chat Archives - Page 2 of 6 - FuzzGuardFuzzGuard [PDF]

Support (https://www.fuzzguard.com.au/support/)

Login

HOME (HTTPS://WWW.FUZZGUARD.COM.AU/) (https://www.fuzzguard.com.au)

WEBMAIL Home (https://www.fuzzguard.com.au/) » News (https://www.fuzzguard.com.au/news-articles/) » chat

(HTTPS://WEBMAIL.FUZZGUARD.COM.AU/)

27 Jan

NEWS Malwarebytes releases new Anti-Ransomware (HTTPS://WWW.FUZZGUARD.COM.AU/NEWS-ARTICLES/) Beta Software (https://www.fuzzguard.com.au/newsarticles/malwarebytes-releases-new-antiPLUGINS ransomware-beta-software/) (HTTPS://WWW.FUZZGUARD.COM.AU/PLUGINS/) Today Malwarebytes released their latest security offering called Malwarebytes Anti-Ransomware. Malwarebytes AntiRansomware, or MBARW for short, is currently in beta and is a small utility that runs in the background while quietly monitoring computer for behavior associated with file encrypting ransomware. […] Source: Bleeping Computer CONTACT US Originally Posted: Malwarebytes releases new Anti-Ransomware Beta Software (HTTPS://WWW.FUZZGUARD.COM.AU/CONTACT/) (http://www.bleepingcomputer.com/news/security/malwarebytes-releases-new-anti-ransomware-beta-software/)

27 Jan

Emsisoft releases Decrypter for the LeChiffre Ransomware (https://www.fuzzguard.com.au/newsarticles/emsisoft-releases-decrypter-for-thelechiffre-ransomware/) A vulnerability for the LeChiffre ransomware has been discovered that allows Fabian Wosar of Emsisoft to create a free decryptor for it. This articles explains how to use the decrypter to recover files encrypted by LeChiffre for free. […] Source: Bleeping Computer Originally Posted: Emsisoft releases Decrypter for the LeChiffre Ransomware (http://www.bleepingcomputer.com/news/security/emsisoft-releases-decrypter-for-the-lechiffre-ransomware/)

27 Jan

New Deal: Pay What You Want: Learn to Code 2016 Course Bundle (https://www.fuzzguard.com.au/newsarticles/new-deal-pay-what-you-want-learn-tocode-2016-course-bundle/) We have a new deal today for a Pay What You Want: Learn to Code 2016 Bundle where 10% of the proceeds go to the Save the Children charity. With the Pay What You Want bundles, you are able to get the following courses for as little as you want to pay while helping charities. […] Source: Bleeping Computer Originally Posted: New Deal: Pay What You Want: Learn to Code 2016 Course Bundle (http://www.bleepingcomputer.com/offer/deals/new-deal-pay-what-you-want-learn-to-code-2016-course-bundle/)

24 Jan

Emsisoft releases Decrypter for the Randamant Ransomware Kit (https://www.fuzzguard.com.au/newsarticles/emsisoft-releases-decrypter-for-therandamant-ransomware-kit/) Last week we wrote about a new ransomware called the Ramadant Ransomware Kit that was encrypting files and adding the .RDM extension. Fabian Wosar, of Emsisoft, further analyzed the infection and was able to find a weakness in the encryption algorithm so that victim’s can recover their files for free. […] Source: Bleeping Computer Originally Posted: Emsisoft releases Decrypter for the Randamant Ransomware Kit (http://www.bleepingcomputer.com/news/security/emsisoft-releases-decrypter-for-the-randamant-ransomwarekit/)

24 Jan

New Deal: 98% off the Complete CCNA, CCNP andamp; Red Hat Certification Training Bundle (https://www.fuzzguard.com.au/newsarticles/new-deal-98-off-the-complete-ccnaccnp-andamp-red-hat-certification-trainingbundle/) A new deal was released for 98% off of the Complete CCNA, CCNP & Red Hat Certification Training Bundle. These courses normally go for $2,888.00, but have been discounted 98% to $49.00 USD. […] Source: Bleeping Computer Originally Posted: New Deal: 98% off the Complete CCNA, CCNP andamp; Red Hat Certification Training Bundle (http://www.bleepingcomputer.com/news/deals/new-deal-98-percent-off-the-complete-ccna-ccnp-and-red-hatcertification-training-bundle/)

24 Jan

Call for Papers: VB2016 Denver (https://www.fuzzguard.com.au/newsarticles/call-for-papers-vb2016-denver-29/) VB seeks submissions for the 26th Virus Bulletin Conference. Virus Bulletin is seeking submissions from those wishing to present papers at VB2016 (/conference/vb2016), which will take place 5 to 7 October 2016 at the Hyatt Regency Denver Hotel in Denver, Colorado, USA. Originally started as an annual gathering of anti-virus experts, the VB conference has since evolved to become one of the world’s leading security conferences, covering a broad range of topics in the realm of IT security. It is also one of the longest-running security conferences, and will celebrate its 26th edition in 2016. (/conference/vb2016) The conference will include a programme of 30-minute presentations running in two concurrent streams. Presentations vary from the very technical to those aimed at a broader security audience. As in previous years, submissions are invited on topics that fall into any of the following areas:

Malware & botnets Anti-malware tools & methods Mobile devices Spam & social networks Hacking & vulnerabilities Network security

Read more (2 paragraphs) (http://www.virusbtn.com/blog/2015/12_22.xml)

Source: Virus Blog Originally Posted: Call for Papers: VB2016 Denver (http://www.virusbtn.com/blog/2015/12_22.xml?rss)

24 Jan

Gomasom .Crypt Ransomware Decrypted (https://www.fuzzguard.com.au/newsarticles/gomasom-crypt-ransomwaredecrypted/) A new ransomware is in the wild that has been dubbed Gomasom (GOogle MAil ranSOM) by Fabian Wosar of Emsisoft due to its use of gmail email addresses in the encrypted file names. This ransomware is particularly destructive as it will not only encrypt data files but will also encrypt executables. […] Source: Bleeping Computer Originally Posted: Gomasom .Crypt Ransomware Decrypted (http://www.bleepingcomputer.com/news/security/gomasom-crypt-ransomware-decrypted/)

24 Jan

SB15-355: Vulnerability Summary for the Week of December 14, 2015 (https://www.fuzzguard.com.au/newsarticles/sb15-355-vulnerability-summary-for-theweek-of-december-14-2015/) Original release date: December 21, 2015 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (http://www.nist.gov) (NIST) National Vulnerability Database (http://nvd.nist.gov) (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (http://www.dhs.gov) (DHS) National Cybersecurity and Communications Integration Center (https://www.uscert.gov/nccic) (NCCIC) / United States Computer Emergency Readiness Team (https://www.us-cert.gov) (USCERT). For modified or updated entries, please visit the NVD (http://nvd.nist.gov), which contains historical vulnerability information. The vulnerabilities are based on the CVE (http://cve.mitre.org/) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (http://nvd.nist.gov/cvss.cfm) (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0 Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9 Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities Primary Vendor — Product

Description

Published

CVSS Score

accunetix — web_vulnerability_scanner

The AcuWVSSchedulerv10 service in Acunetix Web 7.2 Vulnerability Scanner (WVS) before 10 build 20151125 (https://nvd.nist.gov/cvss.cfm 2015-12allows local users to gain privileges via a command version=2&name=CVE-201 17 parameter in the reporttemplate property in a params 4027&vector= JSON object to api/addScan. (AV:L/AC:L/Au:N/C:C/I:C/A:C

apache — commons_collections

Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching – Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

7.5 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 15 6420&vector= (AV:N/AC:L/Au:N/C:P/I:P/A:

apache — tomee

The EjbObjectInputStream class in Apache TomEE allows remote attackers to execute arbitrary commands via a serialized Java stream.

7.5 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 8581&vector= (AV:N/AC:L/Au:N/C:P/I:P/A:

bitrix — mpbuilder

Directory traversal vulnerability in the bitrix.mpbuilder 9.0 module before 1.0.12 for Bitrix allows remote (https://nvd.nist.gov/cvss.cfm 2015-12administrators to include and execute arbitrary local version=2&name=CVE-201 16 files via a .. (dot dot) in the element name of the “work” 8358&vector= array parameter to admin/bitrix.mpbuilder_step2.php. (AV:N/AC:L/Au:S/C:C/I:C/A:

cacti — cacti

SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php.

7.5 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 17 8369&vector= (AV:N/AC:L/Au:N/C:P/I:P/A:

cisco — prime_collaboration_assurance

Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account’s password, aka Bug ID CSCus62707.

9.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 12 6389&vector= (AV:N/AC:L/Au:N/C:P/I:P/A:C

cisco — Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 7.5 epc3928_docsis_3.0_8x4_wireless_residential_ 5.7.1 allow remote attackers to bypass an intended (https://nvd.nist.gov/cvss.cfm 2015-12authentication requirement and execute unspecified version=2&name=CVE-201 13 gateway_with_embedded_digital_voice_adapter administrative functions via a crafted HTTP request, 6401&vector= aka Bug ID CSCux24941. (AV:N/AC:L/Au:N/C:P/I:P/A:

cisco — spa300_firmware

The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x phones 7.5.7 improperly validates firmware-image file integrity, which allows local users to load a Trojan horse image by leveraging shell access, aka Bug ID CSCut67400.

7.2 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 15 6403&vector= (AV:L/AC:L/Au:N/C:C/I:C/A:C

cisco — unified_computing_system

Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect 6200 devices allows remote attackers to cause a denial of service (CPU consumption or device outage) via a SYN flood on the SSH port during the booting process, aka Bug ID CSCuu81757.

7.1 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 12 6415&vector= (AV:N/AC:M/Au:N/C:N/I:N/A:

cisco — application_policy_infrastructure_controller

The boot manager in Cisco Application Policy Infrastructure Controller (APIC) 1.1(0.920a) allows local users to bypass intended access restrictions and obtain single-user-mode root access via unspecified vectors, aka Bug ID CSCuu83985.

7.2 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 18 6424&vector= (AV:L/AC:L/Au:N/C:C/I:C/A:C

cisco — prime_network_services_controller

7.2 Cisco Prime Network Services Controller 3.0 allows (https://nvd.nist.gov/cvss.cfm local users to bypass intended access restrictions and 2015-12version=2&name=CVE-201 execute arbitrary commands via additional parameters 18 6426&vector= to an unspecified command, aka Bug ID CSCus99427. (AV:L/AC:L/Au:N/C:C/I:C/A:C

cool_video_gallery_project — cool_video_gallery

lib/core.php in the Cool Video Gallery plugin 1.9 for 7.5 WordPress allows remote attackers to execute (https://nvd.nist.gov/cvss.cfm 2015-12arbitrary code via shell metacharacters in the “Width of version=2&name=CVE-201 17 preview image” and possibly other input fields in the 7527&vector= “Video Gallery Settings” page. (AV:N/AC:L/Au:N/C:P/I:P/A:

gnu — glibc

The get_contents function in nss_files/files-XXX.c in the 7.2 Name Service Switch (NSS) in GNU C Library (aka (https://nvd.nist.gov/cvss.cfm 2015-12glibc or libc6) before 2.20 might allow local users to version=2&name=CVE-201 17 cause a denial of service (heap corruption) or gain 5277&vector= privileges via a long line in the NSS files database. (AV:L/AC:L/Au:N/C:C/I:C/A:C

google — chrome

The ObjectBackedNativeHandler class in extensions/renderer/object_backed_native_handler.cc 10.0 in the extensions subsystem in Google Chrome before (https://nvd.nist.gov/cvss.cfm 2015-1247.0.2526.80 improperly implements handler functions, version=2&name=CVE-201 14 which allows remote attackers to cause a denial of 6788&vector= service or possibly have unspecified other impact via (AV:N/AC:L/Au:N/C:C/I:C/A: vectors that leverage “type confusion.”

google — chrome

Race condition in the MutationObserver 9.3 implementation in Blink, as used in Google Chrome (https://nvd.nist.gov/cvss.cfm before 47.0.2526.80, allows remote attackers to cause 2015-12version=2&name=CVE-201 a denial of service (use-after-free) or possibly have 14 6789&vector= unspecified other impact by leveraging unanticipated (AV:N/AC:M/Au:N/C:C/I:C/A: object deletion.

google — chrome

Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.80 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

google — chrome

Multiple unspecified vulnerabilities in Google V8 before 10.0 4.7.80.23, as used in Google Chrome before (https://nvd.nist.gov/cvss.cfm 2015-1247.0.2526.80, allow attackers to cause a denial of version=2&name=CVE-201 14 service or possibly have other impact via unknown 8548&vector= vectors, a different issue than CVE-2015-8478. (AV:N/AC:L/Au:N/C:C/I:C/A:

isc — bind

Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors.

7.1 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 8461&vector= (AV:N/AC:M/Au:N/C:N/I:N/A:

joomla — joomla!

Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.

7.5 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 8562&vector= (AV:N/AC:L/Au:N/C:P/I:P/A:

joomla — joomla!

Directory traversal vulnerability in Joomla! 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via directory traversal sequences in the XML install file in an extension package archive.

7.5 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 8564&vector= (AV:N/AC:L/Au:N/C:P/I:P/A:

joomla — joomla!

Directory traversal vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via unknown vectors.

7.5 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 8565&vector= (AV:N/AC:L/Au:N/C:P/I:P/A:

joomla — session

The Session package 1.x before 1.3.1 for Joomla! Framework allows remote attackers to execute arbitrary code via unspecified session values.

7.5 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 8566&vector= (AV:N/AC:L/Au:N/C:P/I:P/A:

lepide — active_directory_self_service

7.4 The password reset functionality in Lepide Active (https://nvd.nist.gov/cvss.cfm Directory Self Service allows remote authenticated 2015-12version=2&name=CVE-201 users to change arbitrary domain user passwords via a 15 8570&vector= crafted request. (AV:A/AC:M/Au:S/C:C/I:C/A:

linuxfoundation — cups-filters

Incomplete blacklist vulnerability in util.c in foomatic-rip 7.5 in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters (https://nvd.nist.gov/cvss.cfm 2015-12in Foomatic 4.0.x allows remote attackers to execute version=2&name=CVE-201 17 arbitrary commands via ` (backtick) characters in a 8327&vector= print job. (AV:N/AC:L/Au:N/C:P/I:P/A:

mozilla — firefox

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7201&vector= (AV:N/AC:L/Au:N/C:C/I:C/A:

mozilla — firefox

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7202&vector= (AV:N/AC:L/Au:N/C:C/I:C/A:

mozilla — firefox

Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font-family name.

10.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7203&vector= (AV:N/AC:L/Au:N/C:C/I:C/A:

mozilla — firefox

Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla 10.0 Firefox before 43.0 and Firefox ESR 38.x before 38.5 (https://nvd.nist.gov/cvss.cfm 2015-12might allow remote attackers to obtain sensitive version=2&name=CVE-201 16 information, cause a denial of service, or possibly have 7205&vector= unspecified other impact by triggering a crafted (AV:N/AC:L/Au:N/C:C/I:C/A: WebRTC RTP packet.

mozilla — firefox

Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.

mozilla — firefox

Integer overflow in the 7.5 mozilla::layers::BufferTextureClient::AllocateForSurface (https://nvd.nist.gov/cvss.cfm function in Mozilla Firefox before 43.0 and Firefox ESR 2015-12version=2&name=CVE-201 38.x before 38.5 allows remote attackers to execute 16 7212&vector= arbitrary code by triggering a graphics operation that (AV:N/AC:L/Au:N/C:P/I:P/A: requires a large texture allocation.

mozilla — firefox

Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.

mozilla — firefox

Buffer overflow in the nsDeque::GrowCapacity function 10.0 in xpcom/glue/nsDeque.cpp in Mozilla Firefox before (https://nvd.nist.gov/cvss.cfm 2015-1243.0 might allow remote attackers to cause a denial of version=2&name=CVE-201 16 service or possibly have unspecified other impact by 7221&vector= triggering a deque size change. (AV:N/AC:L/Au:N/C:C/I:C/A:

sap — mobile_platform

The SysAdminWebTool servlets in SAP Mobile Platform allow remote attackers to bypass authentication and obtain sensitive information, gain privileges, or have unspecified other impact via unknown vectors, aka SAP Security Note 2227855.

7.5 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 17 8600&vector= (AV:N/AC:L/Au:N/C:P/I:P/A:

xen — xen

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations, which allows ARM guest OS administrators to cause a denial of service (CPU consumption, guest reboot, or watchdog timeout and host reboot) and possibly have unspecified other impact via unknown vectors.

7.2 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 17 8338&vector= (AV:L/AC:L/Au:N/C:C/I:C/A:C

xen — xen

The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service (memory and disk consumption) by starting domains.

7.8 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 17 8341&vector= (AV:N/AC:L/Au:N/C:N/I:N/A:

xmlsoft — libxml2

The xmlStringLenDecodeEntities function in parser.c in 7.1 libxml2 before 2.9.3 does not properly prevent entity (https://nvd.nist.gov/cvss.cfm expansion, which allows context-dependent attackers 2015-12version=2&name=CVE-201 to cause a denial of service (CPU consumption) via 15 5312&vector= crafted XML data, a different vulnerability than CVE(AV:N/AC:M/Au:N/C:N/I:N/A: 2014-3660.

10.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 14 6791&vector= (AV:N/AC:L/Au:N/C:C/I:C/A:

7.5 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7210&vector= (AV:N/AC:L/Au:N/C:P/I:P/A:

10.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7220&vector= (AV:N/AC:L/Au:N/C:C/I:C/A:

Back to top (https://www.us-cert.gov#top)

Medium Vulnerabilities Primary Vendor — Product

Description

Published

CVSS Score

apache — cordova_file_transfer

CRLF injection vulnerability in the Apache Cordova File Transfer Plugin (cordova-pluginfile-transfer) for Android before 1.3.0 allows remote attackers to inject arbitrary headers via CRLF sequences in the filename of an uploaded file.

autodesk — design_review

Integer overflow in Autodesk Design Review 6.8 (ADR) before 2013 Hotfix 2 allows remote (https://nvd.nist.gov/cvss.cfm 2015-12attackers to execute arbitrary code via a crafted version=2&name=CVE-201 15 biClrUsed value in a BMP file, which triggers a 8571&vector= buffer overflow. (AV:N/AC:M/Au:N/C:P/I:P/A:

autodesk — design_review

Multiple buffer overflows in Autodesk Design Review (ADR) before 2013 Hotfix 2 allow 6.8 remote attackers to execute arbitrary code via (https://nvd.nist.gov/cvss.cfm 2015-12crafted RLE data in a (1) BMP or (2) FLI file, (3) version=2&name=CVE-201 15 encoded scan lines in a PCX file, or (4) 8572&vector= DataSubBlock or (5) GlobalColorTable in a GIF (AV:N/AC:M/Au:N/C:P/I:P/A: file.

avg — internet_security

AVG Internet Security 2015 allocates memory 6.4 with Read, Write, Execute (RWX) permissions (https://nvd.nist.gov/cvss.cfm at predictable addresses when protecting user- 2015-12version=2&name=CVE-201 mode processes, which allows attackers to 16 8578&vector= bypass the DEP and ASLR protection (AV:N/AC:L/Au:N/C:P/I:P/A:N mechanisms via unspecified vectors.

bitrix — xscan

Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows 6.5 remote authenticated users to rename arbitrary (https://nvd.nist.gov/cvss.cfm 2015-12files, and consequently obtain sensitive version=2&name=CVE-201 16 information or cause a denial of service, via a .. 8357&vector= (dot dot) in the file parameter to (AV:N/AC:L/Au:S/C:P/I:P/A:P admin/bitrix.xscan_worker.php.

cacti — cacti

SQL injection vulnerability in the host_new_graphs_save function in 6.5 graphs_new.php in Cacti 0.8.8f and earlier (https://nvd.nist.gov/cvss.cfm 2015-12allows remote authenticated users to execute version=2&name=CVE-201 15 arbitrary SQL commands via crafted serialized 8377&vector= data in the selected_graphs_array parameter in (AV:N/AC:L/Au:S/C:P/I:P/A:P a save action.

chat_room_project — chat_room

The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions 5.0 when setting up a websocket for chat (https://nvd.nist.gov/cvss.cfm 2015-12messages, which allows remote attackers to version=2&name=CVE-201 17 bypass intended access restrictions and read 8601&vector= messages from arbitrary Chat Rooms via (AV:N/AC:L/Au:N/C:P/I:N/A:N unspecified vectors.

cisco — unified_communications_manager

4.3 Cisco Unified Communications Manager (UCM) (https://nvd.nist.gov/cvss.cfm 8.0 through 8.6 allows remote attackers to 2015-12version=2&name=CVE-201 bypass an XSS protection mechanism via a 15 4206&vector= crafted parameter, aka Bug ID CSCuu15266. (AV:N/AC:M/Au:N/C:N/I:P/A:

cisco — ios

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS 6.1 15.3(3)S0.1 on ASR devices mishandles (https://nvd.nist.gov/cvss.cfm 2015-12internal tables, which allows remote attackers to version=2&name=CVE-201 15 cause a denial of service (memory consumption 6359&vector= or device crash) via a flood of crafted ND (AV:A/AC:L/Au:N/C:N/I:N/A:C messages, aka Bug ID CSCup28217.

4.3 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 17 5204&vector= (AV:N/AC:M/Au:N/C:N/I:P/A:

The administrative web interface on Cisco DPC3939 (XB3) devices with firmware cisco — 121109aCMCST allows remote authenticated dpc3939_wireless_residential_voice_gateway_firmware users to execute arbitrary commands via unspecified fields, aka Bug ID CSCuw86170.

6.5 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 12 6361&vector= (AV:N/AC:L/Au:S/C:P/I:P/A:P

cisco — dpq3925_8x4_docsis_3.0_wireless_residential_

6.8 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 13 6378&vector= (AV:N/AC:M/Au:N/C:P/I:P/A:

gateway_with_embedded_digital_voice_adapter

cisco — prime_service_catalog

Cross-site request forgery (CSRF) vulnerability on Cisco DPQ3925 devices with EDVA 5.5.2 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv05943.

Cisco Prime Service Catalog 10.0, 10.0(R2), 6.5 10.1, and 11.0 does not properly restrict access (https://nvd.nist.gov/cvss.cfm 2015-12to web pages, which allows remote attackers to version=2&name=CVE-201 12 modify the configuration via a direct request, 6395&vector= aka Bug ID CSCuw48188. (AV:N/AC:L/Au:S/C:P/I:P/A:P

The Supervisor 1.0.0.0 and 1.0.0.1 in Cisco Integrated Management Controller (IMC) before 2.0(9) allows remote authenticated cisco — integrated_management_controller_supervisor users to cause a denial of service (IP interface outage) via crafted parameters in an HTTP request, aka Bug ID CSCuv38286.

cisco — emergency_responder

6.8 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 15 6399&vector= (AV:N/AC:L/Au:S/C:N/I:N/A:C

Multiple cross-site scripting (XSS) vulnerabilities 4.3 in Cisco Emergency Responder 10.5(1a) allow (https://nvd.nist.gov/cvss.cfm 2015-12remote attackers to inject arbitrary web script or version=2&name=CVE-201 12 HTML via unspecified fields, aka Bug ID 6400&vector= CSCuv25547. (AV:N/AC:M/Au:N/C:N/I:P/A: Cross-site scripting (XSS) vulnerability in the management interface on Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCux24935.

4.3 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 13 6402&vector= (AV:N/AC:M/Au:N/C:N/I:P/A:

cisco — hosted_collaboration_solution

Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does not use RBAC, which allows remote authenticated users to obtain sensitive credential information by leveraging admin access and making SOAP API requests, aka Bug ID CSCuw84374.

4.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 15 6404&vector= (AV:N/AC:L/Au:S/C:P/I:N/A:N

cisco — emergency_responder

Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and 10.5(1a) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv26501.

6.8 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 12 6405&vector= (AV:N/AC:M/Au:N/C:P/I:P/A:

cisco — emergency_responder

Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 10.5(1.10000.5) allows remote authenticated users to write to arbitrary files via a crafted filename, aka Bug ID CSCuv21781.

4.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 12 6406&vector= (AV:N/AC:L/Au:S/C:N/I:P/A:N

cisco — emergency_responder

Cisco Emergency Responder 10.5(3.10000.9) allows remote attackers to upload files to arbitrary locations via a crafted parameter, aka Bug ID CSCuv25501.

4.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 12 6407&vector= (AV:N/AC:L/Au:S/C:N/I:P/A:N

cisco — unity_connection

Cross-site request forgery (CSRF) vulnerability in Cisco Unity Connection 11.5(0.98) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux24578.

6.8 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 12 6408&vector= (AV:N/AC:M/Au:N/C:P/I:P/A:

cisco — telepresence_video_communication_server_software

The Mobile and Remote Access (MRA) services implementation in Cisco Unified 4.0 Communications Manager mishandles edge(https://nvd.nist.gov/cvss.cfm 2015-12device identity validation, which allows remote version=2&name=CVE-201 13 attackers to bypass intended call-reception and 6410&vector= call-setup restrictions by spoofing a user, aka (AV:N/AC:L/Au:S/C:P/I:N/A:N Bug ID CSCuu97283.

cisco — firepower_management_center

Cisco FirePOWER Management Center 5.4.1.3, 5.0 6.0.0, and 6.0.1 provides verbose responses to (https://nvd.nist.gov/cvss.cfm requests for help files, which allows remote 2015-12version=2&name=CVE-201 attackers to obtain potentially sensitive version 15 6411&vector= information by reading an unspecified field, aka (AV:N/AC:L/Au:N/C:P/I:N/A:N Bug ID CSCux37061.

cisco — telepresence_video_communication_server_software

Cisco TelePresence Video Communication 4.0 Server (VCS) Expressway X8.6 allows remote (https://nvd.nist.gov/cvss.cfm authenticated users to bypass intended read2015-12version=2&name=CVE-201 only restrictions and upload Tandberg Linux 12 6413&vector= Package (TLP) files by visiting an administrative (AV:N/AC:L/Au:S/C:N/I:P/A:N page, aka Bug ID CSCuw55651.

cisco — epc3928_docsis_3.0_8x4_wireless_residential_ gateway_with_embedded_digital_voice_adapter

Cross-site scripting (XSS) vulnerability in Cisco 4.3 Unified Email Interaction Manager and Unified (https://nvd.nist.gov/cvss.cfm 2015-12cisco — unified_web_and_e-mail_interaction_manager Web Interaction Manager 11.0(1) allows remote version=2&name=CVE-201 13 attackers to inject arbitrary web script or HTML 6416&vector= a crafted URL, aka Bug ID CSCuw24479. (AV:N/AC:M/Au:N/C:N/I:P/A:

cisco — videoscape_distribution_suite_service_manager

Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and earlier does not always use RBAC for backend database access, which allows remote authenticated users to read or write to database entries via (1) the GUI or (2) a crafted HTTP request, aka Bug ID CSCuv87025.

cisco — rv016_multi-wan_vpn_firmware

The random-number generator on Cisco Small Business RV routers 4.x and SA500 security 4.3 appliances 2.2.07 does not have sufficient (https://nvd.nist.gov/cvss.cfm 2015-12entropy, which makes it easier for remote version=2&name=CVE-201 12 attackers to determine a TLS key pair via 6418&vector= unspecified computations upon handshake key(AV:N/AC:M/Au:N/C:P/I:N/A: exchange data, aka Bug ID CSCus15224.

cisco — firesight_system_software

Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410.

6.8 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 12 6419&vector= (AV:N/AC:L/Au:S/C:C/I:N/A:N

cisco — unified_communications_domain_manager

The self-service application in Cisco Unified Communications Domain Manager (CUCDM) 10.6(1) allows remote authenticated users to cause a denial of service (subapplication outage) via malformed requests, aka Bug ID CSCuu10981.

4.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 13 6422&vector= (AV:N/AC:L/Au:S/C:N/I:N/A:

cisco — unified_communications_manager

The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.98000.88) allows remote attackers to cause a denial of service (subsystem outage) via invalid session tokens, aka Bug ID CSCul83786.

5.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 6425&vector= (AV:N/AC:L/Au:N/C:N/I:N/A:

cisco — firesight_system_software

Cisco FireSIGHT Management Center allows 5.0 remote attackers to bypass the HTTP attack (https://nvd.nist.gov/cvss.cfm 2015-12detection feature and avoid triggering Snort IDS version=2&name=CVE-201 18 rules via an SSL session that is mishandled 6427&vector= after decryption, aka Bug ID CSCux53437. (AV:N/AC:L/Au:N/C:N/I:P/A:N

cisco — dpq3925_8x4_docsis_3.0_wireless_residential_ gateway_with_embedded_digital_voice_adapter

6.5 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 12 6417&vector= (AV:N/AC:L/Au:S/C:P/I:P/A:P

5.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 18 6428&vector= (AV:N/AC:L/Au:N/C:P/I:N/A:N

Cisco DPQ3925 devices with EDVA r1 Base allow remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCuv03958.

foxitsoftware — phantompdf

Multiple use-after-free vulnerabilities in the (1) 6.8 Print method and (2) App object handling in (https://nvd.nist.gov/cvss.cfm Foxit Reader before 7.2.2 and Foxit 2015-12version=2&name=CVE-201 PhantomPDF before 7.2.2 allow remote 16 8580&vector= attackers to execute arbitrary code via a crafted (AV:N/AC:M/Au:N/C:P/I:P/A: PDF document.

gnu — grub2

Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c, which trigger an “Off-by-two” or “Out of bounds overwrite” memory error.

google — chrome

The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp 4.3 in the page serializer in Google Chrome before (https://nvd.nist.gov/cvss.cfm 2015-1247.0.2526.80 does not properly use HTML version=2&name=CVE-201 14 entities, which might allow remote attackers to 6790&vector= inject arbitrary web script or HTML via a crafted (AV:N/AC:M/Au:N/C:N/I:P/A: document, as demonstrated by a double-quote character inside a single-quoted string.

ibm — websphere_application_server

The Edge Component Caching Proxy in IBM 4.0 WebSphere Application Server (WAS) 8.0 (https://nvd.nist.gov/cvss.cfm before 8.0.0.12 and 8.5 before 8.5.5.8 does not 2015-12version=2&name=CVE-201 properly encrypt data, which allows remote 15 5004&vector= authenticated users to obtain sensitive (AV:N/AC:L/Au:S/C:P/I:N/A:N information via unspecified vectors.

isc — bind

db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.

5.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 8000&vector= (AV:N/AC:L/Au:N/C:N/I:N/A:

joomla — joomla!

Cross-site request forgery (CSRF) vulnerability in the com_templates component in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 8563&vector= (AV:N/AC:M/Au:N/C:P/I:P/A:

kaspersky — total_security_2015

Kaspersky Total Security 2015 15.0.2.361 6.4 allocates memory with Read, Write, Execute (https://nvd.nist.gov/cvss.cfm (RWX) permissions at predictable addresses 2015-12version=2&name=CVE-201 when protecting user-mode processes, which 16 8579&vector= allows attackers to bypass the DEP and ASLR (AV:N/AC:L/Au:N/C:P/I:P/A:N protection mechanisms via unspecified vectors.

mozilla — firefox

Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.

mozilla — firefox

Mozilla Firefox before 43.0 does not properly restrict the availability of IFRAME Resource 5.0 Timing API times, which allows remote (https://nvd.nist.gov/cvss.cfm attackers to bypass the Same Origin Policy and 2015-12version=2&name=CVE-201 obtain sensitive information via crafted 16 7207&vector= JavaScript code that leverages history.back and (AV:N/AC:L/Au:N/C:P/I:N/A:N performance.getEntries calls, a related issue to CVE-2015-1300.

mozilla — firefox

5.0 Mozilla Firefox before 43.0 stores cookies (https://nvd.nist.gov/cvss.cfm containing vertical tab characters, which allows 2015-12version=2&name=CVE-201 remote attackers to obtain sensitive information 16 7208&vector= by reading HTTP Cookie headers. (AV:N/AC:L/Au:N/C:P/I:N/A:N

mozilla — firefox

Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors.

mozilla — firefox

Integer overflow in the MPEG4Extractor::readMetaData function in 6.8 MPEG4Extractor.cpp in libstagefright in Mozilla (https://nvd.nist.gov/cvss.cfm 2015-12Firefox before 43.0 and Firefox ESR 38.x version=2&name=CVE-201 16 before 38.5 on 64-bit platforms allows remote 7213&vector= attackers to execute arbitrary code via a crafted (AV:N/AC:M/Au:N/C:P/I:P/A: MP4 video file that triggers a buffer overflow.

mozilla — firefox

Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.

5.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7214&vector= (AV:N/AC:L/Au:N/C:P/I:N/A:N

mozilla — firefox

The importScripts function in the Web Workers API implementation in Mozilla Firefox before 43.0 allows remote attackers to bypass the Same Origin Policy by triggering use of the nocors mode in the fetch API to attempt resource access that throws an exception, leading to information disclosure after a rethrow.

5.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7215&vector= (AV:N/AC:L/Au:N/C:P/I:N/A:N

mozilla — firefox

The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image.

6.8 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7216&vector= (AV:N/AC:M/Au:N/C:P/I:P/A:

mozilla — firefox

The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image.

4.3 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7217&vector= (AV:N/AC:M/Au:N/C:N/I:N/A:

mozilla — firefox

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.

5.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7218&vector= (AV:N/AC:L/Au:N/C:N/I:N/A:

mozilla — firefox

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a 5.0 denial of service (integer underflow, assertion (https://nvd.nist.gov/cvss.cfm 2015-12failure, and application exit) via a malformed version=2&name=CVE-201 16 PushPromise frame that triggers 7219&vector= decompressed-buffer length miscalculation and (AV:N/AC:L/Au:N/C:N/I:N/A: incorrect memory allocation.

mozilla — firefox

Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.

6.8 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7222&vector= (AV:N/AC:M/Au:N/C:P/I:P/A:

mozilla — firefox

The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site.

4.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7223&vector= (AV:N/AC:H/Au:N/C:P/I:P/A:

ntop — ntopng

ntopng (aka ntop) before 2.2 allows remote 6.0 authenticated users to change the login context (https://nvd.nist.gov/cvss.cfm 2015-12and gain privileges via the user cookie and version=2&name=CVE-201 17 username parameter to 8368&vector= admin/password_reset.lua. (AV:N/AC:M/Au:S/C:P/I:P/A:

php — php

The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist.

php — php

Off-by-one error in the phar_parse_zipfile 6.8 function in ext/phar/zip.c in PHP before 5.5.30 (https://nvd.nist.gov/cvss.cfm and 5.6.x before 5.6.14 allows remote attackers 2015-12version=2&name=CVE-201 to cause a denial of service (uninitialized 11 7804&vector= pointer dereference and application crash) by (AV:N/AC:M/Au:N/C:P/I:P/A: including the / filename in a .zip PHAR archive.

phpmailer_project — phpmailer

Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to 5.0 inject arbitrary SMTP commands via CRLF (https://nvd.nist.gov/cvss.cfm sequences in an (1) email address to the 2015-12version=2&name=CVE-201 validateAddress function in class.phpmailer.php 16 8476&vector= or (2) SMTP command to the sendCommand (AV:N/AC:L/Au:N/C:N/I:P/A:N function in class.smtp.php, a different vulnerability than CVE-2012-0796.

schneider-electric — proclima

Multiple buffer overflows in the F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allow remote 6.8 attackers to execute arbitrary code via the (1) (https://nvd.nist.gov/cvss.cfm 2015-12Attach, (2) DefinedName, (3) version=2&name=CVE-201 15 DefinedNameLocal, (4) ODBCPrepareEx, (5) 7918&vector= ObjCreatePolygon, (6) SetTabbedTextEx, or (7) (AV:N/AC:M/Au:N/C:P/I:P/A: SetValidationRule method, a different vulnerability than CVE-2015-8561.

schneider-electric — proclima

The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.8 6.2 allows remote attackers to execute arbitrary (https://nvd.nist.gov/cvss.cfm code or cause a denial of service (memory 2015-12version=2&name=CVE-201 corruption) via a crafted integer value to the (1) 15 8561&vector= AttachToSS, (2) CopyAll, (3) CopyRange, (4) (AV:N/AC:M/Au:N/C:P/I:P/A: CopyRangeEx, or (5) SwapTable method, a different vulnerability than CVE-2015-7918.

synnefoims — internet_management_software

Cross-site scripting (XSS) vulnerability in 4.3 synnefoclient in Synnefo Internet Management (https://nvd.nist.gov/cvss.cfm Software (IMS) 2015 allows remote attackers to 2015-12version=2&name=CVE-201 inject arbitrary web script or HTML via the 15 8247&vector= plan_name parameter to (AV:N/AC:M/Au:N/C:N/I:P/A: packagehistory/listusagesdata.

theforeman — foreman

Multiple cross-site scripting (XSS) vulnerabilities 4.3 in information popups in Foreman before 1.10.0 (https://nvd.nist.gov/cvss.cfm allow remote attackers to inject arbitrary web 2015-12version=2&name=CVE-201 script or HTML via (1) global parameters, (2) 17 7518&vector= smart class parameters, or (3) smart variables (AV:N/AC:M/Au:N/C:N/I:P/A: in the (a) host or (b) hostgroup edit forms.

xen — xen

The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x 4.7 does not properly hand back pages to a (https://nvd.nist.gov/cvss.cfm 2015-12domain, which might allow guest OS version=2&name=CVE-201 17 administrators to cause a denial of service (host 8339&vector= crash) via unspecified vectors related to domain (AV:L/AC:M/Au:N/C:N/I:N/A: teardown.

xen — xen

The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x 4.7 does not properly release locks, which might (https://nvd.nist.gov/cvss.cfm 2015-12allow guest OS administrators to cause a denial version=2&name=CVE-201 17 of service (deadlock or host crash) via 8340&vector= unspecified vectors, related to (AV:L/AC:M/Au:N/C:N/I:N/A: XENMEM_exchange error handling.

xmlsoft — libxml2

Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.

xmlsoft — libxml2

Heap-based buffer overflow in the 5.0 xmlParseXmlDecl function in parser.c in libxml2 (https://nvd.nist.gov/cvss.cfm before 2.9.3 allows context-dependent 2015-12version=2&name=CVE-201 attackers to cause a denial of service via 15 7498&vector= unspecified vectors related to extracting errors (AV:N/AC:L/Au:N/C:N/I:N/A: after an encoding conversion failure.

xmlsoft — libxml2

Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.

xmlsoft — libxml2

The xmlParseMisc function in parser.c in 5.0 libxml2 before 2.9.3 allows context-dependent (https://nvd.nist.gov/cvss.cfm attackers to cause a denial of service (out-of2015-12version=2&name=CVE-201 bounds heap read) via unspecified vectors 15 7500&vector= related to incorrect entities boundaries and start (AV:N/AC:L/Au:N/C:N/I:N/A: tags.

xmlsoft — libxml2

The xmlNextChar function in libxml2 2.9.2 does 6.4 not properly check the state, which allows (https://nvd.nist.gov/cvss.cfm context-dependent attackers to cause a denial 2015-12version=2&name=CVE-201 of service (heap-based buffer over-read and 15 8241&vector= application crash) or obtain sensitive (AV:N/AC:L/Au:N/C:P/I:N/A: information via crafted XML data.

xmlsoft — libxml2

The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stackbased buffer over-read and application crash) or obtain sensitive information via crafted XML data.

xmlsoft — libxml2

The xmlParseXMLDecl function in parser.c in 5.0 libxml2 before 2.9.3 allows context-dependent (https://nvd.nist.gov/cvss.cfm attackers to obtain sensitive information via an 2015-12version=2&name=CVE-201 (1) unterminated encoding value or (2) 15 8317&vector= incomplete XML declaration in XML data, which (AV:N/AC:L/Au:N/C:P/I:N/A:N triggers an out-of-bounds heap read.

6.9 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 8370&vector= (AV:L/AC:M/Au:N/C:C/I:C/A:

6.8 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7204&vector= (AV:N/AC:M/Au:N/C:P/I:P/A:

5.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 16 7211&vector= (AV:N/AC:L/Au:N/C:N/I:P/A:N

6.8 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 11 7803&vector= (AV:N/AC:M/Au:N/C:P/I:P/A:

5.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 15 7497&vector= (AV:N/AC:L/Au:N/C:N/I:N/A:

5.0 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 15 7499&vector= (AV:N/AC:L/Au:N/C:P/I:N/A:N

5.8 (https://nvd.nist.gov/cvss.cfm 2015-12version=2&name=CVE-201 15 8242&vector= (AV:N/AC:M/Au:N/C:P/I:N/A:

Back to top (https://www.us-cert.gov#top)

Low Vulnerabilities Primary Vendor — Product

apple — iphone_os

Description

Published

CVSS Score

CFNetwork HTTPProtocol in Apple CVE-2015-7094 (http iOS before 9.2 and OS X 2.6 CONFIRM (https://sup before 10.11.2 allows (https://nvd.nist.gov/cvss.cfm? CONFIRM (https://sup 2015-12man-in-the-middle version=2&name=CVE-2015- APPLE (http://lists.app 11 attackers to bypass the 7094&vector= announce/2015/Dec/m HSTS protection (AV:N/AC:H/Au:N/C:N/I:P/A:N)) APPLE (http://lists.app mechanism via a crafted announce/2015/Dec/m URL.

Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same encryption key across different 2.1 customers’ installations, (https://nvd.nist.gov/cvss.cfm? cisco — which makes it easier for 2015-12version=2&name=CVE-2015telepresence_video_communication_server_software local users to defeat 12 6414&vector= cryptographic protection (AV:L/AC:L/Au:N/C:P/I:N/A:N)) mechanisms by leveraging knowledge of a key from another installation, aka Bug ID CSCuw64516.

CVE-2015-6414 (http CISCO (http://tools.cisco.com sa-20151210-tvcs)

mcafee — virusscan_enterprise

The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates CVE-2015-8577 (http memory with Read, 2.6 CONFIRM (https://kc. Write, Execute (RWX) (https://nvd.nist.gov/cvss.cfm? page=content&id=SB1 permissions at 2015-12version=2&name=CVE-2015- MISC (http://breaking predictable addresses 16 8577&vector= abusing-security-prod on 32-bit platforms when (AV:L/AC:H/Au:N/C:P/I:P/A:N)) MISC (http://blog.ensi protecting another mitigations) application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.

redhat — jboss_enterprise_application_platform

Red Hat JBoss Enterprise Application Platform (EAP) before CVE-2015-5304 (http 6.4.5 does not properly CONFIRM (https://bug 3.5 authorize access to shut SECTRACK (http://ww (https://nvd.nist.gov/cvss.cfm? down the server, which 2015-12REDHAT (http://rhn.re version=2&name=CVE-2015allows remote 16 REDHAT (http://rhn.re 5304&vector= authenticated users with REDHAT (http://rhn.re (AV:N/AC:M/Au:S/C:N/I:N/A:P)) the Monitor, Deployer, or REDHAT (http://rhn.re Auditor role to cause a REDHAT (http://rhn.re denial of service via unspecified vectors.

symantec — endpoint_encryption

EACommunicatorSrv.exe in the Framework Service in the client in 2.3 CVE-2015-6556 (http Symantec Endpoint (https://nvd.nist.gov/cvss.cfm? CONFIRM Encryption (SEE) before 2015-12version=2&name=CVE-2015- (http://www.symantec 11.1.0 allows remote 18 6556&vector= fid=security_advisory& authenticated users to (AV:A/AC:M/Au:S/C:P/I:N/A:N)) BID (http://www.secur discover credentials by triggering a memory dump.

token_insert_entity_project — token_insert_entity

The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote 3.5 authenticated users with (https://nvd.nist.gov/cvss.cfm? CVE-2015-8602 (http 2015-12certain permissions to version=2&name=CVE-2015- MISC (https://www.dru 17 bypass intended access 8602&vector= CONFIRM (https://ww restrictions and possibly (AV:N/AC:M/Au:S/C:P/I:N/A:N)) obtain sensitive information by inserting a token, which embeds a rendered entity in the main node.

Back to top (https://www.us-cert.gov#top) This product is provided subject to this Notification (http://www.us-cert.gov/privacy/notification) and this Privacy & Use (http://www.us-cert.gov/privacy/) policy.

Source: US-CERT Bulletins Originally Posted: SB15-355: Vulnerability Summary for the Week of December 14, 2015 (https://www.uscert.gov/ncas/bulletins/SB15-355)

24 Jan

New Radamant Ransomware Kit adds RDM Extension to Encrypted Files (https://www.fuzzguard.com.au/newsarticles/new-radamant-ransomware-kit-addsrdm-extension-to-encrypted-files/) A new ransomware has been discovered called the Radamant Ransomware Kit that encrypts your data using AES-256 encryption and requires you to pay .5 Bitcoins, or approximately $230.88 USD, to get your files back. Any files encrypted by this ransomware will have the RDM extension added to them. […] Source: Bleeping Computer Originally Posted: New Radamant Ransomware Kit adds RDM Extension to Encrypted Files (http://www.bleepingcomputer.com/news/security/new-radamant-ransomware-kit-adds-rdm-extension-toencrypted-files/)

24 Jan

Zero Day GRUB2 Vulnerability Exposed (https://www.fuzzguard.com.au/newsarticles/zero-day-grub2-vulnerability-exposed/) A new zero-day vulnerability was discovered for the Grub bootloader that allows attackers to bypass Grub password authentication. A security notice released by researchers Hector Marco & Ismael Ripoll states that Grub versions 1.98 (December, 2009) through 2.02 (December, 2015) are affected by this bug. […] Source: Bleeping Computer Originally Posted: Zero Day GRUB2 Vulnerability Exposed (http://www.bleepingcomputer.com/news/security/zeroday-grub2-vulnerability-exposed/)

← Older posts (https://www.fuzzguard.com.au/news-articles/tag/chat-2/page/3/) Newer posts Õ (https://www.fuzzguard.com.au/news-articles/tag/chat-2/)

Sign-up to our newsletter:

Enter your email.



Sign up

Copywrite © 2018 | All rights reserved. | Powered by FuzzGuard (https://www.fuzzguard.com.au/)

Connect via:

(http s://t witt er.c om/f uzz guar d)

(http s:// ww w.fa ceb ook. com /fuz zgu ard)

(mai lto:i nfo @fu zzg uard .co m.a u)