

Dell consumer personal computers using the preinstalled certificate authority (CA) root certificate (eDellRoot) contain a critical vulnerability. Exploitation of the vulnerability could allow a remote attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system.

The eDellRoot certificate originated from an update to the Dell Foundation Services (DFS) application on August 18, 2015.  As of November 23, that update is no longer being provided. The certificate was also preinstalled on some systems between November 20-23, 2015. Dell is pushing a DFS software update to remove the vulnerable certificate from affected systems.

US-CERT encourages users and administrators to review Vulnerability Note VU#870761 and Dell’s blog post for more information and guidance on removing the certificate.


This product is provided subject to this Notification and this Privacy & Use policy.

SB15-327: Vulnerability Summary for the Week of November 16, 2015

Original release date: November 23, 2015

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0

  • Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9

  • Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — premiere_clip The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecified input, which has unknown impact and attack vectors. 2015-11-18 10.0 CVE-2015-8051
CONFIRM
arista — eos Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1 allows remote attackers to execute arbitrary code as root by leveraging management-plane access, aka Bug 138716. 2015-11-19 10.0 CVE-2015-8236
CONFIRM
cisco — aironet_access_point_software Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly establishing many SSHv2 connections, aka Bug ID CSCux13374. 2015-11-13 7.8 CVE-2015-6367
CISCO
cisco — firepower_extensible_operating_system The Management I/O (MIO) component in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows local users to execute arbitrary OS commands as root via crafted CLI input, aka Bug ID CSCux10578. 2015-11-18 7.2 CVE-2015-6370
CISCO
dameware — mini_remote_control Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline argument in a link. 2015-11-17 7.5 CVE-2015-8220
CONFIRM
MISC
dracut_project — dracut modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2 allows local users to have unspecified impact via a symlink attack on /tmp/dracut_block_uuid.map. 2015-11-19 7.2 CVE-2015-0794
SUSE
MLIST
MLIST
exemys — telemetry_web_server Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body. 2015-11-19 7.8 CVE-2015-7910
MISC
ffmpeg — ffmpeg The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data. 2015-11-16 7.5 CVE-2015-8216
CONFIRM
ffmpeg — ffmpeg The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficiency Video Coding (HEVC) data. 2015-11-16 7.5 CVE-2015-8217
CONFIRM
ffmpeg — ffmpeg The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data. 2015-11-16 7.5 CVE-2015-8219
CONFIRM
google — picasa Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow. 2015-11-17 10.0 CVE-2015-8221
BUGTRAQ
MISC
MISC
huawei — espace_firmware An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V200R003C00SPC300 does not properly initialize memory when processing timeout messages, which allows remote attackers to cause a denial of service (out-of-bounds memory access and device restart) via unknown vectors. 2015-11-19 7.8 CVE-2015-8083
CONFIRM
ibm — websphere_portal IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows remote attackers to cause a denial of service (memory consumption) via crafted requests. 2015-11-13 7.8 CVE-2015-7419
CONFIRM
AIXAPAR
mega-nerd — libsndfile Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file. 2015-11-17 9.3 CVE-2015-7805
EXPLOIT-DB
MLIST
MLIST
MISC
MISC
SUSE
FEDORA
oracle — weblogic_server The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product. 2015-11-18 7.5 CVE-2015-4852
MISC
CONFIRM
CONFIRM
MLIST
MISC
piwik — piwik Directory traversal vulnerability in core/ViewDataTable/Factory.php in Piwik before 2.15.0 allows remote attackers to include and execute arbitrary local files via the viewDataTable parameter. 2015-11-16 7.5 CVE-2015-7815
CONFIRM
BUGTRAQ
FULLDISC
MISC
MISC
piwik — piwik The DisplayTopKeywords function in plugins/Referrers/Controller.php in Piwik before 2.15.0, which allows remote attackers to conduct PHP object injection attacks, conduct Server-Side Request Forgery (SSRF) attacks, and execute arbitrary PHP code via a crafted HTTP header. 2015-11-16 7.5 CVE-2015-7816
CONFIRM
BUGTRAQ
FULLDISC
MISC
MISC
samsung — galaxy_s6 The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file. 2015-11-16 7.5 CVE-2015-7897
EXPLOIT-DB
MISC
MISC
MISC
schneider-electric — imt25_magnetic_flow_dtm Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART Protocol allows remote authenticated users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HART reply. 2015-11-14 7.7 CVE-2015-3977
MISC
CONFIRM
sudo_project — sudo sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by “/home/*/*/file.txt.” 2015-11-17 7.2 CVE-2015-5602
EXPLOIT-DB
CONFIRM
FEDORA
FEDORA
CONFIRM

Back to top

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — coldfusion Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x before 3.0.0.354175, 3.1.x before 3.1.0.354180, 4.5.x before 4.5.1.354177, 4.6.2.x before 4.6.2.354178, and 4.7.x before 4.7.0.354178, allows remote attackers to send HTTP traffic to intranet servers via a crafted XML document, related to a Server-Side Request Forgery (SSRF) issue. 2015-11-18 4.3 CVE-2015-5255
CONFIRM
CONFIRM
adobe — coldfusion Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8053. 2015-11-18 4.3 CVE-2015-8052
CONFIRM
adobe — coldfusion Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8052. 2015-11-18 4.3 CVE-2015-8053
CONFIRM
apache — cxf The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a “wrapping attack.” 2015-11-18 4.0 CVE-2015-5253
CONFIRM
SECTRACK
MLIST
CONFIRM
atutor — atutor Unrestricted file upload vulnerability in mods/_core/properties/lib/course.inc.php in ATutor before 2.2 patch 6 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension as a customicon for a new course, then accessing it via a direct request to the file in content/. 2015-11-16 6.5 CVE-2014-9752
BUGTRAQ
CONFIRM
FULLDISC
MISC
MISC
atutor — atutor Multiple eval injection vulnerabilities in mods/_standard/gradebook/edit_marks.php in ATutor 2.2 and earlier allow remote authenticated users with the AT_PRIV_GRADEBOOK privilege to execute arbitrary PHP code via the (1) asc or (2) desc parameter. 2015-11-16 6.5 CVE-2015-7712
BUGTRAQ
FULLDISC
MISC
MISC
bastian_allgeier — kirby Unrestricted file upload vulnerability in the Panel component in Bastian Allgeier Kirby before 2.1.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file that lacks an extension, and then renaming this file to have a .php extension. 2015-11-19 6.5 CVE-2015-7773
CONFIRM
JVNDB
JVN
blackberry — enterprise_server The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a “cross frame scripting” issue. 2015-11-19 4.3 CVE-2015-4112
CONFIRM
canonical — ubuntu_linux The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors. 2015-11-17 4.6 CVE-2015-8222
UBUNTU
CONFIRM
CONFIRM
cisco — prime_collaboration_assurance Cross-site request forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 10.5(1) and 10.6 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus62712. 2015-11-18 6.8 CVE-2015-6330
CISCO
cisco — firesight_system_software The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code, via a crafted certificate, aka Bug ID CSCuw06444. 2015-11-18 6.8 CVE-2015-6357
CISCO
cisco — videoscape_distribution_suite_service_manager Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960. 2015-11-13 5.0 CVE-2015-6364
CISCO
cisco — ios Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs supersede virtual PPP interface ACLs, which allows remote authenticated users to bypass intended network-traffic restrictions in opportunistic circumstances by using PPP, aka Bug ID CSCur61303. 2015-11-13 4.0 CVE-2015-6365
CISCO
cisco — firepower_extensible_operating_system Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to read files via a crafted HTTP request, aka Bug ID CSCux10608. 2015-11-18 5.0 CVE-2015-6368
CISCO
cisco — firepower_extensible_operating_system The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows physically proximate attackers to cause a denial of service via a crafted USB device that triggers invalid USB commands, aka Bug ID CSCux10531. 2015-11-18 4.9 CVE-2015-6369
CISCO
cisco — firepower_extensible_operating_system Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to read arbitrary files via crafted parameters to unspecified scripts, aka Bug ID CSCux10621. 2015-11-18 4.0 CVE-2015-6371
CISCO
cisco — firepower_extensible_operating_system Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux10614. 2015-11-18 4.3 CVE-2015-6372
CISCO
cisco — firepower_extensible_operating_system Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux10611. 2015-11-18 6.8 CVE-2015-6373
CISCO
cisco — firepower_extensible_operating_system The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID CSCux10604. 2015-11-18 4.3 CVE-2015-6374
CISCO
citrix — netscaler_application_delivery_controller_firmware The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow attackers to obtain credentials via the browser cache. 2015-11-17 5.0 CVE-2015-7996
CONFIRM
citrix — netscaler_application_delivery_controller_firmware Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2015-11-17 4.3 CVE-2015-7997
CONFIRM
citrix — netscaler_application_delivery_controller_firmware The administration UI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allows attackers to obtain sensitive information via unspecified vectors. 2015-11-17 5.0 CVE-2015-7998
CONFIRM
d-link — dir-816l_firmware Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DIR-816L Wireless Router with firmware before 2.06.B09_BETA allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin password, (2) change the network policy, or (3) possibly have other unspecified impact via crafted requests to hedwig.cgi and pigwidgeon.cgi. 2015-11-18 6.8 CVE-2015-5999
BUGTRAQ
FULLDISC
MISC
CONFIRM
ffmpeg — ffmpeg The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data. 2015-11-16 6.8 CVE-2015-8218
CONFIRM
gentoo — libsndfile The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable. 2015-11-19 5.0 CVE-2014-9756
CONFIRM
CONFIRM
MLIST
MLIST
SUSE
gnome — networkmanager GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215. 2015-11-17 5.0 CVE-2015-0272
CONFIRM
BID
CONFIRM
gnu — gcc The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors. 2015-11-17 5.0 CVE-2015-5276
CONFIRM
CONFIRM
SUSE
horde — groupware Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter to admin/sqlshell.php, or (3) PHP code via the php parameter to admin/phpshell.php. 2015-11-19 6.8 CVE-2015-7984
MISC
DEBIAN
MLIST
MLIST
MLIST
huawei — espace_firmware The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH packets. 2015-11-19 5.0 CVE-2015-7845
CONFIRM
huawei — ne_router_software Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a “VPN routing and forwarding (VRF) hopping vulnerability.” 2015-11-19 5.0 CVE-2015-8087
CONFIRM
ibm — datapower_gateway IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x before 7.0.0.10, 7.1.0.x before 7.1.0.7, and 7.2.x before 7.2.0.1 do not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session. 2015-11-13 5.0 CVE-2015-7427
CONFIRM
AIXAPAR
ipsilon_project — ipsilon providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider (SP) owner, which allows remote authenticated users to cause a denial of service via a duplicate SP name. 2015-11-17 4.0 CVE-2015-5217
CONFIRM
CONFIRM
CONFIRM
MLIST
ipsilon_project — ipsilon providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.2 and 1.1.x before 1.1.1 does not properly check permissions, which allows remote authenticated users to cause a denial of service by deleting a SAML2 Service Provider (SP). 2015-11-17 5.5 CVE-2015-5301
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST
linux — linux_kernel The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a “double-chroot attack.” 2015-11-16 6.9 CVE-2015-2925
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST
CONFIRM
CONFIRM
MLIST
MLIST
CONFIRM
CONFIRM
linux — linux_kernel drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted USB device. 2015-11-16 4.9 CVE-2015-5257
CONFIRM
CONFIRM
MLIST
CONFIRM
CONFIRM
linux — linux_kernel The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. 2015-11-16 4.9 CVE-2015-5307
CONFIRM
CONFIRM
CONFIRM
MLIST
CONFIRM
linux — linux_kernel Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c. 2015-11-16 4.4 CVE-2015-7312
MLIST
MLIST
linux — linux_kernel The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c. 2015-11-16 4.7 CVE-2015-8104
CONFIRM
CONFIRM
CONFIRM
MLIST
CONFIRM
linux — linux_kernel net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product. 2015-11-16 5.0 CVE-2015-8215
CONFIRM
MISC
CONFIRM
CONFIRM
CONFIRM
newphoria_corporation — applican Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican framework before 1.13.0 for Android and iOS allows remote attackers to inject arbitrary web script or HTML via a crafted SSID that is encountered by an applican application, a different vulnerability than CVE-2015-7772. 2015-11-19 4.3 CVE-2015-7771
JVNDB
JVN
CONFIRM
newphoria_corporation — applican Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican framework before 1.13.0 for Android and iOS allows remote attackers to inject arbitrary web script or HTML via a crafted URL that triggers WebView anchor attachment in an applican application, a different vulnerability than CVE-2015-7771. 2015-11-19 4.3 CVE-2015-7772
JVNDB
JVN
CONFIRM
open-xchange — ox_guard Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard before 2.0.0-rev11 allows remote attackers to inject arbitrary web script or HTML via the uid field in a PGP public key, which is not properly handled in “Guard PGP Settings.” 2015-11-19 4.3 CVE-2015-7385
CONFIRM
MISC
pc-egg — pwebmanager PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role. 2015-11-13 6.5 CVE-2015-7774
CONFIRM
JVNDB
JVN
powerdns — authoritative PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service (assertion failure and server crash) via crafted query packets. 2015-11-17 5.0 CVE-2015-5311
CONFIRM
SECTRACK
MLIST
strongswan — strongswan The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message. 2015-11-18 5.0 CVE-2015-8023
CONFIRM
UBUNTU
DEBIAN
tibco — loglogic_unity The Web Server component in TIBCO LogLogic Unity before 1.1.1 allows remote authenticated users to gain privileges, and consequently obtain sensitive information, via an HTTP request. 2015-11-18 4.0 CVE-2015-8090
CONFIRM
CONFIRM
uc_profile_project — uc_profile The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles in certain circumstances, which might allow remote attackers to obtain sensitive information from the anonymous user profile via unspecified vectors. 2015-11-17 4.3 CVE-2015-8232
MISC
CONFIRM
wireshark — wireshark The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying. 2015-11-14 4.3 CVE-2015-7830
CONFIRM
CONFIRM
CONFIRM
xen — xen The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x through 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptable hypercall to the multicall interface. 2015-11-17 4.9 CVE-2015-7812
CONFIRM
SECTRACK
xmlsoft — libxml2 libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities. 2015-11-18 4.3 CVE-2015-7941
CONFIRM
CONFIRM
CONFIRM
UBUNTU
MLIST
MLIST
xmlsoft — libxml2 The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941. 2015-11-18 6.8 CVE-2015-7942
CONFIRM
CONFIRM
UBUNTU
MLIST
MLIST
xmlsoft — libxslt The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a “type confusion” issue. 2015-11-17 5.0 CVE-2015-7995
CONFIRM
CONFIRM
BID
MLIST
MLIST

Back to top

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
apple — apple_remote_desktop The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box. 2015-11-13 3.7 CVE-2013-5229
JVNDB
JVN
CONFIRM
emc — vplex_geosynchrony The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GUI passwords in a log file, which allows local users to obtain sensitive information by reading this file. 2015-11-18 2.1 CVE-2015-6847
BUGTRAQ
ibm — tivoli_storage_flashcopy_manager IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka Spectrum Protect for Databases) 5.5 before 5.5.6.2, 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server (aka Spectrum Protect for Mail) 5.5 before 5.5.1.1, 6.1 and 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; and Tivoli Storage FlashCopy Manager for Windows (aka Spectrum Protect Snapshot) 2.x and 3.1 before 3.1.1.6, 3.2 before 3.2.1.8, and 4.1 before 4.1.4, when application tracing is configured, write cleartext passwords during changetsmpassword command execution, which allows local users to obtain sensitive information by reading the application trace output. 2015-11-13 1.9 CVE-2015-7404
CONFIRM
AIXAPAR
linux — linux_kernel The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands. 2015-11-16 2.1 CVE-2015-7872
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST
CONFIRM
CONFIRM
mayo_project — mayo Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the “Administer themes” permission to inject arbitrary web script or HTML via unspecified vectors related to theme settings. 2015-11-17 2.6 CVE-2015-8233
MISC
CONFIRM
CONFIRM
networkmanager_project — networkmanager The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message, a similar issue to CVE-2015-2922. 2015-11-16 3.3 CVE-2015-2924
MLIST
xmlsoft — libxml2 The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data. 2015-11-18 2.6 CVE-2015-8035
CONFIRM
UBUNTU
MLIST
MLIST
MLIST

Back to top


This product is provided subject to this Notification and this Privacy & Use policy.

VMware Releases Security Updates

Original release date: November 19, 2015

VMware has released security updates to address a vulnerability in vCenter, vCloud Director, and Horizon View. Exploitation of this vulnerability may allow an attacker to obtain sensitive information.

Users and administrators are encouraged to review VMware Security Advisory VMSA-2015-0008 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.

IC3 Warns of Cyber Attacks Focused on Law Enforcement and Public Officials

Original release date: November 18, 2015

The Internet Crime Complaint Center (IC3) has issued an alert warning that law enforcement personnel and public officials may be at an increased risk of cyber attacks. In addition to doxing (the act of gathering and publishing individuals’ personal information without permission), threat actors have been observed compromising the email accounts of officers and officials. These target groups should protect their online presence and exposure.

Users are encouraged to review the IC3 Alert for details and recommended security measures. Refer to US-CERT Tip ST06-003 for information on staying safe on social networking sites.


This product is provided subject to this Notification and this Privacy & Use policy.

Adobe Releases Security Updates for ColdFusion, LiveCycle Data Services, and Adobe Premiere Clip

Original release date: November 17, 2015

Adobe has released security updates to address multiple vulnerabilities in ColdFusion, LiveCycle Data Services, and Adobe Premiere Clip. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review Adobe Security Bulletins for ColdFusion, LiveCycle Data Services, and Adobe Premier Clip and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.

Apache Commons Collections Java Library Vulnerability

Original release date: November 13, 2015

US-CERT is aware of a deserialization vulnerability in the Apache Commons Collections (ACC) Java library. Java applications that either directly use ACC, or contain ACC in their classpath, may be vulnerable to arbitrary code execution.

US-CERT encourages users and administrators to review Vulnerability Note VU#576313 for more information and apply the necessary mitigations.


This product is provided subject to this Notification and this Privacy & Use policy.

Apache Commons Collections Java Library Vulnerability

Original release date: November 13, 2015

US-CERT is aware of a deserialization vulnerability in the Apache Commons Collections (ACC) Java library. Java applications that either directly use ACC, or contain ACC in their classpath, may be vulnerable to arbitrary code execution.

US-CERT encourages users and administrators to review Vulnerability Note VU#576313 for more information and apply the necessary mitigations.


This product is provided subject to this Notification and this Privacy & Use policy.

Google Releases Security Updates for Chrome and Chrome OS

Original release date: November 11, 2015

Google has released security updates to address vulnerabilities in Chrome and Chrome OS. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.

Updates available include:

  • Chrome 46.0.2490.86 for Windows, Mac and Linux
  • Chrome 46.0.2490.82 for all OS devices

Users and administrators are encouraged to review the Chrome page and Chrome OS page and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.