Fwd: SB17-016: Vulnerability Summary for the Week of January 9, 2017
RICHARD BARTH
w3hwn at comcast.net
Mon Jan 16 18:04:43 CST 2017
-------- Original Message ----------
From: US-CERT <US-CERT at ncas.us-cert.gov>
To: w3hwn at arrl.net
Date: January 16, 2017 at 5:23 PM
Subject: SB17-016: Vulnerability Summary for the Week of January 9, 2017
[U.S. Department of Homeland Security US-CERT]
National Cyber Awareness System:
SB17-016: Vulnerability Summary for the Week of January 9, 2017 https://www.us-cert.gov/ncas/bulletins/SB17-016
01/16/2017 07:01 AM EST
Original release date: January 16, 2017
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology http://www.nist.gov (NIST) National Vulnerability Database http://nvd.nist.gov (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security http://www.dhs.gov (DHS) National Cybersecurity and Communications Integration Center https://www.us-cert.gov/nccic (NCCIC) / United States Computer Emergency Readiness Team https://www.us-cert.gov (US-CERT). For modified or updated entries, please visit the NVD http://nvd.nist.gov , which contains historical vulnerability information.
The vulnerabilities are based on the CVE http://cve.mitre.org/ vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System http://nvd.nist.gov/cvss.cfm (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
* High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
* Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
* Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
Primary
Vendor -- Product Description Published CVSS Score Source & Patch Info
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing a malformed cross-reference table. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2939&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2939 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2939
BID http://www.securityfocus.com/bid/95345
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing JPEG 2000 files. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2940&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2940 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2940
BID http://www.securityfocus.com/bid/95345
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing Compact Font Format data. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2941&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2941 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2941
BID http://www.securityfocus.com/bid/95345
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when processing TIFF image data. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2942&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2942 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2942
BID http://www.securityfocus.com/bid/95344
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing tags in TIFF images. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2943&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2943 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2943
BID http://www.securityfocus.com/bid/95345
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when parsing crafted TIFF image files. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2944&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2944 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2944
BID http://www.securityfocus.com/bid/95345
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing TIFF image files. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2945&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2945 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2945
BID http://www.securityfocus.com/bid/95344
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing the segment for storing non-graphic information. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2946&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2946 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2946
BID http://www.securityfocus.com/bid/95344
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the XFA engine. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2948&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2948 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2948
BID http://www.securityfocus.com/bid/95346
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2949&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2949 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2949
BID http://www.securityfocus.com/bid/95344
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2950&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2950 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2950
BID http://www.securityfocus.com/bid/95343
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2951&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2951 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2951
BID http://www.securityfocus.com/bid/95343
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the image conversion module related to parsing tags in TIFF files. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2952&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2952 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2952
BID http://www.securityfocus.com/bid/95346
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when processing a TIFF image. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2953&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2953 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2953
BID http://www.securityfocus.com/bid/95345
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when handling malformed TIFF images. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2954&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2954 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2954
BID http://www.securityfocus.com/bid/95345
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2955&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2955 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2955
BID http://www.securityfocus.com/bid/95343
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to manipulation of the navigation pane. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2956&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2956 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2956
BID http://www.securityfocus.com/bid/95343
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to collaboration functionality. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2957&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2957 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2957
BID http://www.securityfocus.com/bid/95343
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2958&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2958 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2958
BID http://www.securityfocus.com/bid/95343
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2959&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2959 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2959
BID http://www.securityfocus.com/bid/95344
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of EXIF metadata. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2960&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2960 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2960
BID http://www.securityfocus.com/bid/95345
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2961&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2961 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2961
BID http://www.securityfocus.com/bid/95343
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2962&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2962 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2962
BID http://www.securityfocus.com/bid/95340
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to handling of the color profile in a TIFF file. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2963&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2963 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2963
BID http://www.securityfocus.com/bid/95345
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to the parsing of JPEG EXIF metadata. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2964&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2964 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2964
BID http://www.securityfocus.com/bid/95345
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2965&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2965 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2965
BID http://www.securityfocus.com/bid/95345
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine related to parsing malformed TIFF segments. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2966&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2966 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2966
BID http://www.securityfocus.com/bid/95344
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the XFA engine related to a form's structure and organization. Successful exploitation could lead to arbitrary code execution. 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2967&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-2967 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2967
BID http://www.securityfocus.com/bid/95345
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2925&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-2925 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2925
BID http://www.securityfocus.com/bid/95350
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2926&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-2926 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2926
BID http://www.securityfocus.com/bid/95350
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2927&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-2927 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2927
BID http://www.securityfocus.com/bid/95347
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2928&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-2928 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2928
BID http://www.securityfocus.com/bid/95350
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2930&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-2930 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2930
BID http://www.securityfocus.com/bid/95350
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2931&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-2931 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2931
BID http://www.securityfocus.com/bid/95350
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2932&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-2932 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2932
BID http://www.securityfocus.com/bid/95342
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2933&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-2933 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2933
BID http://www.securityfocus.com/bid/95347
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2934&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-2934 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2934
BID http://www.securityfocus.com/bid/95347
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format. Successful exploitation could lead to arbitrary code execution. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2935&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-2935 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2935
BID http://www.securityfocus.com/bid/95347
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2936&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-2936 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2936
BID http://www.securityfocus.com/bid/95342
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2937&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-2937 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2937
BID http://www.securityfocus.com/bid/95342
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
adobe -- flash_player Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections. 2017-01-10 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2938&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2017-2938 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2938
BID http://www.securityfocus.com/bid/95341
CONFIRM https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
bluestacks -- bluestacks A local privilege escalation vulnerability exists in BlueStacks App Player. The BlueStacks App Player installer creates a registry key with weak permissions that allows users to execute arbitrary programs with SYSTEM privileges. 2017-01-06 7.2 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4288&vector=(AV:L/AC:L/Au:N/C:C/I:C/A:C) CVE-2016-4288 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4288
Miscellaneous http://www.securityfocus.com/bid/92426
MISC http://www.talosintelligence.com/reports/TALOS-2016-0124/
call-cc -- chicken The "process-execute" and "process-spawn" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve() call. This would allow user-supplied argument/environment variable lists to trigger a buffer overrun. This affects all releases of CHICKEN up to and including 4.11 (it will be fixed in 4.12 and 5.0, which are not yet released). 2017-01-10 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6830&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-6830 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6830
MLIST http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html
BID http://www.securityfocus.com/bid/92550
codeigniter -- codeigniter system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email->from field to insert sendmail command-line arguments. 2017-01-12 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-10131&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-10131 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10131
MISC https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36
MISC https://github.com/bcit-ci/CodeIgniter/issues/4963
MISC https://github.com/bcit-ci/CodeIgniter/pull/4966
eclinicalworks -- population_health eClinicalWorks Population Health (CCMR) suffers from an SQL injection vulnerability in portalUserService.jsp which allows remote authenticated users to inject arbitrary malicious database commands as part of user input. 2017-01-10 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-4592&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2015-4592 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4592
MISC http://packetstormsecurity.com/files/135533/eClinicalWorks-Population-Health-CCMR-SQL-Injection-CSRF-XSS.html
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/537420/100/0/threaded
EXPLOIT-DB https://www.exploit-db.com/exploits/39402/
eclinicalworks -- population_health eClinicalWorks Population Health (CCMR) suffers from a session fixation vulnerability. When authenticating a user, the application does not assign a new session ID, making it possible to use an existent session ID. 2017-01-10 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-4594&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2015-4594 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4594
MISC http://packetstormsecurity.com/files/135533/eClinicalWorks-Population-Health-CCMR-SQL-Injection-CSRF-XSS.html
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/537420/100/0/threaded
EXPLOIT-DB https://www.exploit-db.com/exploits/39402/
exponentcms -- exponent_cms Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload 'php' file to the website through uploader_paste.php, then overwrite /framework/conf/config.php, which leads to arbitrary code execution. 2017-01-12 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-7790&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-7790 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7790
MLIST http://www.openwall.com/lists/oss-security/2016/09/22/6
BID http://www.securityfocus.com/bid/93119
exponentcms -- exponent_cms Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload an evil 'exploit.tar.gz' file to the website, then extract it by visiting '/install/index.php?install_sample=../../files/exploit', which leads to arbitrary code execution. 2017-01-12 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-7791&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-7791 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7791
MLIST http://www.openwall.com/lists/oss-security/2016/09/29/11
BID http://www.securityfocus.com/bid/93119
google -- android An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31350755. References: MT-ALPS02961424. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6784&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6784 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6784
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
lexmark -- perceptive_document_filters An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow causing an out-of-bounds write which under the right circumstance could potentially be leveraged by an attacker to gain arbitrary code execution. 2017-01-06 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4336&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-4336 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4336
MISC http://www.talosintelligence.com/reports/TALOS-2016-0173/
libtiff -- libtiff LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. 2017-01-12 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-5225&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2017-5225 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5225
CONFIRM http://bugzilla.maptools.org/show_bug.cgi?id=2656
CONFIRM http://bugzilla.maptools.org/show_bug.cgi?id=2657
CONFIRM https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7
linux -- linux_kernel An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30740545. References: QC-CR#1065916. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6755&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-6755 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6755
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31252384. References: QC-CR#1071809. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6791&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-6791 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6791
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31253255. References: QC-CR#1072166. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8391&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8391 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8391
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31385862. References: QC-CR#1073136. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8392&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8392 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8392
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31911920. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8393&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8393 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8393
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31913197. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8394&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8394 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8394
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
linux -- linux_kernel A denial of service vulnerability in the NVIDIA camera driver could enable an attacker to cause a local permanent denial of service, which may require reflashing the operating system to repair the device. This issue is rated as High due to the possibility of local permanent denial of service. Product: Android. Versions: Kernel-3.10. Android ID: A-31403040. References: N-CVE-2016-8395. 2017-01-12 7.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8395&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:C) CVE-2016-8395 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8395
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8399&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8399 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8399
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31225246. References: QC-CR#1071891. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8412&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8412 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8412
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31750554. References: QC-CR#1079596. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8415&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8415 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8415
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31606947. References: N-CVE-2016-8424. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8424&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8424 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8424
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31797770. References: N-CVE-2016-8425. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8425&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8425 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8425
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31799206. References: N-CVE-2016-8426. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8426&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8426 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8426
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31799885. References: N-CVE-2016-8427. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8427&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8427 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8427
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31993456. References: N-CVE-2016-8428. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8428&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8428 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8428
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32160775. References: N-CVE-2016-8429. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8429&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8429 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8429
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32225180. References: N-CVE-2016-8430. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8430&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8430 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8430
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32402179. References: N-CVE-2016-8431. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8431&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8431 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8431
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32447738. References: N-CVE-2016-8432. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8432&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8432 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8432
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32125137. References: QC-CR#1081855. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8434&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8434 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8434
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32700935. References: N-CVE-2016-8435. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8435&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8435 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8435
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32450261. References: QC-CR#1007860. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8436&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8436 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8436
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel Possible buffer overflow in the hypervisor. Inappropriate usage of a static array could lead to a buffer overrun. Product: Android. Versions: Kernel 3.18. Android ID: A-31625904. References: QC-CR#1027769. 2017-01-12 7.2 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8441&vector=(AV:L/AC:L/Au:N/C:C/I:C/A:C) CVE-2016-8441 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8441
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel Possible unauthorized memory access in the hypervisor. Lack of input validation could allow hypervisor memory to be accessed by the HLOS. Product: Android. Versions: Kernel 3.18. Android ID: A-31625910. QC-CR#1038173. 2017-01-12 7.2 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8442&vector=(AV:L/AC:L/Au:N/C:C/I:C/A:C) CVE-2016-8442 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8442
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to subsystem page tables. Product: Android. Versions: Kernel 3.18. Android ID: A-32576499. References: QC-CR#964185. 2017-01-12 7.2 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8443&vector=(AV:L/AC:L/Au:N/C:C/I:C/A:C) CVE-2016-8443 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8443
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31243641. References: QC-CR#1074310. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8444&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8444 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8444
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31798848. References: N-CVE-2016-8449. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8449&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8449 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8449
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-32450563. References: QC-CR#880388. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8450&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8450 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8450
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32506396. References: QC-CR#1050323. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8452&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8452 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8452
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-24739315. References: B-RB#73392. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8453&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8453 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8453
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32174590. References: B-RB#107142. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8454&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8454 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8454
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-32219121. References: B-RB#106311. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8455&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-8455 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8455
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32219255. References: B-RB#105580. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8456&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8456 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8456
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32219453. References: B-RB#106116. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8457&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8457 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8457
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31968442. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8458&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8458 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8458
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29000183. References: B-RB#106314. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8464&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8464 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8464
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32474971. References: B-RB#106053. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8465&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8465 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8465
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31822524. References: B-RB#105268. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8466&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8466 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8466
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in Binder could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.18. Android ID: A-32394425. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8468&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-8468 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8468
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32402548. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0403&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2017-0403 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0403
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32510733. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0404&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2017-0404 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0404
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
memcached -- memcached An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. 2017-01-06 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8704&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-8704 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8704
BID http://www.securityfocus.com/bid/94083
MISC http://www.talosintelligence.com/reports/TALOS-2016-0219/
memcached -- memcached Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. 2017-01-06 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8705&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-8705 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8705
BID http://www.securityfocus.com/bid/94083
MISC http://www.talosintelligence.com/reports/TALOS-2016-0220/
microsoft -- windows_vista The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to cause a denial of service (reboot) via a crafted authentication request, aka "Local Security Authority Subsystem Service Denial of Service Vulnerability." 2017-01-10 7.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0004&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:C) CVE-2017-0004 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0004
MS http://technet.microsoft.com/security/bulletin/MS17-004
BID http://www.securityfocus.com/bid/95318
microsoft -- word Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." 2017-01-10 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0003&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-0003 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0003
MS http://technet.microsoft.com/security/bulletin/MS17-002
BID http://www.securityfocus.com/bid/95287
php -- php In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution. 2017-01-11 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-7479&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-7479 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7479
MISC http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7
MISC http://blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf
BID http://www.securityfocus.com/bid/95151
MISC https://bugs.php.net/bug.php?id=73092
MISC https://www.youtube.com/watch?v=LDcaPstAuPk
php -- php The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. 2017-01-11 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-7480&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-7480 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7480
MISC http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7
MISC http://blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf
MISC http://php.net/ChangeLog-7.php
BID http://www.securityfocus.com/bid/95152
MISC https://bugs.php.net/bug.php?id=73257
MISC https://github.com/php/php-src/commit/61cdd1255d5b9c8453be71aacbbf682796ac77d4
MISC https://www.youtube.com/watch?v=LDcaPstAuPk
php -- php Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data. 2017-01-11 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-5340&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2017-5340 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5340
BID http://www.securityfocus.com/bid/95371
CONFIRM https://bugs.php.net/bug.php?id=73832
CONFIRM https://github.com/php/php-src/commit/4cc0286f2f3780abc6084bcdae5dce595daa3c12
pidgin -- pidgin Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could result in multiple buffer overflows, potentially resulting in code execution or memory disclosure. 2017-01-06 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2368&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-2368 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2368
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=101
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0136/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pivotal_software -- gemfire_for_pivotal_cloud_foundry An issue was discovered in Pivotal GemFire for PCF 1.6.x versions prior to 1.6.5 and 1.7.x versions prior to 1.7.1. The gfsh (Geode Shell) endpoint, used by operators and application developers to connect to their cluster, is unauthenticated and publicly accessible. Because HTTPS communications are terminated at the gorouter, communications from the gorouter to GemFire clusters are unencrypted. An attacker could run any command available on gfsh and could cause denial of service, lost confidentiality of data, escalate privileges, or eavesdrop on other communications between the gorouter and the cluster. 2017-01-06 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-9885&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-9885 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9885
BID http://www.securityfocus.com/bid/95270
CONFIRM https://pivotal.io/security/cve-2016-9885
python_software_foundation -- hpack A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK dynamic header table into the dynamic header table. The attacker can then send a header block that is simply repeated requests to expand that field in the dynamic table. This can lead to a gigantic compression ratio of 4,096 or better, meaning that 16kB of data can decompress to 64MB of data on the target machine. 2017-01-10 7.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6581&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:C) CVE-2016-6581 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6581
BID http://www.securityfocus.com/bid/92315
CONFIRM https://python-hyper.org/hpack/en/latest/security/CVE-2016-6581.html
ruby-lang -- ruby Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution. 2017-01-06 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2336&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-2336 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2336
MISC http://www.talosintelligence.com/reports/TALOS-2016-0029/
ruby-lang -- ruby Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution. 2017-01-06 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2337&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-2337 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2337
MISC http://www.talosintelligence.com/reports/TALOS-2016-0031/
ruby-lang -- ruby An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow. 2017-01-06 7.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2339&vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-2339 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2339
MISC http://www.talosintelligence.com/reports/TALOS-2016-0034/
samsung -- samsung_mobile Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded within it. The active install session of the embedded app is performed using the android.content.pm.PackageInstaller class and its nested classes in the Android API. The active install session will write the embedded APK file to the /data/app directory, but the app will not be installed since third-party applications cannot programmatically install apps. Samsung has modified AOSP in order to accelerate the parsing of APKs by introducing the com.android.server.pm.PackagePrefetcher class and its nested classes. These classes will parse the APKs present in the /data/app directory and other directories, even if the app is not actually installed. The embedded APK that was written to the /data/app directory via the active install session has a very large but valid AndroidManifest.xml file. Specifically, the AndroidManifest.xml file contains a very large string value for the name of a permission-tree that it declares. When system_server tries to parse the APK file of the embedded app from the active install session, it will crash due to an uncaught error (i.e., java.lang.OutOfMemoryError) or an uncaught exception (i.e., std::bad_alloc) because of memory constraints. The Samsung Android device will encounter a soft reboot due to a system_server crash, and this action will keep repeating since parsing the APKs in the /data/app directory as performed by the system_server process is part of the normal boot process. The Samsung ID is SVE-2016-6917. 2017-01-09 7.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-5217&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:C) CVE-2017-5217 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5217
CONFIRM http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017
BID http://www.securityfocus.com/bid/95319
samsung -- samsung_mobile Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650. 2017-01-12 7.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-5351&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:C) CVE-2017-5351 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5351
CONFIRM http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017
splunk -- splunk Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840. 2017-01-10 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-10126&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2016-10126 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10126
CONFIRM https://www.splunk.com/view/SP-CAAAPSR
trane -- comfortlink_ii_firmware A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system. 2017-01-06 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-2867&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-2867 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2867
BID http://www.securityfocus.com/bid/95120
MISC http://www.talosintelligence.com/reports/TALOS-2016-0028/
trane -- comfortlink_ii_firmware An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution. 2017-01-06 10.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-2868&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-2868 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2868
BID http://www.securityfocus.com/bid/95118
MISC http://www.talosintelligence.com/reports/TALOS-2016-0027/
Back to top https://www.us-cert.gov#top
Medium Vulnerabilities
Primary
Vendor -- Product Description Published CVSS Score Source & Patch Info
adobe -- acrobat_dc Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF). 2017-01-10 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-2947&vector=(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVE-2017-2947 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2947
BID http://www.securityfocus.com/bid/95348
CONFIRM https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
call-cc -- chicken The "process-execute" and "process-spawn" procedures did not free memory correctly when the execve() call failed, resulting in a memory leak. This could be abused by an attacker to cause resource exhaustion or a denial of service. This affects all releases of CHICKEN up to and including 4.11 (it will be fixed in 4.12 and 5.0, which are not yet released). 2017-01-10 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6831&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-6831 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6831
MLIST http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html
BID http://www.securityfocus.com/bid/92550
call-cc -- http-client The "spiffy-cgi-handlers" egg would convert a nonexistent "Proxy" header to the HTTP_PROXY environment variable, which would allow attackers to direct CGI programs which use this environment variable to use an attacker-specified HTTP proxy server (also known as a "httpoxy" attack). This affects all versions of spiffy-cgi-handlers before 0.5. 2017-01-10 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6286&vector=(AV:N/AC:L/Au:N/C:N/I:P/A:N) CVE-2016-6286 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6286
MLIST http://lists.gnu.org/archive/html/chicken-announce/2016-07/msg00000.html
BID http://www.securityfocus.com/bid/92105
call-cc -- http-client The "http-client" egg always used a HTTP_PROXY environment variable to determine whether HTTP traffic should be routed via a proxy, even when running as a CGI process. Under several web servers this would mean a user-supplied "Proxy" header could allow an attacker to direct all HTTP requests through a proxy (also known as a "httpoxy" attack). This affects all versions of http-client before 0.10. 2017-01-10 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6287&vector=(AV:N/AC:L/Au:N/C:N/I:P/A:N) CVE-2016-6287 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6287
MLIST http://lists.gnu.org/archive/html/chicken-announce/2016-07/msg00000.html
BID http://www.securityfocus.com/bid/92105
d-link -- dgs-1100_firmware D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session. 2017-01-09 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-10125&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-10125 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10125
BID http://www.securityfocus.com/bid/95329
MISC https://labs.integrity.pt/advisories/dlink-dgs-1100-hardcoded-keys/
eclinicalworks -- population_health eClinicalWorks Population Health (CCMR) suffers from a cross site scripting vulnerability in login.jsp which allows remote unauthenticated users to inject arbitrary javascript via the strMessage parameter. 2017-01-10 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-4591&vector=(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVE-2015-4591 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4591
MISC http://packetstormsecurity.com/files/135533/eClinicalWorks-Population-Health-CCMR-SQL-Injection-CSRF-XSS.html
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/537420/100/0/threaded
EXPLOIT-DB https://www.exploit-db.com/exploits/39402/
eclinicalworks -- population_health eClinicalWorks Population Health (CCMR) suffers from a cross-site request forgery (CSRF) vulnerability in portalUserService.jsp which allows remote attackers to hijack the authentication of content administrators for requests that could lead to the creation, modification and deletion of users, appointments and employees. 2017-01-10 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-4593&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2015-4593 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4593
MISC http://packetstormsecurity.com/files/135533/eClinicalWorks-Population-Health-CCMR-SQL-Injection-CSRF-XSS.html
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/537420/100/0/threaded
EXPLOIT-DB https://www.exploit-db.com/exploits/39402/
emc -- scaleio An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate privileges to root on ScaleIO Data Client (SDC) servers. 2017-01-06 4.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-9867&vector=(AV:L/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-9867 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9867
CONFIRM http://www.securityfocus.com/archive/1/539983/30/0/threaded
BID http://www.securityfocus.com/bid/95300
f5 -- big-ip_access_policy_manager Under certain conditions for BIG-IP systems using a virtual server with an associated FastL4 profile and TCP analytics profile, a specific sequence of packets may cause the Traffic Management Microkernel (TMM) to restart. 2017-01-10 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-9247&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVE-2016-9247 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9247
CONFIRM https://support.f5.com/csp/#/article/K33500120
foxitsoftware -- reader A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR. 2017-01-06 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8334&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2016-8334 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8334
BID http://www.securityfocus.com/bid/93799
MISC http://www.talosintelligence.com/reports/TALOS-2016-0201/
freeimage_project -- freeimage An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this vulnerability. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-5684&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-5684 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5684
BID http://www.securityfocus.com/bid/93287
MISC http://www.talosintelligence.com/reports/TALOS-2016-0189/
google -- android An elevation of privilege vulnerability in Telephony could enable a local malicious application to access system functions beyond its access level. This issue is rated as Moderate because it is a local bypass of restrictions on a constrained process. Product: Android. Versions: 6.0, 6.0.1, 7.0. Android ID: A-31566390. 2017-01-12 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6771&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-6771 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6771
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32588756. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0399&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2017-0399 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0399
CONFIRM https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32584034. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0400&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2017-0400 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0400
CONFIRM https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32588016. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0401&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2017-0401 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0401
CONFIRM https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32436341. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0402&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2017-0402 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0402
CONFIRM https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac
CONFIRM https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
hancom -- hancom_office_2014 When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a block of data within the file. When calculating this length, the application will use a value from the file and add a constant to it without checking whether the addition of the constant will cause the integer to overflow which will cause the buffer to be undersized when the application tries to copy file data into it. This allows one to overwrite contiguous data in the heap which can lead to code-execution under the context of the application. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4290&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-4290 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4290
BID http://www.securityfocus.com/bid/92325
MISC http://www.talosintelligence.com/reports/TALOS-2016-0145/
hancom -- hancom_office_2014 When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will use a field from the structure in an operation that can cause the integer to overflow. This result is then used to allocate memory to copy file data in. Due to the lack of bounds checking on the integer, the allocated memory buffer can be made to be undersized at which point the reading of file data will write outside the bounds of the buffer. This can lead to code execution under the context of the application. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4291&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-4291 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4291
BID http://www.securityfocus.com/bid/92325
MISC http://www.talosintelligence.com/reports/TALOS-2016-0146/
hancom -- hancom_office_2014 When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will use a static size to allocate a heap buffer yet explicitly trust a size from the file when modifying data inside of it. Due to this, an aggressor can corrupt memory outside the bounds of this buffer which can lead to code execution under the context of the application. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4292&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-4292 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4292
BID http://www.securityfocus.com/bid/92325
MISC http://www.talosintelligence.com/reports/TALOS-2016-0147/
hancom -- hancom_office_2014 When opening a Hangul Hcell Document (.cell) and processing a property record within the Workbook stream, Hancom Office 2014 will attempt to allocate space for an element using a length from the file. When copying user-supplied data to this buffer, however, the application will use a different size which leads to a heap-based buffer overflow. This vulnerability can lead to code-execution under the context of the application. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4294&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-4294 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4294
BID http://www.securityfocus.com/bid/92327
MISC http://www.talosintelligence.com/reports/TALOS-2016-0149/
hancom -- hancom_office_2014 When opening a Hangul Hcell Document (.cell) and processing a particular record within the Workbook stream, an index miscalculation leading to a heap overlow can be made to occur in Hancom Office 2014. The vulnerability occurs when processing data for a formula used to render a chart via the HncChartPlugin.hplg library. Due to a lack of bounds-checking when incrementing an index that is used for writing into a buffer for formulae, the application can be made to write pointer data outside its bounds which can lead to code execution under the context of the application. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4295&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-4295 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4295
BID http://www.securityfocus.com/bid/92327
MISC http://www.talosintelligence.com/reports/TALOS-2016-0150/
hancom -- hancom_office_2014 When opening a Hangul Hcell Document (.cell) and processing a record that uses the CSSValFormat object, Hancom Office 2014 will search for an underscore ("_") character at the end of the string and write a null terminator after it. If the character is at the very end of the string, the application will mistakenly write the null-byte outside the bounds of its destination. This can result in heap corruption that can lead code execution under the context of the application 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4296&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-4296 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4296
BID http://www.securityfocus.com/bid/92327
MISC http://www.talosintelligence.com/reports/TALOS-2016-0151/
hancom -- hancom_office_2014 When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a list of elements using a length from the file. When calculating this length, an integer overflow can be made to occur which will cause the buffer to be undersized when the application tries to copy file data into the object containing this structure. This allows one to overwrite contiguous data in the heap which can lead to code-execution under the context of the application. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4298&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-4298 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4298
BID http://www.securityfocus.com/bid/92325
MISC http://www.talosintelligence.com/reports/TALOS-2016-0144/
ibm -- websphere_application_server An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded "/" to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. The unexpected presence of path parameters can cause a constraint to be bypassed. Users of Apache Tomcat (all current versions) are not affected by this vulnerability since Tomcat follows the guidance previously provided by the Servlet Expert group and strips path parameters from the value returned by getContextPath(), getServletPath(), and getPathInfo(). Users of other Servlet containers based on Apache Tomcat may or may not be affected depending on whether or not the handling of path parameters has been modified. Users of IBM WebSphere Application Server 8.5.x are known to be affected. Users of other containers that implement the Servlet specification may be affected. 2017-01-06 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-9879&vector=(AV:N/AC:L/Au:N/C:N/I:P/A:N) CVE-2016-9879 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9879
BID http://www.securityfocus.com/bid/95142
CONFIRM https://pivotal.io/security/cve-2016-9879
intel -- ethernet_controler_xl710_firmware A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions. 2017-01-09 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8106&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVE-2016-8106 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8106
BID http://www.securityfocus.com/bid/95333
CONFIRM https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063&languageid=en-fr
isc -- bind named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query. 2017-01-12 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-9131&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-9131 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9131
BID http://www.securityfocus.com/bid/95386
CONFIRM https://kb.isc.org/article/AA-01439/74/CVE-2016-9131
isc -- bind named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets. 2017-01-12 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-9147&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-9147 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9147
CONFIRM https://kb.isc.org/article/AA-01440/74/CVE-2016-9147
isc -- bind named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer. 2017-01-12 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-9444&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-9444 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9444
CONFIRM https://kb.isc.org/article/AA-01441/74/CVE-2016-9444
lexmark -- perceptive_document_filters An exploitable buffer overflow exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a stack based buffer overflow resulting in remote code execution. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4335&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-4335 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4335
BID http://www.securityfocus.com/bid/92425
MISC http://www.talosintelligence.com/reports/TALOS-2016-0172/
lexmark -- perceptive_document_filters An exploitable heap overflow vulnerability exists in the Compound Binary File Format (CBFF) parser functionality of Lexmark Perceptive Document Filters library. A specially crafted CBFF file can cause a code execution. An attacker can send a malformed file to trigger this vulnerability. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-5646&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-5646 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5646
MISC http://www.talosintelligence.com/reports/TALOS-2016-0185/
libimobiledevice -- libplist The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data. 2017-01-11 6.4 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-5209&vector=(AV:N/AC:L/Au:N/C:P/I:N/A:P) CVE-2017-5209 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5209
BID http://www.securityfocus.com/bid/95385
CONFIRM https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957
libtiff -- libtiff An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-5652&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-5652 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5652
BID http://www.securityfocus.com/bid/93902
MISC http://www.talosintelligence.com/reports/TALOS-2016-0187/
linux -- linux_kernel An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31651010. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8405&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2016-8405 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8405
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
linuxcontainers -- lxc An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the container. 2017-01-09 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-10124&vector=(AV:N/AC:L/Au:N/C:N/I:P/A:N) CVE-2016-10124 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10124
CONFIRM https://github.com/lxc/lxc/commit/e986ea3dfa4a2957f71ae9bfaed406dd6e1ffff6
mantisbt -- mantisbt Cross-site scripting (XSS) vulnerability in MantisBT Filter API in MantisBT versions before 1.2.19, and versions 2.0.0-beta1, 1.3.0-beta1 allows remote attackers to inject arbitrary web script or HTML via the 'view_type' parameter. 2017-01-10 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6837&vector=(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVE-2016-6837 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6837
BID http://www.securityfocus.com/bid/92522
SECTRACK http://www.securitytracker.com/id/1036655
CONFIRM https://github.com/mantisbt/mantisbt/commit/7086c2d8b4b20ac14013b36761ac04f0abf21a4e
CONFIRM https://mantisbt.org/bugs/view.php?id=21611
matroska -- libebml A specially crafted unicode string in libebml master branch can cause an off-by-few read on the heap in unicode string parsing code in libebml. This issue can potentially be used for information leaks. 2017-01-06 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-1514&vector=(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVE-2016-1514 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1514
BID http://www.securityfocus.com/bid/95124
MISC http://www.talosintelligence.com/reports/TALOS-2016-0036/
matroska -- libebml A use-after-free / double-free vulnerability can occur in libebml master branch while parsing Track elements of the MKV container. 2017-01-06 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-1515&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-1515 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1515
BID http://www.securityfocus.com/bid/94924
MISC http://www.talosintelligence.com/reports/TALOS-2016-0037/
memcached -- memcached An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8706&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-8706 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8706
BID http://www.securityfocus.com/bid/94083
MISC http://www.talosintelligence.com/reports/TALOS-2016-0221/
metalgenix -- genixcms SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows remote authenticated editors to execute arbitrary SQL commands via the term parameter to the default URI. 2017-01-12 6.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-5345&vector=(AV:N/AC:L/Au:S/C:P/I:P/A:P) CVE-2017-5345 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5345
MISC https://github.com/semplon/GeniXCMS/commit/6e21c01d87672d81080450e6913e0093a02bfab8
MISC https://github.com/semplon/GeniXCMS/issues/60
metalgenix -- genixcms SQL injection vulnerability in inc/lib/Control/Backend/posts.control.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter to gxadmin/index.php. 2017-01-12 6.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-5346&vector=(AV:N/AC:L/Au:S/C:P/I:P/A:P) CVE-2017-5346 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5346
MISC https://github.com/semplon/GeniXCMS/issues/61
metalgenix -- genixcms SQL injection vulnerability in inc/mod/newsletter/options.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the recipient parameter to gxadmin/index.php. 2017-01-12 6.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-5347&vector=(AV:N/AC:L/Au:S/C:P/I:P/A:P) CVE-2017-5347 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5347
MISC https://github.com/semplon/GeniXCMS/issues/61
microsoft -- edge Microsoft Edge allows remote attackers to bypass the Same Origin Policy via vectors involving the about:blank URL and data: URLs, aka "Microsoft Edge Elevation of Privilege Vulnerability." 2017-01-10 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0002&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2017-0002 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0002
MS http://technet.microsoft.com/security/bulletin/MS17-001
BID http://www.securityfocus.com/bid/95284
netapp -- clustered_data_ontap Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default privileged account which under certain conditions can be used for unauthorized information disclosure. 2017-01-11 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-8020&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2015-8020 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8020
BID http://www.securityfocus.com/bid/92329
CONFIRM https://kb.netapp.com/support/s/article/cve-2015-8020-default-privileged-account-credentials-vulnerability-in-in-clustered-data-ontap?language=en_US
netapp -- metrocluster_tiebreaker MetroCluster Tiebreaker for clustered Data ONTAP in versions before 1.2 discloses sensitive information in cleartext which may be viewed by an unauthenticated user. 2017-01-11 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6820&vector=(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVE-2016-6820 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6820
BID http://www.securityfocus.com/bid/92495
CONFIRM https://kb.netapp.com/support/s/article/cve-2016-6820-sensitive-information-disclosure-in-metrocluster-tiebreaker-for-clustered-data-ontap?language=en_US
netop -- remote_control Stack-based buffer overflow vulnerability in Netop Remote Control versions 11.53, 12.21 and prior. The affected module in the Guest client is the "Import to Phonebook" option. When a specially designed malicious file containing special characters is loaded, the overflow occurs. 12.51 is the fixed version. The Support case ref is 00109744. 2017-01-09 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-5216&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVE-2017-5216 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5216
CONFIRM http://www.netop.com/fileadmin/netop/resources/products/administration/remote_control/release_notes/NetopRemoteControl_12.51_ModificationNotes_final.pdf
BID http://www.securityfocus.com/bid/95316
ntp -- ntp An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled. 2017-01-06 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-1547&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-1547 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1547
CONFIRM http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
CONFIRM http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
BID http://www.securityfocus.com/bid/88276
MISC http://www.talosintelligence.com/reports/TALOS-2016-0081/
ntp -- ntp An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched. 2017-01-06 6.4 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-1548&vector=(AV:N/AC:L/Au:N/C:N/I:P/A:P) CVE-2016-1548 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1548
CONFIRM http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
CONFIRM http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
BID http://www.securityfocus.com/bid/88264
MISC http://www.talosintelligence.com/reports/TALOS-2016-0082/
ntp -- ntp A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock. 2017-01-06 4.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-1549&vector=(AV:N/AC:L/Au:S/C:N/I:P/A:N) CVE-2016-1549 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1549
CONFIRM http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
BID http://www.securityfocus.com/bid/88200
MISC http://www.talosintelligence.com/reports/TALOS-2016-0083/
ntp -- ntp An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key. 2017-01-06 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-1550&vector=(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVE-2016-1550 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1550
CONFIRM http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
CONFIRM http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
BID http://www.securityfocus.com/bid/88261
MISC http://www.talosintelligence.com/reports/TALOS-2016-0084/
ntp -- ntp-dev An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash. 2017-01-06 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-7848&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2015-7848 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7848
MISC http://www.talosintelligence.com/reports/TALOS-2015-0052/
php -- php Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876. 2017-01-11 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-7478&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-7478 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7478
MISC http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7
MISC http://blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf
BID http://www.securityfocus.com/bid/95150
MISC https://bugs.php.net/bug.php?id=73093
MISC https://www.youtube.com/watch?v=LDcaPstAuPk
pidgin -- pidgin A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a null pointer dereference. A malicious server or an attacker who intercepts the network traffic can send invalid data to trigger this vulnerability and cause a crash. 2017-01-06 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2365&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVE-2016-2365 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2365
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=98
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0133/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or an attacker who intercepts the network traffic can send invalid data to trigger this vulnerability and cause a crash. 2017-01-06 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2366&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVE-2016-2366 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2366
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=99
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0134/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin A NULL pointer dereference vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a denial of service vulnerability. A malicious server can send a packet starting with a NULL byte triggering the vulnerability. 2017-01-06 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2369&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVE-2016-2369 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2369
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=102
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0137/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an out-of-bounds read. A malicious server or man-in-the-middle attacker can send invalid data to trigger this vulnerability. 2017-01-06 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2370&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVE-2016-2370 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2370
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=103
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0138/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2371&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-2371 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2371
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=104
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0139/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle attacker can send an invalid size for a file transfer which will trigger an out-of-bounds read vulnerability. This could result in a denial of service or copy data from memory to the file, resulting in an information leak if the file is sent to another user. 2017-01-06 4.9 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2372&vector=(AV:N/AC:M/Au:S/C:P/I:N/A:P) CVE-2016-2372 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2372
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=105
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0140/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or user can send an invalid mood to trigger this vulnerability. 2017-01-06 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2373&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVE-2016-2373 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2373
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=106
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0141/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write leading to memory disclosure and code execution. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2374&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-2374 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2374
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=107
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0142/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT contact information sent from the server can result in memory disclosure. 2017-01-06 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2375&vector=(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVE-2016-2375 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2375
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=108
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0143/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in arbitrary code execution. A malicious server or an attacker who intercepts the network traffic can send an invalid size for a packet which will trigger a buffer overflow. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2376&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-2376 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2376
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=92
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0118/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send a negative content-length in response to a HTTP request triggering the vulnerability. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2377&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-2377 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2377
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=93
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0119/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting in memory corruption. A malicious server or an unfiltered malicious user can send negative length values to trigger this vulnerability. 2017-01-06 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2378&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-2378 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2378
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=94
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0120/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent to the server could potentially result in an out-of-bounds read. A user could be convinced to enter a particular string which would then get converted incorrectly and could lead to a potential out-of-bounds read. 2017-01-06 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2380&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2016-2380 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2380
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=96
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0123/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
pidgin -- pidgin A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the network traffic can provide an invalid filename for a splash image triggering the vulnerability. 2017-01-06 5.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4323&vector=(AV:N/AC:M/Au:N/C:N/I:P/A:P) CVE-2016-4323 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4323
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=97
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0128/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
python_software_foundation -- python_priority_library A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority information for each stream, and would therefore allocate unbounded amounts of memory. Attempting to actually use a tree like this would also cause extremely high CPU usage to maintain the tree. 2017-01-10 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6580&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-6580 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6580
BID http://www.securityfocus.com/bid/92311
CONFIRM https://python-hyper.org/priority/en/latest/security/CVE-2016-6580.html
samsung -- samsung_mobile Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122. 2017-01-12 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-5350&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2017-5350 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5350
CONFIRM http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017
Back to top https://www.us-cert.gov#top
Low Vulnerabilities
Primary
Vendor -- Product Description Published CVSS Score Source & Patch Info
emc -- scaleio An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client (SDC) server unavailable until the next reboot. 2017-01-06 2.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-9868&vector=(AV:L/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-9868 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9868
CONFIRM http://www.securityfocus.com/archive/1/539983/30/0/threaded
BID http://www.securityfocus.com/bid/95301
emc -- scaleio An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI driver may allow a low-privileged local attacker to modify the configuration and render the ScaleIO Data Client (SDC) server unavailable. 2017-01-06 2.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-9869&vector=(AV:L/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-9869 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9869
CONFIRM http://www.securityfocus.com/archive/1/539983/30/0/threaded
BID http://www.securityfocus.com/bid/95303
google -- android An information disclosure vulnerability in Package Manager could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: 7.0. Android ID: A-31251489. 2017-01-12 2.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6774&vector=(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-6774 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6774
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
kaspersky -- anti-virus A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause application termination and in the same way bypass KAV self-protection mechanism. 2017-01-06 2.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4329&vector=(AV:L/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-4329 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4329
BID http://www.securityfocus.com/bid/92771
Miscellaneous http://www.securityfocus.com/bid/92771/info
MISC http://www.talosintelligence.com/reports/TALOS-2016-0175/
Miscellaneous https://support.kaspersky.com/vulnerability.aspx?el=12430#010916
kaspersky -- internet_security A denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driver. A specially crafted native api call request can cause a access violation exception in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to trigger this vulnerability. 2017-01-06 2.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4304&vector=(AV:L/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-4304 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4304
Miscellaneous http://securitytracker.com/id/1036702
MISC http://www.talosintelligence.com/reports/TALOS-2016-0166/
kaspersky -- internet_security A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. A specially crafted native api call can cause a access violation in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to trigger this vulnerability. 2017-01-06 2.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4305&vector=(AV:L/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-4305 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4305
Miscellaneous http://securitytracker.com/id/1036702
MISC http://www.talosintelligence.com/reports/TALOS-2016-0167/
kaspersky -- internet_security A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user-mode to trigger this vulnerability. 2017-01-06 2.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4307&vector=(AV:L/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-4307 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4307
Miscellaneous http://securitytracker.com/id/1036702
MISC http://www.talosintelligence.com/reports/TALOS-2016-0169/
kaspersky -- total_security Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses that may be useful in bypassing kernel mitigations. An unprivileged user can run a program from user-mode to trigger this vulnerability. 2017-01-06 2.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4306&vector=(AV:L/AC:L/Au:N/C:P/I:N/A:N) CVE-2016-4306 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4306
Miscellaneous http://securitytracker.com/id/1036702
MISC http://www.talosintelligence.com/reports/TALOS-2016-0168/
linux -- linux_kernel An information disclosure vulnerability in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29464815. References: QC-CR#1042068. 2017-01-12 2.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6756&vector=(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-6756 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6756
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
linux -- linux_kernel An information disclosure vulnerability in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30148242. References: QC-CR#1052821. 2017-01-12 2.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6757&vector=(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-6757 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6757
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
linux -- linux_kernel An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31795790. 2017-01-12 2.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8473&vector=(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-8473 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8473
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31799972. 2017-01-12 2.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8474&vector=(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-8474 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8474
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
linux -- linux_kernel An information disclosure vulnerability in the HTC input driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32591129. 2017-01-12 2.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8475&vector=(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-8475 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8475
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
pidgin -- pidgin An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle can send an invalid size for an avatar which will trigger an out-of-bounds read vulnerability. This could result in a denial of service or copy data from memory to the file, resulting in an information leak if the avatar is sent to another user. 2017-01-06 3.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-2367&vector=(AV:N/AC:M/Au:S/C:N/I:N/A:P) CVE-2016-2367 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2367
DEBIAN http://www.debian.org/security/2016/dsa-3620
CONFIRM http://www.pidgin.im/news/security/?id=100
BID http://www.securityfocus.com/bid/91335
MISC http://www.talosintelligence.com/reports/TALOS-2016-0135/
UBUNTU http://www.ubuntu.com/usn/USN-3031-1
python -- urllib3 Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not correctly validate TLS certificates. This places users of the library with those configurations at risk of man-in-the-middle and information leakage attacks. This vulnerability affects users using versions 1.17 and 1.18 of the urllib3 library, who are using the optional PyOpenSSL support for TLS instead of the regular standard library TLS backend, and who are using OpenSSL 1.1.0 via PyOpenSSL. This is an extremely uncommon configuration, so the security impact of this vulnerability is low. 2017-01-11 2.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-9015&vector=(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-9015 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9015
MLIST http://www.openwall.com/lists/oss-security/2016/10/27/6
BID http://www.securityfocus.com/bid/93941
web2py -- web2py Web2py versions 2.14.5 and below was affected by Reflected XSS vulnerability, which allows an attacker to perform an XSS attack on logged in user (admin). 2017-01-11 3.5 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4807&vector=(AV:N/AC:M/Au:S/C:N/I:P/A:N) CVE-2016-4807 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4807
MISC http://packetstormsecurity.com/files/137070/Web2py-2.14.5-CSRF-XSS-Local-File-Inclusion.html
EXPLOIT-DB https://www.exploit-db.com/exploits/39821/
Back to top https://www.us-cert.gov#top
Severity Not Yet Assigned
Primary
Vendor -- Product Description Published CVSS Score Source & Patch Info
apache -- apache_storm
The UI daemon in Apache Storm 0.10.0 before 0.10.0-beta1 allows remote attackers to execute arbitrary code via unspecified vectors. 2017-01-13 not yet calculated CVE-2015-3188 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3188
MISC http://packetstormsecurity.com/files/132417/Apache-Storm-0.10.0-beta-Code-Execution.html
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/535804/100/0/threaded
SECTRACK http://www.securitytracker.com/id/1032695
apache -- apache
Information disclosure and authentication bypass vulnerability exists in the Apache HTTP Server configuration bundled with ZoneMinder v1.30.0, which allows a remote unauthenticated attacker to browse all directories in the web root, e.g., a remote unauthenticated attacker can view all CCTV images on the server. 2017-01-13 not yet calculated CVE-2016-10140 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10140
CONFIRM https://github.com/ZoneMinder/ZoneMinder/pull/1697
artifex -- artifex
An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or a denial of service (buffer overflow) condition. 2017-01-13 not yet calculated CVE-2016-10141 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10141
CONFIRM http://git.ghostscript.com/?p=mujs.git;h=fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045
CONFIRM https://bugs.ghostscript.com/show_bug.cgi?id=697448
barco -- clickshare
Directory traversal vulnerability in the wallpaper parsing functionality in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to read /etc/shadow via unspecified vectors. 2017-01-12 not yet calculated CVE-2016-3151 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3151
MISC http://packetstormsecurity.com/files/139713/Barco-ClickShare-XSS-Remote-Code-Execution-Path-Traversal.html
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/539754/100/0/threaded
BID http://www.securityfocus.com/bid/94330
barco -- clickshare
Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 devices with firmware before 01.06.02 allow remote attackers to execute arbitrary code via unspecified vectors. 2017-01-12 not yet calculated CVE-2016-3149 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3149
MISC http://packetstormsecurity.com/files/139713/Barco-ClickShare-XSS-Remote-Code-Execution-Path-Traversal.html
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/539754/100/0/threaded
BID http://www.securityfocus.com/bid/94323
barco -- clickshare
Cross-site scripting (XSS) vulnerability in wallpaper.php in the Base Unit in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2017-01-12 not yet calculated CVE-2016-3150 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3150
MISC http://packetstormsecurity.com/files/139713/Barco-ClickShare-XSS-Remote-Code-Execution-Path-Traversal.html
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/539754/100/0/threaded
BID http://www.securityfocus.com/bid/94330
barco -- clickshare
Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the root password by downloading and extracting the firmware image. 2017-01-12 not yet calculated CVE-2016-3152 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3152
MISC http://packetstormsecurity.com/files/139713/Barco-ClickShare-XSS-Remote-Code-Execution-Path-Traversal.html
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/539754/100/0/threaded
BID http://www.securityfocus.com/bid/94326
blackberry -- blackberry_enterprise_server
An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to obtain local or domain credentials of an administrator or user account by sniffing traffic between the two elements during a login attempt. 2017-01-13 not yet calculated CVE-2016-3130 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3130
CONFIRM http://support.blackberry.com/kb/articleDetail?articleNumber=000038914
blackberry -- blackberry_enterprise_server
A spoofing vulnerability in the Core of BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to enroll an illegitimate device to the BES, gain access to device parameters for the BES, or send false information to the BES by gaining access to specific information about a device that was legitimately enrolled on the BES. 2017-01-13 not yet calculated CVE-2016-3128 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3128
CONFIRM http://support.blackberry.com/kb/articleDetail?articleNumber=000038913
blackberry -- blackberry
A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user to click an attacker-supplied malicious link. 2017-01-13 not yet calculated CVE-2017-3890 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3890
CONFIRM http://support.blackberry.com/kb/articleDetail?articleNumber=000038915
brocade -- network_advisor
A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information. 2017-01-14 not yet calculated CVE-2016-8207 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8207
CONFIRM https://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-180.htm
brocade -- network_advisor
A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed. 2017-01-14 not yet calculated CVE-2016-8205 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8205
CONFIRM https://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-178.htm
brocade -- network_advisor
A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files. 2017-01-14 not yet calculated CVE-2016-8206 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8206
CONFIRM https://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-179.htm
brocade -- network_advisor
A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed. 2017-01-14 not yet calculated CVE-2016-8204 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8204
CONFIRM https://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-177.htm
brocade -- virtual_traffic_manager
A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0 could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster. 2017-01-14 not yet calculated CVE-2016-8201 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8201
CONFIRM https://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-209.htm
cloud_foundry -- cloud_controller
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI-release versions prior to v1.12.0. Cloud Foundry logs the credentials returned from service brokers in Cloud Controller system component logs. These logs are written to disk and often sent to a log aggregator via syslog. 2017-01-13 not yet calculated CVE-2016-9882 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9882
CONFIRM https://www.cloudfoundry.org/cve-2016-9882/
foxit -- foxit_pdf_toolkit
Memory Corruption Vulnerability in Foxit PDF Toolkit v1.3 allows an attacker to cause Denial of Service and Remote Code Execution when the victim opens the specially crafted PDF file. The Vulnerability has been fixed in v2.0. 2017-01-13 not yet calculated CVE-2017-5364 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5364
CONFIRM https://www.foxitsoftware.com/support/security-bulletins.php
gajim -- gajim
The OTR plugin for Gajim sends information in cleartext when using XHTML, which allows remote attackers to obtain sensitive information via unspecified vectors. 2017-01-13 not yet calculated CVE-2016-9107 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9107
MLIST http://www.openwall.com/lists/oss-security/2016/10/30/11
MLIST http://www.openwall.com/lists/oss-security/2016/10/30/2
CONFIRM https://dev.gajim.org/gajim/gajim-plugins/issues/145
CONFIRM https://trac-plugins.gajim.org/changeset/c7c2e519ed63377bc943dd01c4661b0fe49321ae
gerrit -- puppet
The Gerrit configuration in the Openstack Puppet module for Gerrit (aka puppet-gerrit) improperly marks text/html as a safe mimetype, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a crafted review. 2017-01-12 not yet calculated CVE-2016-5737 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5737
MLIST http://www.openwall.com/lists/oss-security/2016/06/22/2
BID http://www.securityfocus.com/bid/91352
CONFIRM https://github.com/openstack-infra/puppet-gerrit/commit/8573c2ee172f66c1667de49685c88fdc8883ca8b
gnu -- guile
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack. 2017-01-12 not yet calculated CVE-2016-8606 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8606
MLIST http://www.openwall.com/lists/oss-security/2016/10/12/2
BID http://www.securityfocus.com/bid/93514
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QTAGSDCTYXTABAA77BQJGNKOOBRV4DK/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNVE5N24FLWDYBQ3LAFMF6BFCWKDO7VM/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJP5S36GTXMDEBXWF6LKKV76DSLNQG44/
gnu -- guile
The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. This is fixed in Guile 2.0.13. Prior versions are affected. 2017-01-12 not yet calculated CVE-2016-8605 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8605
MLIST http://www.openwall.com/lists/oss-security/2016/10/12/1
BID http://www.securityfocus.com/bid/93510
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QTAGSDCTYXTABAA77BQJGNKOOBRV4DK/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNVE5N24FLWDYBQ3LAFMF6BFCWKDO7VM/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJP5S36GTXMDEBXWF6LKKV76DSLNQG44/
google -- android
An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31399736. References: QC-CR#1000546. 2017-01-12 not yet calculated CVE-2016-8423 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8423
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31750190. References: MT-ALPS02974192. 2017-01-12 not yet calculated CVE-2016-8433 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8433
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31471220. References: QC-CR#979426. 2017-01-12 not yet calculated CVE-2016-8422 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8422
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31498403. References: QC-CR#987010. 2017-01-12 2.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8410&vector=(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-8410 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8410
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31495687. References: N-CVE-2016-8409. 2017-01-12 2.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8409&vector=(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-8409 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8409
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#1009695. 2017-01-12 not yet calculated CVE-2016-8437 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8437
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638. 2017-01-12 not yet calculated CVE-2016-8438 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8438
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31749463. References: MT-ALPS02968886. 2017-01-12 not yet calculated CVE-2016-8447 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8447
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31747749. References: MT-ALPS02968909. 2017-01-12 not yet calculated CVE-2016-8446 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8446
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31747590. References: MT-ALPS02968983. 2017-01-12 not yet calculated CVE-2016-8445 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8445
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: QC-CR#1027804. 2017-01-12 not yet calculated CVE-2016-8439 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8439
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31496571. References: N-CVE-2016-8408. 2017-01-12 2.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8408&vector=(AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-8408 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8408
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31802656. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8407&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2016-8407 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8407
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android IDs: A-32438594, A-32635664. 2017-01-13 not yet calculated CVE-2017-0398 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0398
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31495231. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8402&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2016-8402 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8402
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31494725. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8401&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2016-8401 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8401
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An information disclosure vulnerability in the NVIDIA librm library (libnvrm) could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: Kernel-3.18. Android ID: A-31251599. References: N-CVE-2016-8400. 2017-01-12 not yet calculated CVE-2016-8400 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8400
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An information disclosure vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32377688. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0397&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2017-0397 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0397
CONFIRM https://android.googlesource.com/platform/frameworks/av/+/7a3246b870ddd11861eda2ab458b11d723c7f62c
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in visualizer/EffectVisualizer.cpp in libeffects in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31781965. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0396&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2017-0396 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0396
CONFIRM https://android.googlesource.com/platform/frameworks/av/+/557bd7bfe6c4895faee09e46fc9b5304a956c8b7
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31496950. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8404&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2016-8404 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8404
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31495348. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8403&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2016-8403 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8403
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
A denial of service vulnerability in Telephony could enable a remote attacker to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31752213. 2017-01-12 not yet calculated CVE-2017-0394 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0394
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in Contacts could enable a local malicious application to silently create contact information. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32219099. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0395&vector=(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVE-2017-0395 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0395
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31791148. References: MT-ALPS02982181. 2017-01-12 not yet calculated CVE-2016-8448 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8448
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.4. Android ID: A-32178033. 2017-01-12 not yet calculated CVE-2016-8451 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8451
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32338390. 2017-01-12 not yet calculated CVE-2017-0382 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0382
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1. Android ID: A-31677614. 2017-01-12 not yet calculated CVE-2017-0383 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0383
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
A remote code execution vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31607432. 2017-01-12 not yet calculated CVE-2017-0381 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0381
CONFIRM https://android.googlesource.com/platform/external/libopus/+/0d052d64480a30e83fcdda80f4774624e044beb7
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
A denial of service vulnerability in decoder/ihevcd_decode.c in libhevc in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32322258. 2017-01-12 7.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0391&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:C) CVE-2017-0391 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0391
CONFIRM https://android.googlesource.com/platform/external/libhevc/+/a33f6725d7e9f92330f995ce2dcf4faa33f6433f
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
A denial of service vulnerability in VBRISeeker.cpp in libstagefright in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32577290. 2017-01-12 7.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0392&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:C) CVE-2017-0392 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0392
CONFIRM https://android.googlesource.com/platform/frameworks/av/+/453b351ac5bd2b6619925dc966da60adf6b3126c
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32095626. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0384&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-0384 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0384
CONFIRM https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32585400. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0385&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2017-0385 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0385
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
A denial of service vulnerability in Tremolo/dpen.s in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31647370. 2017-01-12 7.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0390&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:C) CVE-2017-0390 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0390
CONFIRM https://android.googlesource.com/platform/external/tremolo/+/5dc99237d49e73c27d3eca54f6ccd97d13f94de0
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in the External Storage Provider could enable a local secondary user to read data from an external storage SD card inserted by the primary user. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32523490. 2017-01-12 not yet calculated CVE-2017-0388 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0388
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32660278. 2017-01-12 not yet calculated CVE-2017-0387 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0387
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32255299. 2017-01-12 not yet calculated CVE-2017-0386 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0386
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-30436808. 2017-01-12 7.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-0393&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:C) CVE-2017-0393 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0393
CONFIRM https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
Unauthenticated messages processed by the UE. Certain NAS messages are processed when no EPS security context exists in the UE. Product: Android. Versions: Kernel 3.18. Android ID: A-31548486. References: QC-CR#877705. 2017-01-12 not yet calculated CVE-2016-8398 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8398
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access sensitive data. Product: Android. Versions: N/A. Android ID: A-32510383. 2017-01-12 not yet calculated CVE-2016-8462 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8462
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access sensitive data. Product: Android. Versions: Kernel-3.18. Android ID: A-32369621. 2017-01-12 2.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8461&vector=(AV:L/AC:L/Au:N/C:P/I:N/A:N) CVE-2016-8461 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8461
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.10. Android ID: A-31668540. References: N-CVE-2016-8460. 2017-01-12 not yet calculated CVE-2016-8460 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8460
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. References: QC-CR#988462. 2017-01-12 not yet calculated CVE-2016-8459 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8459
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30786860. References: QC-CR#586855. 2017-01-12 not yet calculated CVE-2016-8463 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8463
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service (device interoperability: completely permanent or requiring re-flashing the entire operating system). Product: Android. Versions: N/A. Android ID: A-30308784. 2017-01-13 not yet calculated CVE-2016-8467 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8467
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31531758. References: MT-ALPS02961384. 2017-01-12 not yet calculated CVE-2016-8472 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8472
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31528890. References: MT-ALPS02961380. 2017-01-12 not yet calculated CVE-2016-8471 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8471
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31528889. References: MT-ALPS02961395. 2017-01-12 not yet calculated CVE-2016-8470 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8470
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in the camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31351206. References: N-CVE-2016-8469. 2017-01-12 not yet calculated CVE-2016-8469 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8469
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
A denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31850211. 2017-01-12 not yet calculated CVE-2017-0389 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-0389
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
google -- android
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31796940. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8406&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2016-8406 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8406
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31222873. References: N-CVE-2016-6775. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6775&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6775 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6775
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31856351. 2017-01-12 not yet calculated CVE-2016-6772 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6772
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond its access level. This issue is rated as Moderate because it is a local bypass of restrictions on a constrained process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-30202228. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6770&vector=(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVE-2016-6770 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6770
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in Smart Lock could enable a local malicious user to access Smart Lock settings without a PIN. This issue is rated as Moderate because it first requires physical access to an unlocked device where Smart Lock was the last settings pane accessed by the user. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1. Android ID: A-29055171. 2017-01-12 not yet calculated CVE-2016-6769 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6769
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31680980. References: N-CVE-2016-6776. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6776&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6776 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6776
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31910462. References: N-CVE-2016-6777. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6777&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6777 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6777
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31251496. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6780&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-6780 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6780
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31386004. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6779&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-6779 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6779
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31384646. 2017-01-12 7.6 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6778&vector=(AV:N/AC:H/Au:N/C:C/I:C/A:C) CVE-2016-6778 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6778
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31631842. 2017-01-12 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6768&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-6768 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6768
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4. Android ID: A-31833604. 2017-01-12 7.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6767&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:C) CVE-2016-6767 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6767
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31251826. 2017-01-12 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6762&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-6762 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6762
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29617572. References: QC-CR#1055783. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6760&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6760 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6760
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29982686. References: QC-CR#1055766. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6759&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6759 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6759
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30148882. References: QC-CR#1071731. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6758&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6758 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6758
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
A denial of service vulnerability in Telephony could enable a local malicious application to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of local permanent denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31530456. 2017-01-12 7.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6763&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:C) CVE-2016-6763 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6763
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31681434. 2017-01-12 7.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6764&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:C) CVE-2016-6764 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6764
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
A denial of service vulnerability in libmedia and libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31318219. 2017-01-12 7.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6766&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:C) CVE-2016-6766 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6766
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.10. Android ID: A-31385953. References: N-CVE-2016-8397. 2017-01-12 4.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-8397&vector=(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2016-8397 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8397
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 7.0. Android ID: A-31449945. 2017-01-12 7.1 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6765&vector=(AV:N/AC:M/Au:N/C:N/I:N/A:C) CVE-2016-6765 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6765
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31095175. References: MT-ALPS02943455. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6781&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6781 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6781
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An information disclosure vulnerability in the ih264d decoder in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0. Android ID: A-30481714. 2017-01-12 not yet calculated CVE-2016-6773 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6773
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of android.uid.system which makes it execute as the system user, which is a very privileged user on the device. Therefore, the app executing as the system user has been granted a number of powerful permissions even though they are not present in the com.adups.fota.sysoper app's AndroidManifest.xml file. This app provides the com.adups.fota app access to the user's call log, text messages, and various device identifiers through the com.adups.fota.sysoper.provider.InfoProvider component. The com.adups.fota app uses timestamps when it runs and is eligible to exfiltrate the user's PII every 72 hours. If 72 hours have passed since the value of the timestamp, then the exfiltration will be triggered by the user plugging in the device to charge or when they leave or enter a wireless network. The exfiltration occurs in the background without any user interaction. 2017-01-13 not yet calculated CVE-2016-10139 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10139
MISC https://www.kryptowire.com/adups_security_analysis.html
MISC https://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html
google -- android
An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.18. Android ID: A-31251628. References: N-CVE-2016-6790. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6790&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6790 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6790
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of android.uid.system which makes it execute as the system user, which is a very privileged user on the device. The app has an exported broadcast receiver named com.adups.fota.sysoper.WriteCommandReceiver which any app on the device can interact with. Therefore, any app can send a command embedded in an intent which will be executed by the WriteCommandReceiver component which is executing as the system user. The third-party app, utilizing the WriteCommandReceiver, can perform the following actions: call a phone number, factory reset the device, take pictures of the screen, record the screen in a video, install applications, inject events, obtain the Android log, and others. In addition, the com.adups.fota.sysoper.TaskService component will make a request to a URL of http://rebootv5.adsunflower.com/ps/fetch.do where the commands in the String array with a key of sf in the JSON Object sent back by the server will be executed as the system user. Since the connection is made via HTTP, it is vulnerable to a MITM attack. 2017-01-13 not yet calculated CVE-2016-10138 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10138
MISC https://www.kryptowire.com/adups_security_analysis.html
MISC https://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html
google -- android
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31224389. References: MT-ALPS02943506. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6782&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6782 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6782
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sysoper allows any app on the device to read, write, and delete files as the system user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of android.uid.system which makes it execute as the system user, which is a very privileged user on the device. This allows a third-party app to read, write, and delete the user's sent and received text messages and call log. This allows a third-party app to obtain PII from the user without permission to do so. 2017-01-13 not yet calculated CVE-2016-10137 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10137
MISC https://www.kryptowire.com/adups_security_analysis.html
MISC https://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html
google -- android
An information disclosure vulnerability in the MediaTek video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A. Android ID: A-31249105. 2017-01-12 not yet calculated CVE-2016-8396 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8396
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sysoper allows any app on the device to read, write, and delete files as the system user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of android.uid.system which makes it execute as the system user, which is a very privileged user on the device. This allows a third-party app to read, write, and delete files owned by the system user. The third-party app can modify the /data/system/users/0/settings_secure.xml file to add an app as a notification listener to be able to receive the text of notifications as they are received on the device. This also allows the /data/system/users/0/accounts.db to be read which contains authentication tokens for various accounts on the device. The third-party app can obtain privileged information and also modify files to obtain more privileges on the device. 2017-01-13 not yet calculated CVE-2016-10136 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10136
MISC https://www.kryptowire.com/adups_security_analysis.html
MISC https://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html
google -- android
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31748056. References: MT-ALPS02961400. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6785&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6785 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6785
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.18. Android ID: A-31251973. References: N-CVE-2016-6789. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6789&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6789 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6789
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in the MediaTek I2C driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31224428. References: MT-ALPS02943467. 2017-01-12 not yet calculated CVE-2016-6788 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6788
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google -- android
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31350044. References: MT-ALPS02943437. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6783&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6783 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6783
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google --android
An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29421682. References: QC-CR#1055792. 2017-01-12 9.3 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-6761&vector=(AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-6761 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6761
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
google --android
Possible buffer overflow in SMMU system call. Improper input validation in ADSP SID2CB system call may result in hypervisor memory overwrite. Product: Android. Versions: Kernel 3.18. Android ID: A-31625306. References: QC-CR#1036747. 2017-01-12 not yet calculated CVE-2016-8440 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8440
CONFIRM https://source.android.com/security/bulletin/2017-01-01.html
gstreamer -- gstreamer
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read. 2017-01-13 not yet calculated CVE-2016-9809 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9809
MLIST http://www.openwall.com/lists/oss-security/2016/12/01/2
MLIST http://www.openwall.com/lists/oss-security/2016/12/05/8
CONFIRM https://bugzilla.gnome.org/show_bug.cgi?id=774896
CONFIRM https://gstreamer.freedesktop.org/releases/1.10/#1.10.2
gstreamer -- gstreamer
The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs. 2017-01-13 not yet calculated CVE-2016-9808 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9808
MLIST http://www.openwall.com/lists/oss-security/2016/12/01/2
MLIST http://www.openwall.com/lists/oss-security/2016/12/05/8
CONFIRM https://gstreamer.freedesktop.org/releases/1.10/#1.10.2
MISC https://scarybeastsecurity.blogspot.com/2016/11/0day-poc-incorrect-fix-for-gstreamer.html
gstreamer -- gstreamer
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file. 2017-01-13 not yet calculated CVE-2016-9811 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9811
MLIST http://www.openwall.com/lists/oss-security/2016/12/01/2
MLIST http://www.openwall.com/lists/oss-security/2016/12/05/8
CONFIRM https://bugzilla.gnome.org/show_bug.cgi?id=774902
CONFIRM https://gstreamer.freedesktop.org/releases/1.10/#1.10.2
gstreamer -- gstreamer
The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file. 2017-01-13 not yet calculated CVE-2016-9807 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9807
MLIST http://www.openwall.com/lists/oss-security/2016/12/01/2
MLIST http://www.openwall.com/lists/oss-security/2016/12/05/8
CONFIRM https://bugzilla.gnome.org/show_bug.cgi?id=774859
CONFIRM https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff
CONFIRM https://gstreamer.freedesktop.org/releases/1.10/#1.10.2
gstreamer -- gstreamer
The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. 2017-01-13 not yet calculated CVE-2016-9813 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9813
MLIST http://www.openwall.com/lists/oss-security/2016/12/01/2
MLIST http://www.openwall.com/lists/oss-security/2016/12/05/8
CONFIRM https://bugzilla.gnome.org/show_bug.cgi?id=775120
CONFIRM https://gstreamer.freedesktop.org/releases/1.10/#1.10.2
gstreamer -- gstreamer
The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section. 2017-01-13 not yet calculated CVE-2016-9812 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9812
MLIST http://www.openwall.com/lists/oss-security/2016/12/01/2
MLIST http://www.openwall.com/lists/oss-security/2016/12/05/8
CONFIRM https://bugzilla.gnome.org/show_bug.cgi?id=775048
CONFIRM https://gstreamer.freedesktop.org/releases/1.10/#1.10.2
gstreamer -- gstreamer
The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, which triggers an incorrect unref call. 2017-01-13 not yet calculated CVE-2016-9810 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9810
MLIST http://www.openwall.com/lists/oss-security/2016/12/01/2
MLIST http://www.openwall.com/lists/oss-security/2016/12/05/8
CONFIRM https://bugzilla.gnome.org/show_bug.cgi?id=774897
CONFIRM https://gstreamer.freedesktop.org/releases/1.10/#1.10.2
ipv6 -- ipv6
An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big (PTB) messages. (The scope of this CVE is all affected IPv6 implementations from all vendors.) The security implications of IP fragmentation have been discussed at length in [RFC6274] and [RFC7739]. An attacker can leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow (in scenarios in which actual fragmentation of packets is not needed) and can subsequently perform any type of fragmentation-based attack against legacy IPv6 nodes that do not implement [RFC6946]. That is, employing fragmentation where not actually needed allows for fragmentation-based attack vectors to be employed, unnecessarily. We note that, unfortunately, even nodes that already implement [RFC6946] can be subject to DoS attacks as a result of the generation of IPv6 atomic fragments. Let us assume that Host A is communicating with Host B and that, as a result of the widespread dropping of IPv6 packets that contain extension headers (including fragmentation) [RFC7872], some intermediate node filters fragments between Host B and Host A. If an attacker sends a forged ICMPv6 PTB error message to Host B, reporting an MTU smaller than 1280, this will trigger the generation of IPv6 atomic fragments from that moment on (as required by [RFC2460]). When Host B starts sending IPv6 atomic fragments (in response to the received ICMPv6 PTB error message), these packets will be dropped, since we previously noted that IPv6 packets with extension headers were being dropped between Host B and Host A. Thus, this situation will result in a DoS scenario. Another possible scenario is that in which two BGP peers are employing IPv6 transport and they implement Access Control Lists (ACLs) to drop IPv6 fragments (to avoid control-plane attacks). If the aforementioned BGP peers drop IPv6 fragments but still honor received ICMPv6 PTB error messages, an attacker could easily attack the corresponding peering session by simply sending an ICMPv6 PTB message with a reported MTU smaller than 1280 bytes. Once the attack packet has been sent, the aforementioned routers will themselves be the ones dropping their own traffic. 2017-01-14 not yet calculated CVE-2016-10142 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10142
MISC https://tools.ietf.org/html/draft-ietf-6man-deprecate-atomfrag-generation-08
MISC https://tools.ietf.org/html/rfc8021
jasper -- jasper
The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. 2017-01-13 not yet calculated CVE-2016-8883 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8883
MLIST http://www.openwall.com/lists/oss-security/2016/10/17/1
MLIST http://www.openwall.com/lists/oss-security/2016/10/23/8
CONFIRM https://github.com/mdadams/jasper/issues/32
jasper -- jasper
The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. 2017-01-13 not yet calculated CVE-2016-8882 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8882
MLIST http://www.openwall.com/lists/oss-security/2016/10/17/1
MLIST http://www.openwall.com/lists/oss-security/2016/10/23/8
CONFIRM https://github.com/mdadams/jasper/issues/30
jenkins -- jenkins
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server. 2017-01-12 not yet calculated CVE-2016-9299 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9299
MLIST http://www.openwall.com/lists/oss-security/2016/11/12/4
MLIST http://www.openwall.com/lists/oss-security/2016/11/14/9
BID http://www.securityfocus.com/bid/94281
MISC http://www.slideshare.net/codewhitesec/java-deserialization-vulnerabilities-the-forgotten-bug-class-deepsec-edition
MLIST https://groups.google.com/forum/#!original/jenkinsci-advisories/-fc-w9tNEJE/GRvEzWoJBgAJ
MLIST https://groups.google.com/forum/#!original/jenkinsci-advisories/-fc-w9tNEJE/LZ7EOS0fBgAJ
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW2KUKYLNLVDB7STLHLYALCUFLEGCRM6/
CONFIRM https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-11-16
CONFIRM https://www.cloudbees.com/jenkins-security-advisory-2016-11-16
lenovo -- xclarity_administrator
Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code. 2017-01-12 not yet calculated CVE-2016-8221 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8221
CONFIRM https://support.lenovo.com/us/en/product_security/LEN_10605
lg -- mtklogger
An issue was discovered on LG devices using the MTK chipset with L(5.0/5.1), M(6.0/6.0.1), and N(7.0) software, and RCA Voyager Tablet, BLU Advance 5.0, and BLU R1 HD devices. The MTKLogger app with a package name of com.mediatek.mtklogger has application components that are accessible to any application that resides on the device. Namely, the com.mediatek.mtklogger.framework.LogReceiver and com.mediatek.mtklogger.framework.MTKLoggerService application components are exported since they contain an intent filter, are not protected by a custom permission, and do not explicitly set the android:exported attribute to false. Therefore, these components are exported by default and are thus accessible to any third party application by using android.content.Intent object for communication. These application components can be used to start and stop the logs using Intent objects with embedded data. The available logs are the GPS log, modem log, network log, and mobile log. The base directory that contains the directories for the 4 types of logs is /sdcard/mtklog which makes them accessible to apps that require the READ_EXTERNAL_STORAGE permission. The GPS log contains the GPS coordinates of the user as well as a timestamp for the coordinates. The modem log contains AT commands and their parameters which allow the user's outgoing and incoming calls and text messages to be obtained. The network log is a tcpdump network capture. The mobile log contains the Android log, which is not available to third-party apps as of Android 4.1. The LG ID is LVE-SMP-160019. 2017-01-13 not yet calculated CVE-2016-10135 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10135
MISC https://lgsecurity.lge.com/security_updates.html
libbsd -- libbsd
Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow. 2017-01-13 not yet calculated CVE-2016-2090 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2090
MLIST http://www.openwall.com/lists/oss-security/2016/01/28/5
MISC https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html
CONFIRM https://bugs.freedesktop.org/show_bug.cgi?id=93881
CONFIRM https://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KJE5SPSX7HEKLZ34LUTZLXWPEL2K353/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIQKQ42Z7553D46QY3IMIQKS52QTNIHY/
liferay -- portal
Liferay Portal through 6.2.10 allows remote authenticated users to execute arbitrary shell commands via a crafted Velocity template. 2017-01-13 not yet calculated CVE-2010-5327 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5327
CONFIRM https://dev.liferay.com/web/community-security-team/known-vulnerabilities
CONFIRM https://dev.liferay.com/web/community-security-team/known-vulnerabilities/-/asset_publisher/4AHAYapUm8Xc/content/lps-64547-remote-code-execution-and-privilege-escalation-in-templates
CONFIRM https://github.com/liferay/liferay-portal/commit/90c4e85a8f8135f069f3f05e4d54a77704769f91
CONFIRM https://issues.liferay.com/browse/LPE-14964
CONFIRM https://issues.liferay.com/browse/LPS-64547
CONFIRM https://issues.liferay.com/browse/LPS-7087
linux -- linux_kernel
arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt. 2017-01-14 not yet calculated CVE-2017-2584 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2584
CONFIRM http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=129a72a0d3c8e139a04512325384fe5ac119e74d
MLIST http://www.openwall.com/lists/oss-security/2017/01/13/7
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1413001
CONFIRM https://github.com/torvalds/linux/commit/129a72a0d3c8e139a04512325384fe5ac119e74d
linux -- linux_kernel
The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driver for Linux allows local users to gain privileges via a crafted application that makes an MT6573FDVTIOC_T_SET_FDCONF_CMD IOCTL call. 2017-01-12 not yet calculated CVE-2016-6492 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6492
MISC http://packetstormsecurity.com/files/138113/MediaTek-Driver-Privilege-Escalation.html
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/539058/100/0/threaded
BID http://www.securityfocus.com/bid/92207
CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
linux -- linux_kernel
Cross-site request forgery (CSRF) vulnerability in ntopng through 2.4 allows remote attackers to hijack the authentication of arbitrary users, as demonstrated by admin/add_user.lua, admin/change_user_prefs.lua, admin/delete_user.lua, and admin/password_reset.lua. 2017-01-14 not yet calculated CVE-2017-5473 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5473
CONFIRM https://github.com/ntop/ntopng/commit/1b2ceac8f578a246af6351c4f476e3102cdf21b3
CONFIRM https://github.com/ntop/ntopng/commit/f91fbe3d94c8346884271838ae3406ae633f6f15
matrixssl -- matrixssl
The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read and crash) via a (1) zero value or (2) the key's modulus for the secret key during RSA key exchange. 2017-01-13 not yet calculated CVE-2016-6886 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6886
CONFIRM http://www.matrixssl.org/blog/releases/matrixssl_3_8_4
MISC https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html
matrixssl -- matrixssl
The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular expontiation, which might allow remote attackers to predict the secret key via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6887. 2017-01-13 not yet calculated CVE-2016-8671 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8671
MLIST http://www.openwall.com/lists/oss-security/2016/10/15/2
MLIST http://www.openwall.com/lists/oss-security/2016/10/15/8
MISC https://blog.fuzzing-project.org/54-Update-on-MatrixSSL-miscalculation-CVE-2016-8671,-incomplete-fix-for-CVE-2016-6887.html
matrixssl -- matrixssl
The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular expontiation, which might allow remote attackers to predict the secret key via a CRT attack. 2017-01-13 not yet calculated CVE-2016-6887 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6887
CONFIRM http://www.matrixssl.org/blog/releases/matrixssl_3_8_4
MISC https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html
matrixssl -- matrixssl
The pstm_exptmod function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid free and crash) via a base zero value for the modular exponentiation. 2017-01-13 not yet calculated CVE-2016-6885 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6885
CONFIRM http://www.matrixssl.org/blog/releases/matrixssl_3_8_4
MISC https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html
ntp -- ntp
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet. 2017-01-13 not yet calculated CVE-2016-9311 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9311
CONFIRM http://nwtime.org/ntp428p9_release/
CONFIRM http://support.ntp.org/bin/view/Main/NtpBug3119
CONFIRM http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
CERT-VN https://www.kb.cert.org/vuls/id/633847
ntp -- ntp
NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use. 2017-01-13 not yet calculated CVE-2016-7429 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7429
CONFIRM http://nwtime.org/ntp428p9_release/
CONFIRM http://support.ntp.org/bin/view/Main/NtpBug3072
CONFIRM http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
CERT-VN https://www.kb.cert.org/vuls/id/633847
ntp -- ntp
NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression. 2017-01-13 not yet calculated CVE-2016-7431 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7431
CONFIRM http://nwtime.org/ntp428p9_release/
CONFIRM http://support.ntp.org/bin/view/Main/NtpBug3102
CONFIRM http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
CERT-VN https://www.kb.cert.org/vuls/id/633847
ntp -- ntp
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion." 2017-01-13 not yet calculated CVE-2016-7433 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7433
CONFIRM http://nwtime.org/ntp428p9_release/
CONFIRM http://support.ntp.org/bin/view/Main/NtpBug3067
CONFIRM http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
CERT-VN https://www.kb.cert.org/vuls/id/633847
ntp -- ntp
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query. 2017-01-13 not yet calculated CVE-2016-7434 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7434
CONFIRM http://nwtime.org/ntp428p9_release/
CONFIRM http://support.ntp.org/bin/view/Main/NtpBug3082
CONFIRM http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
CERT-VN https://www.kb.cert.org/vuls/id/633847
ntp -- ntp
ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet. 2017-01-13 not yet calculated CVE-2016-7428 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7428
CONFIRM http://nwtime.org/ntp428p9_release/
CONFIRM http://support.ntp.org/bin/view/Main/NtpBug3113
CONFIRM http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
CERT-VN https://www.kb.cert.org/vuls/id/633847
ntp -- ntp
The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet. 2017-01-13 not yet calculated CVE-2016-7427 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7427
CONFIRM http://nwtime.org/ntp428p9_release/
CONFIRM http://support.ntp.org/bin/view/Main/NtpBug3114
CONFIRM http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
CERT-VN https://www.kb.cert.org/vuls/id/633847
ntp -- ntp
The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet. 2017-01-13 not yet calculated CVE-2016-9310 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9310
CONFIRM http://nwtime.org/ntp428p9_release/
CONFIRM http://support.ntp.org/bin/view/Main/NtpBug3118
CONFIRM http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
CERT-VN https://www.kb.cert.org/vuls/id/633847
ntp -- ntp
ntpd in NTP before 4.2.8p9, when running on Windows, allows remote attackers to cause a denial of service via a large UDP packet. 2017-01-13 not yet calculated CVE-2016-9312 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9312
CONFIRM http://nwtime.org/ntp428p9_release/
CONFIRM http://support.ntp.org/bin/view/Main/NtpBug3110
CONFIRM http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
CERT-VN https://www.kb.cert.org/vuls/id/633847
ntp -- ntp
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address. 2017-01-13 not yet calculated CVE-2016-7426 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7426
CONFIRM http://nwtime.org/ntp428p9_release/
CONFIRM http://support.ntp.org/bin/view/Main/NtpBug3071
CONFIRM http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
CERT-VN https://www.kb.cert.org/vuls/id/633847
puppet_enterprise -- console
Open redirect vulnerability in the Console in Puppet Enterprise before 2015.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the string parameter. 2017-01-12 not yet calculated CVE-2015-6501 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6501
CONFIRM https://puppet.com/security/cve/CVE-2015-6501
puppet_enterprise -- console
Open redirect vulnerability in the Console in Puppet Enterprise 2015.x and 2016.x before 2016.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a // (slash slash) followed by a domain in the redirect parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6501. 2017-01-12 not yet calculated CVE-2016-5715 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5715
MISC http://hyp3rlinx.altervista.org/advisories/PUPPET-AUTHENTICATION-REDIRECT.txt
MISC http://packetstormsecurity.com/files/139302/Puppet-Enterprise-Web-Interface-Open-Redirect.html
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/539618/100/0/threaded
BID http://www.securityfocus.com/bid/93846
CONFIRM https://puppet.com/security/cve/cve-2016-5715
serendipity -- serendipity
Serendipity through 2.0.5 allows CSRF for the installation of an event plugin or a sidebar plugin. 2017-01-14 not yet calculated CVE-2017-5476 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5476
CONFIRM https://github.com/s9y/Serendipity/issues/439
serendipity -- serendipity
comment.php in Serendipity through 2.0.5 allows CSRF in deleting any comments. 2017-01-14 not yet calculated CVE-2017-5475 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5475
CONFIRM https://github.com/s9y/Serendipity/issues/439
serendipity -- serendipity
Open redirect vulnerability in comment.php in Serendipity through 2.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header. 2017-01-14 not yet calculated CVE-2017-5474 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5474
CONFIRM https://github.com/s9y/Serendipity/commit/6285933470bab2923e4573b5d54ba9a32629b0cd
smack -- smack
Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response. 2017-01-12 not yet calculated CVE-2016-10027 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10027
MLIST http://www.openwall.com/lists/oss-security/2016/12/22/12
BID http://www.securityfocus.com/bid/95129
CONFIRM https://community.igniterealtime.org/blogs/ignite/2016/11/22/smack-security-advisory-2016-11-22
CONFIRM https://github.com/igniterealtime/Smack/commit/059ee99ba0d5ff7758829acf5a9aeede09ec820b
CONFIRM https://github.com/igniterealtime/Smack/commit/a9d5cd4a611f47123f9561bc5a81a4555fe7cb04
CONFIRM https://issues.igniterealtime.org/projects/SMACK/issues/SMACK-739
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4WXAZ4JVJXHMEDDXJVWJHPVBF5QCTZF/
web2py -- web2py
Web2py versions 2.14.5 and below was affected by Local File Inclusion vulnerability, which allows a malicious intended user to read/access web server sensitive files. 2017-01-11 5.0 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4806&vector=(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVE-2016-4806 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4806
MISC http://packetstormsecurity.com/files/137070/Web2py-2.14.5-CSRF-XSS-Local-File-Inclusion.html
EXPLOIT-DB https://www.exploit-db.com/exploits/39821/
web2py -- web2py
Web2py versions 2.14.5 and below was affected by CSRF (Cross Site Request Forgery) vulnerability, which allows an attacker to trick a logged in user to perform some unwanted actions i.e An attacker can trick an victim to disable the installed application just by sending a URL to victim. 2017-01-11 6.8 https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2016-4808&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-4808 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4808
MISC http://packetstormsecurity.com/files/137070/Web2py-2.14.5-CSRF-XSS-Local-File-Inclusion.html
EXPLOIT-DB https://www.exploit-db.com/exploits/39821/
wordpress -- wordpress
Cross-site request forgery (CSRF) vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php and wp-admin/widgets.php. 2017-01-14 not yet calculated CVE-2017-5492 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5492
MLIST http://www.openwall.com/lists/oss-security/2017/01/14/6
CONFIRM https://codex.wordpress.org/Version_4.7.1
CONFIRM https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
CONFIRM https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
wordpress -- wordpress
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted (1) site signup or (2) user signup. 2017-01-14 not yet calculated CVE-2017-5493 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5493
MLIST http://www.openwall.com/lists/oss-security/2017/01/14/6
CONFIRM https://codex.wordpress.org/Version_4.7.1
CONFIRM https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
CONFIRM https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
wordpress -- wordpress
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name. 2017-01-14 not yet calculated CVE-2017-5491 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5491
MLIST http://www.openwall.com/lists/oss-security/2017/01/14/6
CONFIRM https://codex.wordpress.org/Version_4.7.1
CONFIRM https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
CONFIRM https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
wordpress -- wordpress
Cross-site request forgery (CSRF) vulnerability in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload. 2017-01-14 not yet calculated CVE-2017-5489 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5489
MLIST http://www.openwall.com/lists/oss-security/2017/01/14/6
CONFIRM https://codex.wordpress.org/Version_4.7.1
CONFIRM https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
wordpress -- wordpress
wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request. 2017-01-14 not yet calculated CVE-2017-5487 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5487
MLIST http://www.openwall.com/lists/oss-security/2017/01/14/6
CONFIRM https://codex.wordpress.org/Version_4.7.1
CONFIRM https://github.com/WordPress/WordPress/commit/daf358983cc1ce0c77bf6d2de2ebbb43df2add60
CONFIRM https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
MISC https://www.wordfence.com/blog/2016/12/wordfence-blocks-username-harvesting-via-new-rest-api-wp-4-7/
wordpress -- wordpress
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) version header of a plugin. 2017-01-14 not yet calculated CVE-2017-5488 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5488
MLIST http://www.openwall.com/lists/oss-security/2017/01/14/6
CONFIRM https://codex.wordpress.org/Version_4.7.1
CONFIRM https://github.com/WordPress/WordPress/commit/c9ea1de1441bb3bda133bf72d513ca9de66566c2
CONFIRM https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
wordpress -- wordpress
Cross-site scripting (XSS) vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to wp-admin/includes/class-theme-installer-skin.php. 2017-01-14 not yet calculated CVE-2017-5490 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5490
MLIST http://www.openwall.com/lists/oss-security/2017/01/14/6
CONFIRM https://codex.wordpress.org/Version_4.7.1
CONFIRM https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
CONFIRM https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
MISC https://www.mehmetince.net/low-severity-wordpress/
Back to top https://www.us-cert.gov#top
---------------------------------------------
This product is provided subject to this Notification http://www.us-cert.gov/privacy/notification and this Privacy & Use http://www.us-cert.gov/privacy/ policy.
---------------------------------------------
A copy of this publication is available at www.us-cert.gov https://www.us-cert.gov . If you need help or have questions, please send an email to info at us-cert.gov mailto:info at us-cert.gov . Do not reply to this message since this email was sent from a notification-only address that is not monitored. To ensure you receive future US-CERT products, please add US-CERT at ncas.us-cert.gov to your address book.
OTHER RESOURCES:
Contact Us http://www.us-cert.gov/contact-us/ | Security Publications http://www.us-cert.gov/security-publications | Alerts and Tips http://www.us-cert.gov/ncas | Related Resources http://www.us-cert.gov/related-resources
STAY CONNECTED:
[Sign up for email updates] http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new
SUBSCRIBER SERVICES:
Manage Preferences http://public.govdelivery.com/accounts/USDHSUSCERT/subscribers/new?preferences=true | Unsubscribe https://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/one_click_unsubscribe?verification=5.b03cc84c90ac58ffb6e970add416fb2d&destination=w3hwn%40arrl.net | Help https://subscriberhelp.govdelivery.com/
---------------------------------------------
This email was sent to w3hwn at arrl.net using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray Lane SW Bldg 410 · Washington, DC 20598 · (888) 282-0870 [Powered by GovDelivery] http://www.govdelivery.com/portals/powered-by
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amrad.org/pipermail/tacos/attachments/20170116/8042b5bd/attachment-0001.html>
More information about the Tacos
mailing list