Original release date: January 18, 2016
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
-
Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
-
Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
adobe — acrobat | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. | 2016-01-14 | 10.0 | CVE-2016-0933 CONFIRM |
adobe — acrobat | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG 2000 data, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. | 2016-01-14 | 9.3 | CVE-2016-0936 CONFIRM MISC |
adobe — acrobat | Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0940, and CVE-2016-0941. | 2016-01-14 | 9.3 | CVE-2016-0937 CONFIRM MISC |
adobe — acrobat | The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. | 2016-01-14 | 9.3 | CVE-2016-0938 CONFIRM MISC |
adobe — acrobat | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0941. | 2016-01-14 | 10.0 | CVE-2016-0940 CONFIRM |
adobe — acrobat | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. | 2016-01-14 | 10.0 | CVE-2016-0942 CONFIRM |
adobe — acrobat | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0945, and CVE-2016-0946. | 2016-01-14 | 10.0 | CVE-2016-0944 CONFIRM |
adobe — acrobat | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0946. | 2016-01-14 | 10.0 | CVE-2016-0945 CONFIRM |
adobe — acrobat | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0945. | 2016-01-14 | 10.0 | CVE-2016-0946 CONFIRM |
adobe — acrobat | Untrusted search path vulnerability in Adobe Download Manager, as used in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X, allows local users to gain privileges via a crafted resource in an unspecified directory. | 2016-01-14 | 7.2 | CVE-2016-0947 CONFIRM |
apache — activemq | Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object. | 2016-01-08 | 7.5 | CVE-2015-5254 CONFIRM MLIST FEDORA FEDORA CONFIRM |
apache — subversion | Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read. | 2016-01-08 | 9.0 | CVE-2015-5259 SECTRACK CONFIRM |
apple — mac_os_x | Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors. | 2016-01-11 | 7.2 | CVE-2015-6980 CONFIRM APPLE |
avm — fritz!_os | AVM FRITZ!OS before 6.30 extracts the contents of firmware updates before verifying their cryptographic signature, which allows remote attackers to create symlinks or overwrite critical files, and consequently execute arbitrary code, via a crafted firmware image. | 2016-01-08 | 9.3 | CVE-2014-8886 MISC CONFIRM BUGTRAQ FULLDISC |
blueman_project — blueman | The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.3 allows local users to gain privileges via the dhcp_handler argument. | 2016-01-08 | 7.2 | CVE-2015-8612 MISC CONFIRM CONFIRM MLIST MLIST DEBIAN |
dell — pre-boot_authentication_driver | Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x0022201c IOCTL call. | 2016-01-08 | 7.2 | CVE-2015-6856 MISC BID BUGTRAQ FULLDISC MISC |
f5 — big-ip_access_policy_manager | F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and 11.6.0 before 11.6.0 HF4 allow remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors related to processing a Citrix Remote Desktop connection through a virtual server configured with a remote desktop profile, aka an “Out-of-bounds memory vulnerability.” | 2016-01-12 | 10.0 | CVE-2015-8098 CONFIRM SECTRACK |
f5 — big-ip_access_policy_manager | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 2000, 4000, 5000, 7000, and 10000 platforms do not properly sync passwords with the Always-On Management (AOM) subsystem, which might allow remote attackers to obtain login access to AOM via an (1) expired or (2) default password. | 2016-01-12 | 10.0 | CVE-2015-8611 CONFIRM SECTRACK |
fortinet — forticlient | Fortinet FortiClient Linux SSLVPN before build 2313, when installed on Linux in a home directory that is world readable and executable, allows local users to gain privileges via the helper/subroc setuid program. | 2016-01-08 | 7.2 | CVE-2015-7362 CONFIRM |
huawei — mate_7_firmware | Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application. | 2016-01-12 | 9.3 | CVE-2015-8088 CONFIRM |
huawei — ale_firmware | The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service (crash) via a crafted application with the system or camera permission, a different vulnerability than CVE-2015-8226. | 2016-01-08 | 7.1 | CVE-2015-8225 CONFIRM |
huawei — ale_firmware | The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service (crash) via a crafted application with the system or camera permission, a different vulnerability than CVE-2015-8225. | 2016-01-08 | 7.1 | CVE-2015-8226 CONFIRM |
huawei — espace_8950 | Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of crafted ARP packets. | 2016-01-11 | 7.8 | CVE-2015-8230 CONFIRM |
huawei — espace_7910 | Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers with established sessions to cause a denial of service (device restart) via unspecified packets. | 2016-01-11 | 7.8 | CVE-2015-8231 CONFIRM |
joomla — joomla! | SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors. | 2016-01-12 | 7.5 | CVE-2015-8769 CONFIRM BID |
juniper — screenos | Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service (system crash) or execute arbitrary code via crafted SSH negotiation. | 2016-01-08 | 9.3 | CVE-2015-7754 SECTRACK BID CONFIRM |
libtiff_project — libtiff | The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image. | 2016-01-08 | 7.5 | CVE-2015-7554 BUGTRAQ MLIST FULLDISC MISC |
libtiff_project — libtiff | Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image. | 2016-01-08 | 7.5 | CVE-2015-8668 BUGTRAQ MISC |
mcafee — epolicy_orchestrator | Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041, and 5.3.x before 5.3.1 Hotfix 1106041 allow remote attackers to execute arbitrary code via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | 2016-01-08 | 7.5 | CVE-2015-8765 CERT-VN CONFIRM |
microsoft — jscript | The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka “Scripting Engine Memory Corruption Vulnerability.” | 2016-01-13 | 9.3 | CVE-2016-0002 MS MS |
microsoft — edge | Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka “Microsoft Edge Memory Corruption Vulnerability.” | 2016-01-13 | 9.3 | CVE-2016-0003 MS |
microsoft — windows_10 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka “Win32k Remote Code Execution Vulnerability.” | 2016-01-13 | 9.3 | CVE-2016-0009 MS |
microsoft — excel_for_mac | Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.” | 2016-01-13 | 9.3 | CVE-2016-0010 MS |
microsoft — windows_10 | DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka “DirectShow Heap Corruption Remote Code Execution Vulnerability.” | 2016-01-13 | 9.3 | CVE-2016-0015 MS |
microsoft — windows_10 | The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password accounts via a modified RDP client, aka “Windows Remote Desktop Protocol Security Bypass Vulnerability.” | 2016-01-13 | 9.3 | CVE-2016-0019 MS |
microsoft — windows_7 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka “MAPI DLL Loading Elevation of Privilege Vulnerability.” | 2016-01-13 | 7.2 | CVE-2016-0020 MS |
microsoft — edge | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka “Scripting Engine Memory Corruption Vulnerability.” | 2016-01-13 | 9.3 | CVE-2016-0024 MS |
microsoft — silverlight | Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a denial of service (object-header corruption) via a crafted web site, aka “Silverlight Runtime Remote Code Execution Vulnerability.” | 2016-01-13 | 9.3 | CVE-2016-0034 MS |
microsoft — excel | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.” | 2016-01-13 | 9.3 | CVE-2016-0035 MS |
owncloud — owncloud | ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php. | 2016-01-08 | 7.5 | CVE-2016-1499 MISC CONFIRM |
pygments — pygments | The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name. | 2016-01-08 | 9.3 | CVE-2015-8557 MISC UBUNTU MLIST MLIST FULLDISC MISC |
qemu — qemu | The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section. | 2016-01-12 | 7.8 | CVE-2015-1779 MLIST MLIST MLIST UBUNTU SECTRACK BID MLIST MLIST DEBIAN REDHAT REDHAT SUSE SUSE FEDORA FEDORA |
sap — afaria | SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to “Insecure signature,” aka SAP Security Note 2134905. | 2016-01-08 | 9.4 | CVE-2015-8753 MISC |
zarafa — zarafa_collaboration_platform | zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*. | 2016-01-11 | 7.2 | CVE-2015-6566 CONFIRM CONFIRM CONFIRM FEDORA |
Medium Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
acquia — mollom | The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors. | 2016-01-08 | 5.0 | CVE-2015-8754 MISC CONFIRM |
adobe — acrobat | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FileAttachment annotation, a different vulnerability than CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. | 2016-01-14 | 6.8 | CVE-2016-0931 CONFIRM MISC |
adobe — acrobat | Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0934, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941. | 2016-01-14 | 6.8 | CVE-2016-0932 CONFIRM MISC |
adobe — acrobat | Use-after-free vulnerability in AGM.dll in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2016-0932, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941. | 2016-01-14 | 6.8 | CVE-2016-0934 CONFIRM MISC |
adobe — acrobat | Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted ExtGState dictionary. | 2016-01-14 | 6.8 | CVE-2016-0935 CONFIRM MISC |
adobe — acrobat | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. | 2016-01-14 | 6.8 | CVE-2016-0939 CONFIRM MISC |
adobe — acrobat | Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0940. | 2016-01-14 | 6.8 | CVE-2016-0941 CONFIRM MISC |
adobe — acrobat | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X mishandle the Global object, which allows attackers to bypass JavaScript API execution restrictions via unspecified vectors. | 2016-01-14 | 6.8 | CVE-2016-0943 CONFIRM MISC |
apple — mac_os_x | Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass intended Gatekeeper restrictions and gain privileges via a Trojan horse program that is loaded from an unexpected directory by an application that has a valid Apple digital signature. | 2016-01-11 | 6.9 | CVE-2015-7024 CONFIRM APPLE |
apple — quicktime | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | 2016-01-08 | 6.8 | CVE-2015-7085 CONFIRM APPLE |
apple — quicktime | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | 2016-01-08 | 6.8 | CVE-2015-7086 CONFIRM APPLE |
apple — quicktime | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | 2016-01-08 | 6.8 | CVE-2015-7087 CONFIRM APPLE |
apple — quicktime | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | 2016-01-08 | 6.8 | CVE-2015-7088 CONFIRM APPLE |
apple — quicktime | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | 2016-01-08 | 6.8 | CVE-2015-7089 CONFIRM APPLE |
apple — quicktime | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | 2016-01-08 | 6.8 | CVE-2015-7090 CONFIRM APPLE |
apple — quicktime | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7092, and CVE-2015-7117. | 2016-01-08 | 6.8 | CVE-2015-7091 CONFIRM APPLE |
apple — quicktime | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted TXXX frame within an ID3 tag in MP3 data in a movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, and CVE-2015-7117. | 2016-01-08 | 6.8 | CVE-2015-7092 CONFIRM MISC APPLE |
apple — apple_tv | libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7116. | 2016-01-09 | 4.3 | CVE-2015-7115 CONFIRM CONFIRM CONFIRM APPLE APPLE APPLE |
apple — apple_tv | libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7115. | 2016-01-09 | 4.3 | CVE-2015-7116 CONFIRM CONFIRM CONFIRM APPLE APPLE APPLE |
apple — quicktime | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, and CVE-2015-7092. | 2016-01-08 | 6.8 | CVE-2015-7117 CONFIRM APPLE |
avm — fritz!_os | Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message. | 2016-01-12 | 4.3 | CVE-2015-7242 CONFIRM BUGTRAQ MISC MISC |
bluecoat — advanced_secure_gateway | Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in conjunction with a “clear text” one in a coaching page, as demonstrated by “http://www.%humbug-URL%.local/bluecoat-splash-API?%BASE64-URL%.” | 2016-01-08 | 5.8 | CVE-2015-8597 CONFIRM SECTRACK MISC |
f5 — big-ip_access_policy_manager | dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors. | 2016-01-12 | 6.9 | CVE-2015-7393 CONFIRM SECTRACK SECTRACK |
f5 — big-ip_access_policy_manager | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP profile for a virtual server is configured with Congestion Metrics Cache enabled, allow remote attackers to cause a denial of service (Traffic Management Microkernel (TMM) restart) via crafted ICMP packets, related to Path MTU (PMTU) discovery. | 2016-01-12 | 4.3 | CVE-2015-7759 CONFIRM SECTRACK |
ffmpeg — ffmpeg | FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file. | 2016-01-14 | 4.3 | CVE-2016-1897 MLIST MISC MISC |
firebirdsql — firebird | FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter. | 2016-01-13 | 4.0 | CVE-2016-1569 MLIST MLIST CONFIRM CONFIRM |
huawei — vcn500 | The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 does not properly invalidate the session ID when an “abnormal exit” occurs, which allows remote attackers to conduct replay attacks via the session ID. | 2016-01-11 | 5.8 | CVE-2015-8331 CONFIRM |
huawei — vcn500 | The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 allows remote authenticated users to change the IP address of the media server via crafted packets. | 2016-01-11 | 5.5 | CVE-2015-8333 CONFIRM |
huawei — vcn500 | Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows remote authenticated users to obtain sensitive information by triggering log generation and then reading the log. | 2016-01-11 | 4.0 | CVE-2015-8335 CONFIRM |
ibm — websphere_commerce | Multiple open redirect vulnerabilities in the Aurora starter store in IBM WebSphere Commerce 7.0 through Feature Pack 8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referrer parameter. | 2016-01-09 | 5.8 | CVE-2015-7397 CONFIRM CONFIRM AIXAPAR |
ibm — integration_bus | IBM WebSphere Message Broker 7 before 7.0.0.8 and 8 before 8.0.0.6 and IBM Integration Bus 9 before 9.0.0.3 and 10 before 10.0.0.0 allow remote attackers to obtain sensitive information about the HTTP server via unspecified vectors. | 2016-01-11 | 5.0 | CVE-2015-7399 CONFIRM AIXAPAR |
ibm — jazz_reporting_service | Cross-site request forgery (CSRF) vulnerability in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 2016-01-09 | 6.8 | CVE-2015-7465 CONFIRM |
ibm — jazz_reporting_service | Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended query restrictions or modify the LDAP directory, via unspecified vectors. | 2016-01-09 | 4.0 | CVE-2015-7466 CONFIRM |
microsoft — sharepoint_foundation | Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka “Microsoft SharePoint Security Feature Bypass,” a different vulnerability than CVE-2016-0011. | 2016-01-13 | 4.3 | CVE-2015-6117 MS |
microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka “Internet Explorer Elevation of Privilege Vulnerability.” | 2016-01-13 | 4.3 | CVE-2016-0005 MS |
microsoft — windows_10 | The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka “Windows Mount Point Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0007. | 2016-01-13 | 6.9 | CVE-2016-0006 MS |
microsoft — windows_10 | The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka “Windows Mount Point Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0006. | 2016-01-13 | 6.9 | CVE-2016-0007 MS |
microsoft — windows_7 | The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka “Windows GDI32.dll ASLR Bypass Vulnerability.” | 2016-01-13 | 4.3 | CVE-2016-0008 MS |
microsoft — excel | Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office 2016, Excel 2016, PowerPoint 2016, Visio 2016, Word 2016, and Visual Basic 6.0 Runtime allow remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka “Microsoft Office ASLR Bypass.” | 2016-01-13 | 4.3 | CVE-2016-0012 MS |
microsoft — windows_10 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka “DLL Loading Elevation of Privilege Vulnerability.” | 2016-01-13 | 6.9 | CVE-2016-0014 MS |
microsoft — windows_10 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka “DLL Loading Remote Code Execution Vulnerability.” | 2016-01-13 | 6.9 | CVE-2016-0016 MS |
microsoft — windows_10 | Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka “DLL Loading Remote Code Execution Vulnerability.” | 2016-01-13 | 6.9 | CVE-2016-0018 MS |
microsoft — exchange_server | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Exchange Spoofing Vulnerability,” a different vulnerability than CVE-2016-0031. | 2016-01-13 | 4.3 | CVE-2016-0029 MS |
microsoft — exchange_server | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, and 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Exchange Spoofing Vulnerability.” | 2016-01-13 | 4.3 | CVE-2016-0030 MS |
microsoft — exchange_server | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Exchange Spoofing Vulnerability,” a different vulnerability than CVE-2016-0029. | 2016-01-13 | 4.3 | CVE-2016-0031 MS |
microsoft — exchange_server | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, 2013 Cumulative Update 11, and 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Exchange Spoofing Vulnerability.” | 2016-01-13 | 4.3 | CVE-2016-0032 MS |
mozilla — firefox_os | Cross-site scripting (XSS) vulnerability in the internationalization feature in the default homescreen app in Mozilla Firefox OS before 2.5 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted web site that is mishandled during “Add to home screen” bookmarking. | 2016-01-08 | 4.3 | CVE-2015-8510 CONFIRM CONFIRM |
mozilla — firefox_os | Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors. | 2016-01-08 | 6.9 | CVE-2015-8511 CONFIRM CONFIRM |
nex-forms_lite_project — nex-forms_lite | Multiple cross-site scripting (XSS) vulnerabilities in the NEX-Forms Lite plugin 2.1.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the form_fields parameter in a (1) do_edit or (2) do_insert action to wp-admin/admin-ajax.php. | 2016-01-08 | 4.3 | CVE-2014-7151 MISC MISC |
opencart — opencart | Cross-site scripting (XSS) vulnerability in OpenCart before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the zone_id parameter to index.php. | 2016-01-12 | 4.3 | CVE-2015-4671 CONFIRM CONFIRM MISC |
owncloud — owncloud | Cross-site scripting (XSS) vulnerability in the OCS discovery provider component in ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a URL. | 2016-01-08 | 4.3 | CVE-2016-1498 CONFIRM |
owncloud — owncloud | ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authenticated users to obtain sensitive information via unspecified vectors, which reveals the installation path in the resulting exception messages. | 2016-01-08 | 4.0 | CVE-2016-1501 CONFIRM |
phusionpassenger — phusion_passenger | agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an _ (underscore) character instead of a – (dash) character in an HTTP header, as demonstrated by an X_User header. | 2016-01-08 | 4.3 | CVE-2015-7519 CONFIRM CONFIRM CONFIRM MLIST MLIST SUSE |
python — python | The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack. | 2016-01-13 | 5.0 | CVE-2016-1494 MISC CONFIRM MLIST MLIST |
qemu — qemu | Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet. | 2016-01-08 | 6.8 | CVE-2015-7512 SECTRACK BID MLIST CONFIRM |
quassel-irc — quassel | The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the “/op *” command in a query. | 2016-01-08 | 5.0 | CVE-2015-8547 CONFIRM CONFIRM MLIST MLIST SUSE |
ssp-europe — secure_data_space | Multiple cross-site scripting (XSS) vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to api/v3/public/shares/downloads/, the (2) authType parameter to api/v3/auth/login, or the (3) login parameter to api/v3/auth/reset_password. | 2016-01-11 | 4.3 | CVE-2015-7706 CONFIRM BUGTRAQ FULLDISC MISC |
symphony-cms — symphony_cms | Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Navigation Group, or (3) Label parameter to blueprints/sections/edit/1. | 2016-01-08 | 4.3 | CVE-2015-8376 FULLDISC FULLDISC |
symphony-cms — symphony_cms | Multiple cross-site scripting (XSS) vulnerabilities in content/content.systempreferences.php in Symphony CMS before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via the (1) email_sendmail[from_name], (2) email_sendmail[from_address], (3) email_smtp[from_name], (4) email_smtp[from_address], (5) email_smtp[host], (6) email_smtp[port], (7) jit_image_manipulation[trusted_external_sites], or (8) maintenance_mode[ip_whitelist] parameters to system/preferences. | 2016-01-08 | 4.3 | CVE-2015-8766 CONFIRM CONFIRM FULLDISC |
titan_framework_project — titan_framework | Multiple cross-site scripting (XSS) vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to iframe-googlefont-preview.php or the (2) text parameter to iframe-font-preview.php. | 2016-01-08 | 4.3 | CVE-2014-6444 MISC MISC |
typo3 — typo3 | Cross-site scripting (XSS) vulnerability in the Extension Manager in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to extension data during an extension installation. | 2016-01-08 | 4.3 | CVE-2015-8757 SECTRACK BID CONFIRM |
typo3 — typo3 | The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka “Cross-Site Flashing.” | 2016-01-08 | 4.3 | CVE-2015-8760 SECTRACK BID CONFIRM |
values_project — values | The Values module 7.x-1.x before 7.x-1.2 for Drupal does not properly check permissions, which allows remote administrators with the “Import value sets” permission to execute arbitrary PHP code via the exported values list in a ctools import. | 2016-01-08 | 6.0 | CVE-2015-8761 MISC CONFIRM BID CONFIRM |
zip_attachments_project — zip_attachments | Directory traversal vulnerability in download.php in the Zip Attachments plugin before 1.5.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the za_file parameter. | 2016-01-08 | 5.0 | CVE-2015-4694 CONFIRM MISC MISC MISC MLIST MLIST |
Low Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
atlassian — jira | Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA Service Desk 3.0.3 installer attaches the wrong image to e-mail notifications when a user views an issue with inline wiki markup referencing an image attachment, which might allow remote attackers to obtain sensitive information by updating a different issue that includes wiki markup for an external image reference. | 2016-01-08 | 3.5 | CVE-2015-8481 CONFIRM CONFIRM BID |
field_group_project — field_group | Cross-site scripting (XSS) vulnerability in the Field Group module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with permission to configure field display settings to inject arbitrary web script or HTML via an element attribute. | 2016-01-08 | 3.5 | CVE-2016-1565 MISC CONFIRM |
gummi_project — gummi | Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux. | 2016-01-08 | 2.1 | CVE-2015-7758 CONFIRM MLIST MLIST SUSE |
huawei — document_security_management | Huawei Document Security Management (DSM) with software before V100R002C05SPC661 does not clear the clipboard when closing a secure file, which allows local users to obtain sensitive information by pasting the contents to another file. | 2016-01-08 | 2.1 | CVE-2015-8303 CONFIRM |
microsoft — sharepoint_foundation | Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka “Microsoft SharePoint Security Feature Bypass,” a different vulnerability than CVE-2015-6117. | 2016-01-13 | 3.5 | CVE-2016-0011 MS |
mozilla — firefox_os | The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proximate attackers to obtain access by entering many passcode guesses. | 2016-01-08 | 2.1 | CVE-2015-8512 CONFIRM CONFIRM |
owncloud — owncloud | ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2, when the “file_versions” application is enabled, does not properly check the return value of getOwner, which allows remote authenticated users to read the files with names starting with “.v” and belonging to a sharing user by leveraging an incoming share. | 2016-01-08 | 3.5 | CVE-2016-1500 CONFIRM |
puppetlabs — puppet_enterprise | Puppet Server in Puppet Enterprise before 3.8.x before 3.8.3 and 2015.2.x before 2015.2.3 uses world-readable permissions for the private key of the Certification Authority (CA) certificate during the initial installation and configuration, which might allow local users to obtain sensitive information via unspecified vectors. | 2016-01-08 | 1.9 | CVE-2015-7328 CONFIRM |
typo3 — typo3 | Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors. | 2016-01-08 | 3.5 | CVE-2015-8755 SECTRACK BID CONFIRM |
typo3 — typo3 | Cross-site scripting (XSS) vulnerability in the search result view in the Indexed Search (indexed_search) component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrary web script or HTML via unspecified vectors. | 2016-01-08 | 3.5 | CVE-2015-8756 SECTRACK CONFIRM |
typo3 — typo3 | Multiple cross-site scripting (XSS) vulnerabilities in unspecified frontend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors. | 2016-01-08 | 3.5 | CVE-2015-8758 SECTRACK BID CONFIRM |
typo3 — typo3 | Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field. | 2016-01-08 | 3.5 | CVE-2015-8759 BID CONFIRM |
xen — xen | The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback method, which allows local HVM guest OS users to cause a denial of service via a large number of changes to the callback method (HVM_PARAM_CALLBACK_IRQ). | 2016-01-08 | 2.1 | CVE-2015-8615 CONFIRM SECTRACK |
This product is provided subject to this Notification and this Privacy & Use policy.