|
Home | Forums | Gallery | Register | Video Directory | FAQ | Members List | Calendar | Games | Today's Posts | Search | Chat Room |
|
Thread Tools | Display Modes |
#1
|
||||
|
||||
SB16-298: Vulnerability Summary for the Week of October 17, 2016
SB16-298: Vulnerability Summary for the Week of October 17, 2016
10-24-2016 07:43 AM Original release date: October 24, 2016 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
High Vulnerabilities Primary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoibm -- security_guardiumSQL injection vulnerability in IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.2016-10-167.5CVE-2016-0249 CONFIRMlinux -- linux_kernelmm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.2016-10-167.2CVE-2015-3288 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRMlinux -- linux_kernelThe IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666.2016-10-167.8CVE-2016-7039 MLIST CONFIRM CONFIRMlinux -- linux_kernelThe arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.2016-10-167.2CVE-2016-7425 CONFIRM MLIST MLIST MLIST CONFIRM CONFIRM CONFIRMlinux -- linux_kernelThe IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039.2016-10-167.8CVE-2016-8666 CONFIRM MLIST CONFIRM CONFIRM CONFIRMBack to top Medium Vulnerabilities Primary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infohuge-it -- portfolio_gallery_managerHuge-IT Portfolio Gallery manager v1.1.5 SQL Injection and XSS2016-10-216.5CVE-2016-1000115 MISC MISChuge-it -- portfolio_gallery_managerHuge-IT Portfolio Gallery manager v1.1.5 SQL Injection and XSS2016-10-216.5CVE-2016-1000116 MISC MISChuge-it -- slideshowXSS & SQLi in HugeIT slideshow v1.0.42016-10-216.5CVE-2016-1000117 MISC MISChuge-it -- slideshowXSS & SQLi in HugeIT slideshow v1.0.42016-10-216.5CVE-2016-1000118 MISC MISChuge-it -- catalogSQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla2016-10-216.5CVE-2016-1000119 MISC MISCibm -- cloud_orchestratorOpen redirect vulnerability in IBM Cloud Orchestrator 2.4.x before 2.4.0 FP3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.2016-10-165.8CVE-2016-0204 CONFIRMisc -- bindISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malformed options data in an OPT resource record.2016-10-215.0CVE-2016-2848 CONFIRM CONFIRM CONFIRMlinux -- linux_kernelfs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service (dentry reference leak) via filesystem operations on a large file in a lower overlayfs layer.2016-10-164.9CVE-2015-8953 CONFIRM CONFIRM MLIST CONFIRM CONFIRMlinux -- linux_kerneldrivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation.2016-10-164.9CVE-2016-6327 CONFIRM CONFIRM MLIST CONFIRM CONFIRMlinux -- linux_kernelThe tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.2016-10-164.9CVE-2016-6828 CONFIRM CONFIRM MLIST CONFIRM CONFIRMlinux -- linux_kernelThe proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.2016-10-164.9CVE-2016-7042 MLIST CONFIRMlinux -- linux_kernelStack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket.2016-10-165.6CVE-2016-8658 CONFIRM CONFIRM MLIST CONFIRM CONFIRMlinux -- linux_kernelThe XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a "page lock order bug in the XFS seek hole/data implementation."2016-10-164.9CVE-2016-8660 MLIST CONFIRMBack to top Low Vulnerabilities Primary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infolinux -- linux_kernelThe mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to cause a denial of service (soft lockup) via filesystem operations in environments that use many attributes, as demonstrated by Ceph and Samba.2016-10-162.1CVE-2015-8952 CONFIRM CONFIRM CONFIRM MLIST MLIST CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRMlinux -- linux_kernelThe filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.2016-10-163.6CVE-2016-7097 CONFIRM MLIST MLIST MLIST CONFIRM CONFIRMBack to top Severity Not Yet Assigned Primary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoadobe -- acrobat_and_readerAdobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7853, and CVE-2016-7854.2016-10-21not yet calculatedCVE-2016-7852 CONFIRMadobe -- acrobat_and_readerAdobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852, and CVE-2016-7854.2016-10-21not yet calculatedCVE-2016-7853 CONFIRMadobe -- acrobat_and_readerAdobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852, and CVE-2016-7853.2016-10-21not yet calculatedCVE-2016-7854 CONFIRMibm -- rqm_and_rclmIBM Rational Quality Manager (RQM) and Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.x before 4.0.7 iFix11, 5.x before 5.0.2 iFix17, and 6.x before 6.0.1 ifix3 allow remote authenticated users to execute arbitrary OS commands via a crafted "HTML request."2016-10-21not yet calculatedCVE-2016-0326 CONFIRMibm -- security_guardianCross-site scripting (XSS) vulnerability in IBM Security Guardium 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.2016-10-21not yet calculatedCVE-2016-0246 CONFIRMibm -- security_guardianIBM Security Guardium 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows local users to obtain sensitive cleartext information via unspecified vectors, as demonstrated by password information.2016-10-21not yet calculatedCVE-2016-0247 CONFIRMibm -- security_guardianIBM Security Guardium 10.x through 10.1 before p100 allows remote authenticated users to obtain sensitive information by reading an Application Error message.2016-10-21not yet calculatedCVE-2016-0242 CONFIRMibm -- security_guardian_database_activity_monitorIBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP.2016-10-21not yet calculatedCVE-2016-0240 CONFIRMibm -- security_guardian_database_activity_monitorIBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP.2016-10-21not yet calculatedCVE-2016-0241 CONFIRMibm -- security_guardian_database_activity_monitorIBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows local users to obtain administrator privileges for command execution via unspecified vectors.2016-10-21not yet calculatedCVE-2016-0328 CONFIRMibm -- security_guardian_database_activity_monitorIBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors.2016-10-21not yet calculatedCVE-2016-0239 CONFIRMibm -- security_guardian_database_activity_monitorIBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to execute arbitrary commands with root privileges via the search field.2016-10-21not yet calculatedCVE-2016-0236 CONFIRMibm -- websphere_application_serverThe Administrative Console in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, and 8.5.x before 8.5.5.10 mishandles CSRFtoken cookies, which allows remote authenticated users to obtain sensitive information via unspecified vectors.2016-10-21not yet calculatedCVE-2016-0377 AIXAPAR CONFIRMBack to top This product is provided subject to this Notification and this Privacy & Use policy. More... |
Sponsored Links |
|