Wykryte podatności z ostatnich dni, zebrane przez US-CERT

utworzone przez | mar 1, 2017 | Alerty | 0 komentarzy

 

Na stronach US CERT został opublikowany biuletyn dotyczący ostatnio wykrytych luk, zachęcamy do zapoznania się z biuletynem SB17-058 lub przeczytania ponizej jego streszczenia:

 

 

 

Podsumowanie wykrytych luk od 16 lutego.

Punktacja i ważności:

 

High – wynik podstawowy CVSS 7,0 – 10,0 – podatności zostaną oznakowane jako wysoka ważność,

Medium – wynik podstawowy CVSS 4,0 – 6,9 – podatności zostaną oznakowane jako Średnia ważność
Low – wynik podstawowy CVSS 0.0 – 3.9 – podatności zostaną oznakowane jako Niska ważność 

 

 

 

 

 

High Vulnerabilities

Primary
Vendor — Product		 Description Published CVSS Score Source & Patch Info
aerospike — database_server An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can simply connect to the port to trigger this vulnerability. 2017-02-21 7.5 CVE-2016-9051
MISC
aerospike — database_server An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a function table outside the bounds of an array resulting in remote code execution. An attacker can simply connect to the port to trigger this vulnerability. 2017-02-21 7.5 CVE-2016-9053
MISC
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “WebSheet” component, which allows attackers to bypass a sandbox protection mechanism via unspecified vectors. 2017-02-20 7.5 CVE-2016-7630
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the “AppleGraphicsControl” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. 2017-02-20 9.3 CVE-2016-4662
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the “Kernel” component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (MIG code mishandling and system crash) via unspecified vectors. 2017-02-20 7.2 CVE-2016-4669
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the “ImageIO” component. It allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) via a crafted PDF file. 2017-02-20 9.3 CVE-2016-4671
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the “libxpc” component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. 2017-02-20 9.3 CVE-2016-4675
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the “Thunderbolt” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. 2017-02-20 9.3 CVE-2016-4780
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves the “Intel Graphics Driver” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. 2017-02-20 9.3 CVE-2016-7582
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “Bluetooth” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. 2017-02-20 9.3 CVE-2016-7596
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “Intel Graphics Driver” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. 2017-02-20 9.3 CVE-2016-7602
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the “Kernel” component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages object-lifetime mishandling during process spawning. 2017-02-20 9.3 CVE-2016-7613
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “Bluetooth” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (type confusion) via a crafted app. 2017-02-20 9.3 CVE-2016-7617
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “kext tools” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. 2017-02-20 9.3 CVE-2016-7629
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “Directory Services” component. It allows local users to gain privileges or cause a denial of service (use-after-free) via unspecified vectors. 2017-02-20 7.2 CVE-2016-7633
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the “Power Management” component. It allows local users to gain privileges via unspecified vectors related to Mach port name references. 2017-02-20 7.2 CVE-2016-7661
BID
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the “Bluetooth” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. 2017-02-20 9.3 CVE-2017-2353
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the “Graphics Drivers” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. 2017-02-20 9.3 CVE-2017-2358
BID
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “IOHIDFamily” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. 2017-02-20 9.3 CVE-2016-7591
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Kernel” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. 2017-02-20 9.3 CVE-2016-7606
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Kernel” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. 2017-02-20 9.3 CVE-2016-7612
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Disk Images” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. 2017-02-20 9.3 CVE-2016-7616
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Kernel” component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via unspecified vectors. 2017-02-20 7.2 CVE-2016-7621
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Kernel” component. It allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. 2017-02-20 7.2 CVE-2016-7637
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Kernel” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. 2017-02-20 9.3 CVE-2016-7644
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “syslog” component. It allows local users to gain privileges via unspecified vectors related to Mach port name references. 2017-02-20 7.2 CVE-2016-7660
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “CoreFoundation” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string. 2017-02-20 7.5 CVE-2016-7663
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the “Kernel” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. 2017-02-20 9.3 CVE-2017-2360
BID
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the “Kernel” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app. 2017-02-20 9.3 CVE-2017-2370
BID
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
cmsmadesimple — form_builder CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to execute PHP code via the cntnt01fbrp_forma_form_template parameter in admin_store_form. 2017-02-21 7.5 CVE-2017-6070
MISC
MISC
dell — sonicwall_secure_remote_access_server The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI (/cgi-bin/diagnostics) component responsible for emailing out information about the state of the system. The application doesn’t properly escape the information passed in the ‘tsrDeleteRestartedFile’ or ‘currentTSREmailTo’ variables before making a call to system(), allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account. 2017-02-22 10.0 CVE-2016-9682
CONFIRM
dell — sonicwall_secure_remote_access_server The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the ‘extensionsettings’ CGI (/cgi-bin/extensionsettings) component responsible for handling some of the server’s internal configurations. The CGI application doesn’t properly escape the information it’s passed when processing a particular multi-part form request involving scripts. The filename of the ‘scriptname’ variable is read in unsanitized before a call to system() is performed – allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account. This is SonicWall Issue ID 181195. 2017-02-22 10.0 CVE-2016-9683
CONFIRM
MISC
dell — sonicwall_secure_remote_access_server The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the ‘viewcert’ CGI (/cgi-bin/viewcert) component responsible for processing SSL certificate information. The CGI application doesn’t properly escape the information it’s passed in the ‘CERT’ variable before a call to system() is performed – allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account. 2017-02-22 10.0 CVE-2016-9684
CONFIRM
MISC
disksavvy — disksavvy_enterprise Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request. 2017-02-22 7.5 CVE-2017-6187
EXPLOIT-DB
dlink — websmart_dgs-1510_series_firmware D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DGS-1510-28, and DGS-1510-20 Websmart devices with firmware before 1.31.B003 allow attackers to conduct Unauthenticated Command Bypass attacks via unspecified vectors. 2017-02-23 7.5 CVE-2017-6205
CONFIRM
facebook — hhvm Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. 2017-02-17 7.5 CVE-2016-6870
MLIST
MLIST
CONFIRM
facebook — hhvm Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, which triggers a buffer overflow. 2017-02-17 7.5 CVE-2016-6871
MLIST
MLIST
CONFIRM
facebook — hhvm Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. 2017-02-17 7.5 CVE-2016-6872
MLIST
MLIST
CONFIRM
facebook — hhvm Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. 2017-02-17 7.5 CVE-2016-6873
MLIST
MLIST
CONFIRM
facebook — hhvm The array_*_recursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, related to recursion. 2017-02-17 7.5 CVE-2016-6874
MLIST
MLIST
CONFIRM
facebook — hhvm Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. 2017-02-17 7.5 CVE-2016-6875
MLIST
MLIST
CONFIRM
linux — linux_kernel Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read request involving the “RDMA protocol over infiniband” (aka Soft RoCE) technology. 2017-02-22 7.2 CVE-2016-8636
CONFIRM
CONFIRM
MLIST
CONFIRM
MISC
CONFIRM
linux — linux_kernel Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state. 2017-02-18 7.1 CVE-2017-5986
CONFIRM
CONFIRM
MLIST
CONFIRM
CONFIRM
linux — linux_kernel Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786. 2017-02-18 7.6 CVE-2017-6001
CONFIRM
CONFIRM
MLIST
CONFIRM
CONFIRM
linux — linux_kernel The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call. 2017-02-18 9.3 CVE-2017-6074
MLIST
CONFIRM
mail-masta — mail-masta_plugin A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id. 2017-02-21 7.5 CVE-2017-6095
MISC
metalgenix — genixcms CSRF token bypass in GeniXCMS before 1.0.2 could result in escalation of privileges. The forgotpassword.php page can be used to acquire a token. 2017-02-21 7.5 CVE-2017-5959
CONFIRM
CONFIRM
netgear — dgn2200_firmware ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP POST request. 2017-02-22 10.0 CVE-2017-6077
EXPLOIT-DB
trendmicro — interscan_web_security_virtual_appliance Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update functionality. This was resolved in Version 6.5 CP 1737. 2017-02-21 9.0 CVE-2016-9269
CONFIRM
zyxel — usg50_firmware Zyxel USG50 Security Appliance and NWA3560-N Access Point allow remote attackers to cause a denial of service (CPU consumption) via a flood of ICMPv4 Port Unreachable packets. 2017-02-21 7.8 CVE-2016-10227
MISC
MISC

 

Medium Vulnerabilities

Primary
Vendor — Product		 Description Published CVSS Score Source & Patch Info
aerospike — database_server An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability. 2017-02-21 5.0 CVE-2016-9049
MISC
apple — apple_tv An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the “WebKit” component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. 2017-02-20 4.3 CVE-2017-2350
BID
CONFIRM
CONFIRM
CONFIRM
apple — apple_tv An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2017-2362
BID
CONFIRM
CONFIRM
CONFIRM
apple — apple_tv An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the “WebKit” component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. 2017-02-20 4.3 CVE-2017-2365
BID
CONFIRM
CONFIRM
CONFIRM
apple — apple_tv An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2017-2369
BID
CONFIRM
CONFIRM
CONFIRM
apple — apple_tv An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2017-2373
BID
CONFIRM
CONFIRM
CONFIRM
apple — garageband An issue was discovered in certain Apple products. GarageBand before 10.1.6 is affected. The issue involves the “Projects” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted GarageBand project file. 2017-02-20 6.8 CVE-2017-2374
CONFIRM
apple — icloud An issue was discovered in certain Apple products. iCloud before 6.0.1 is affected. The issue involves the setup subsystem in the “iCloud” component. It allows local users to gain privileges via a crafted dynamic library in an unspecified directory. 2017-02-20 4.6 CVE-2016-7583
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the “Sandbox Profiles” component, which allows attackers to read photo-directory metadata via a crafted app. 2017-02-20 4.3 CVE-2016-4664
BID
CONFIRM
CONFIRM
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the “Sandbox Profiles” component, which allows attackers to read audio-recording metadata via a crafted app. 2017-02-20 4.3 CVE-2016-4665
BID
CONFIRM
CONFIRM
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the “Kernel” component. It allows attackers to obtain sensitive information from kernel memory via a crafted app. 2017-02-20 4.3 CVE-2016-4680
BID
CONFIRM
CONFIRM
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the “iTunes Backup” component, which improperly hashes passwords, making it easier to decrypt files. 2017-02-20 4.3 CVE-2016-4685
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “Mail” component, which does not alert the user to an S/MIME email signature that used a revoked certificate. 2017-02-20 5.0 CVE-2016-4689
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “Image Capture” component, which allows attackers to execute arbitrary code via a crafted USB HID device. 2017-02-20 4.6 CVE-2016-4690
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “SpringBoard” component, which allows physically proximate attackers to bypass the passcode attempt counter and unlock a device via unspecified vectors. 2017-02-20 4.6 CVE-2016-4781
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the “Safari” component, which allows remote web servers to cause a denial of service via a crafted URL. 2017-02-20 4.3 CVE-2016-7581
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “Local Authentication” component, which does not honor the configured screen-lock time interval if the Touch ID prompt is visible. 2017-02-20 4.6 CVE-2016-7601
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “Graphics Driver” component, which allows remote attackers to cause a denial of service via a crafted video. 2017-02-20 4.3 CVE-2016-7665
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “WebKit” component, which allows XSS attacks against Safari. 2017-02-20 4.3 CVE-2016-7762
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the “Contacts” component. It allows remote attackers to cause a denial of service (application crash) via a crafted contact card. 2017-02-20 4.3 CVE-2017-2368
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the “WebKit” component, which allows remote attackers to launch popups via a crafted web site. 2017-02-20 4.3 CVE-2017-2371
BID
CONFIRM
apple — itunes An issue was discovered in certain Apple products. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the “WebKit” component. It allows remote attackers to obtain sensitive information via a crafted web site. 2017-02-20 4.3 CVE-2016-4613
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — itunes An issue was discovered in certain Apple products. iOS before 10 is affected. Safari before 10 is affected. iTunes before 12.5.1 is affected. tvOS before 10 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-4764
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — itunes An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7578
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — itunes An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2017-2354
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — itunes An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2017-2355
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — itunes An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2017-2356
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — itunes An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2017-2366
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — logic_pro_x An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue involves the “Projects” component, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GarageBand project file. 2017-02-20 6.8 CVE-2017-2372
BID
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves a sandbox escape related to launchctl process spawning in the “libxpc” component. 2017-02-20 4.6 CVE-2016-4617
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the “FontParser” component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted font. 2017-02-20 5.8 CVE-2016-4660
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the “ntfs” component, which misparses disk images and allows attackers to cause a denial of service via a crafted app. 2017-02-20 4.3 CVE-2016-4661
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the “NVIDIA Graphics Drivers” component. It allows attackers to cause a denial of service (memory corruption) via a crafted app. 2017-02-20 4.3 CVE-2016-4663
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the “ATS” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font. 2017-02-20 6.8 CVE-2016-4667
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the “CoreGraphics” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG file. 2017-02-20 6.8 CVE-2016-4673
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the “ATS” component. It allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors. 2017-02-20 4.6 CVE-2016-4674
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the “AppleSMC” component. It allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. 2017-02-20 4.6 CVE-2016-4678
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the “libarchive” component, which allows remote attackers to write to arbitrary files via a crafted archive containing a symlink. 2017-02-20 4.3 CVE-2016-4679
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the “Core Image” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG file. 2017-02-20 6.8 CVE-2016-4681
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12 is affected. macOS before 10.12.1 is affected. The issue involves the “ImageIO” component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted SGI file. 2017-02-20 5.8 CVE-2016-4682
BID
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the “ImageIO” component. It allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted SGI file. 2017-02-20 6.8 CVE-2016-4683
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. watchOS before 3.1.3 is affected. The issue involves the “FontParser” component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted font. 2017-02-20 6.8 CVE-2016-4688
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the “IDS – Connectivity” component, which allows man-in-the-middle attackers to spoof calls via a “switch caller” notification. 2017-02-20 4.3 CVE-2016-4721
BID
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the “FaceTime” component, which allows remote attackers to trigger memory corruption and obtain audio data from a call that appeared to have ended. 2017-02-20 4.3 CVE-2016-7577
BID
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. The issue involves the “CFNetwork Proxies” component, which allows man-in-the-middle attackers to spoof a proxy password authentication requirement and obtain sensitive information. 2017-02-20 4.3 CVE-2016-7579
BID
CONFIRM
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves the “Mail” component, which allows remote web servers to cause a denial of service via a crafted URL. 2017-02-20 4.3 CVE-2016-7580
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the “AppleMobileFileIntegrity” component, which allows remote attackers to spoof signed code by using a matching team ID. 2017-02-20 6.8 CVE-2016-7584
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “CoreStorage” component. It allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. 2017-02-20 4.9 CVE-2016-7603
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “CoreCapture” component. It allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. 2017-02-20 4.9 CVE-2016-7604
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “Bluetooth” component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. 2017-02-20 4.3 CVE-2016-7605
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “AppleGraphicsPowerManagement” component. It allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. 2017-02-20 4.9 CVE-2016-7609
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “Foundation” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .gcx file. 2017-02-20 6.8 CVE-2016-7618
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “Grapher” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .gcx file. 2017-02-20 6.8 CVE-2016-7622
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the “CoreMedia External Displays” component. It allows local users to gain privileges or cause a denial of service (type confusion) via unspecified vectors. 2017-02-20 6.8 CVE-2016-7655
BID
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the “CoreText” component. It allows remote attackers to cause a denial of service via a crafted string. 2017-02-20 5.0 CVE-2016-7667
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “xar” component, which allows remote attackers to execute arbitrary code via a crafted archive that triggers use of uninitialized memory locations. 2017-02-20 6.8 CVE-2016-7742
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the “IOAudioFamily” component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app. 2017-02-20 4.3 CVE-2017-2357
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the “Help Viewer” component, which allows XSS attacks via a crafted web site. 2017-02-20 4.3 CVE-2017-2361
BID
MISC
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. tvOS before 10.0.1 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-4666
BID
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. tvOS before 10.0.1 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-4677
BID
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-4692
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 5.8 CVE-2016-4743
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to obtain sensitive information via a crafted web site. 2017-02-20 4.3 CVE-2016-7586
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7587
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component, which allows remote attackers to obtain sensitive information via crafted JavaScript prompts on a web site. 2017-02-20 4.3 CVE-2016-7592
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to obtain sensitive information from process memory via a crafted web site. 2017-02-20 4.3 CVE-2016-7598
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that uses HTTP redirects. 2017-02-20 4.3 CVE-2016-7599
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7610
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7611
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the “WebKit” component. It allows remote attackers to obtain sensitive information via a blob URL on a web site. 2017-02-20 4.3 CVE-2016-7623
BID
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7632
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7635
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7639
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7640
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7641
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7642
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7645
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7646
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7648
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7649
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7652
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7654
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7656
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — safari An issue was discovered in certain Apple products. Safari before 10.0.3 is affected. The issue involves the “Safari” component, which allows remote attackers to spoof the address bar via a crafted web site. 2017-02-20 4.3 CVE-2017-2359
BID
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the “WebKit” component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. 2017-02-20 4.3 CVE-2017-2364
BID
CONFIRM
CONFIRM
apple — transporter An issue was discovered in certain Apple products. Transporter before 1.9.2 is affected. The issue involves the “iTMSTransporter” component, which allows attackers to obtain sensitive information via a crafted EPUB. 2017-02-20 4.3 CVE-2016-7666
BID
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “FontParser” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font. 2017-02-20 6.8 CVE-2016-4691
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Security” component, which makes it easier for attackers to bypass cryptographic protection mechanisms by leveraging use of the 3DES cipher. 2017-02-20 5.0 CVE-2016-4693
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “CoreMedia Playback” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted MP4 file. 2017-02-20 6.8 CVE-2016-7588
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. watchOS before 3.1.3 is affected. The issue involves the “WebKit” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7589
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “ICU” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. 2017-02-20 6.8 CVE-2016-7594
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “CoreText” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font. 2017-02-20 6.8 CVE-2016-7595
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Kernel” component, which allows attackers to obtain sensitive information from kernel memory via a crafted app. 2017-02-20 4.3 CVE-2016-7607
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Kernel” component, which allows local users to cause a denial of service via unspecified vectors. 2017-02-20 4.9 CVE-2016-7615
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. tvOS before 10.1 is affected. watchOS before 3.1.1 is affected. The issue involves the “Profiles” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted certificate profile. 2017-02-20 6.8 CVE-2016-7626
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “CoreGraphics” component. It allows attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted font. 2017-02-20 4.3 CVE-2016-7627
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Security” component, which allows man-in-the-middle attackers to cause a denial of service (application crash) via vectors related to OCSP responder URLs. 2017-02-20 4.3 CVE-2016-7636
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “ImageIO” component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted web site. 2017-02-20 5.8 CVE-2016-7643
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. watchOS before 3.1.1 is affected. The issue involves the “Accounts” component, which allows local users to bypass intended authorization restrictions by leveraging the mishandling of an app uninstall. 2017-02-20 4.6 CVE-2016-7651
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “IOKit” component. It allows attackers to obtain sensitive information from kernel memory via a crafted app. 2017-02-20 4.3 CVE-2016-7657
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Audio” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file. 2017-02-20 6.8 CVE-2016-7658
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Audio” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file. 2017-02-20 6.8 CVE-2016-7659
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “Security” component, which allows remote attackers to spoof certificates via unspecified vectors. 2017-02-20 5.0 CVE-2016-7662
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the “WebKit” component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. 2017-02-20 4.3 CVE-2017-2363
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
cisco — identity_services_engine_software A vulnerability in the sponsor portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access notices owned by other users, because of SQL Injection. More Information: CSCvb15627. Known Affected Releases: 1.4(0.908). 2017-02-21 6.5 CVE-2017-3835
CONFIRM
cisco — intrusion_prevention_system_device_manager A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information stored in certain HTML comments. More Information: CSCuh91455. Known Affected Releases: 7.2(1)V7. 2017-02-21 5.0 CVE-2017-3842
CONFIRM
cisco — meeting_server A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected appliance. More Information: CSCvc89678. Known Affected Releases: 2.1. Known Fixed Releases: 2.1.2. 2017-02-21 5.0 CVE-2017-3830
CONFIRM
cisco — meeting_server An HTTP Packet Processing vulnerability in the Web Bridge interface of the Cisco Meeting Server (CMS), formerly Acano Conferencing Server, could allow an authenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. In addition, the attacker could potentially cause the application to crash unexpectedly, resulting in a denial of service (DoS) condition. The attacker would need to be authenticated and have a valid session with the Web Bridge. Affected Products: This vulnerability affects Cisco Meeting Server software releases prior to 2.1.2. This product was previously known as Acano Conferencing Server. More Information: CSCvc89551. Known Affected Releases: 2.0 2.0.7 2.1. Known Fixed Releases: 2.1.2. 2017-02-21 5.5 CVE-2017-3837
CONFIRM
cisco — prime_collaboration_assurance A vulnerability in the file download functions for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to download system files that should be restricted. More Information: CSCvc99446. Known Affected Releases: 11.5(0). 2017-02-21 4.0 CVE-2017-3843
CONFIRM
cisco — prime_collaboration_assurance A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. Affected Products: Cisco Prime Collaboration Assurance software versions 11.0, 11.1, and 11.5 are vulnerable. Cisco Prime Collaboration Assurance software versions prior to 11.0 are not vulnerable. More Information: CSCvc86238. Known Affected Releases: 11.5(0). 2017-02-21 4.0 CVE-2017-3844
CONFIRM
cisco — prime_collaboration_assurance A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Affected Products: Cisco Prime Collaboration Assurance software versions 11.0, 11.1, and 11.5 are vulnerable. Cisco Prime Collaboration Assurance software versions prior to 11.0 are not vulnerable. More Information: CSCvc77783. Known Affected Releases: 11.5(0). 2017-02-21 4.3 CVE-2017-3845
CONFIRM
cisco — secure_access_control_system A vulnerability in Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting (XSS) attack against the user of the web interface of the affected system. More Information: CSCvc04838. Known Affected Releases: 5.8(2.5). 2017-02-21 4.3 CVE-2017-3838
CONFIRM
cisco — secure_access_control_system An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to have read access to part of the information stored in the affected system. More Information: CSCvc04845. Known Affected Releases: 5.8(2.5). 2017-02-21 4.0 CVE-2017-3839
CONFIRM
cisco — secure_access_control_system A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect Vulnerability. More Information: CSCvc04849. Known Affected Releases: 5.8(2.5). 2017-02-21 5.8 CVE-2017-3840
CONFIRM
cisco — secure_access_control_system A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information. More Information: CSCvc04854. Known Affected Releases: 5.8(2.5). 2017-02-21 5.0 CVE-2017-3841
CONFIRM
cisco — unified_communications_manager A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks. More Information: CSCvc49348. Known Affected Releases: 10.5(2.14076.1). Known Fixed Releases: 12.0(0.98000.209) 12.0(0.98000.478) 12.0(0.98000.609). 2017-02-21 4.3 CVE-2017-3821
CONFIRM
cisco — unified_communications_manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. More Information: CSCvb98777. Known Affected Releases: 11.0(1.10000.10) 11.5(1.10000.6). Known Fixed Releases: 11.0(1.23063.1) 11.5(1.12029.1) 11.5(1.12900.11) 11.5(1.12900.21) 11.6(1.10000.4) 12.0(0.98000.156) 12.0(0.98000.178) 12.0(0.98000.369) 12.0(0.98000.470) 12.0(0.98000.536) 12.0(0.98000.6) 12.0(0.98500.6). 2017-02-21 4.3 CVE-2017-3828
CONFIRM
cisco — unified_communications_manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. More Information: CSCvc30999. Known Affected Releases: 12.0(0.98000.280). Known Fixed Releases: 11.0(1.23900.3) 12.0(0.98000.180) 12.0(0.98000.422) 12.0(0.98000.541) 12.0(0.98000.6). 2017-02-21 4.3 CVE-2017-3829
CONFIRM
cisco — unified_communications_manager A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. More Information: CSCvb95951. Known Affected Releases: 12.0(0.99999.2). Known Fixed Releases: 11.0(1.23064.1) 11.5(1.12031.1) 11.5(1.12900.21) 11.5(1.12900.7) 11.5(1.12900.8) 11.6(1.10000.4) 12.0(0.98000.155) 12.0(0.98000.178) 12.0(0.98000.366) 12.0(0.98000.367) 12.0(0.98000.468) 12.0(0.98000.469) 12.0(0.98000.536) 12.0(0.98000.6) 12.0(0.98500.6). 2017-02-21 4.3 CVE-2017-3833
CONFIRM
cisco — unified_communications_manager A vulnerability in the web framework Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. More Information: CSCvb61689. Known Affected Releases: 11.5(1.11007.2). Known Fixed Releases: 12.0(0.98000.162) 12.0(0.98000.178) 12.0(0.98000.383) 12.0(0.98000.488) 12.0(0.98000.536) 12.0(0.98000.6) 12.0(0.98500.6). 2017-02-21 4.0 CVE-2017-3836
CONFIRM
cmsmadesimple — form_builder CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via exportxml. 2017-02-21 5.0 CVE-2017-6071
MISC
MISC
cmsmadesimple — form_builder CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via defaultadmin. 2017-02-21 5.0 CVE-2017-6072
MISC
MISC
digisol — dg-hr1400_firmware Multiple cross-site request forgery (CSRF) vulnerabilities in the access portal on the DIGISOL DG-HR1400 Wireless Router with firmware 1.00.02 allow remote attackers to hijack the authentication of administrators for requests that (1) change the SSID, (2) change the Wi-Fi password, or (3) possibly have unspecified other impact via crafted requests to form2WlanBasicSetup.cgi. 2017-02-21 6.8 CVE-2017-6127
FULLDISC
MISC
dlink — websmart_dgs-1510_series_firmware D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DGS-1510-28, and DGS-1510-20 Websmart devices with firmware before 1.31.B003 allow attackers to conduct Unauthenticated Information Disclosure attacks via unspecified vectors. 2017-02-23 5.0 CVE-2017-6206
CONFIRM
faststone — maxview FastStone MaxView 3.0 and 3.1 allows user-assisted attackers to cause a denial of service (application crash) via a malformed BMP image with a crafted biSize field in the BITMAPINFOHEADER section. 2017-02-21 4.3 CVE-2017-6078
MISC
fedoraproject — fedora The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script. 2017-02-22 5.0 CVE-2016-9956
DEBIAN
MLIST
MLIST
MLIST
BID
FEDORA
FEDORA
CONFIRM
CONFIRM
gomlab — gom_player GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted fpx file. 2017-02-21 6.8 CVE-2017-5881
EXPLOIT-DB
google — chrome Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForce 8600M graphics chips via a crafted HTML page. 2017-02-17 4.3 CVE-2017-5017
BID
CONFIRM
CONFIRM
google — chrome Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. 2017-02-17 4.3 CVE-2017-5018
BID
CONFIRM
CONFIRM
google — chrome A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. 2017-02-17 4.3 CVE-2017-5021
BID
CONFIRM
CONFIRM
google — chrome FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file. 2017-02-17 4.3 CVE-2017-5024
BID
CONFIRM
CONFIRM
html5lib — html5lib The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of the < (less than) character in attribute values. 2017-02-22 4.3 CVE-2016-9909
MLIST
MLIST
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
html5lib — html5lib The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909. 2017-02-22 4.3 CVE-2016-9910
MLIST
MLIST
BID
CONFIRM
CONFIRM
CONFIRM
CONFIRM
ibm — inotes IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010. 2017-02-23 4.3 CVE-2016-5883
CONFIRM
ibm — websphere_mq IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661. 2017-02-22 4.0 CVE-2016-3013
CONFIRM
ibm — websphere_mq IBM WebSphere MQ 8.0, under nonstandard configurations, sends password data in cleartext over the network that could be intercepted using main in the middle techniques. IBM Reference #: 1998660. 2017-02-22 4.3 CVE-2016-3052
CONFIRM
ibm — websphere_mq IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649. 2017-02-22 4.0 CVE-2016-8915
CONFIRM
ibm — websphere_mq IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648. 2017-02-22 4.0 CVE-2016-8986
CONFIRM
inverse-inc — sogo Multiple cross-site scripting (XSS) vulnerabilities in the Web Calendar in SOGo before 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title of an appointment or (2) contact fields. 2017-02-17 4.3 CVE-2014-9905
MLIST
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
inverse-inc — sogo Incomplete blacklist in SOGo before 2.3.12 and 3.x before 3.1.1 allows remote authenticated users to obtain sensitive information by reading the fields in the (1) ics or (2) XML calendar feeds. 2017-02-17 4.0 CVE-2016-6189
MLIST
CONFIRM
CONFIRM
CONFIRM
inverse-inc — sogo SOGo before 2.3.12 and 3.x before 3.1.1 does not restrict access to the UID and DTSTAMP attributes, which allows remote authenticated users to obtain sensitive information about appointments with the “View the Date & Time” restriction, as demonstrated by correlating UIDs and DTSTAMPs between all users. 2017-02-17 4.0 CVE-2016-6190
MLIST
CONFIRM
CONFIRM
CONFIRM
inverse-inc — sogo Multiple cross-site scripting (XSS) vulnerabilities in the View Raw Source page in the Web Calendar in SOGo before 3.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Description, (2) Location, (3) URL, or (4) Title field. 2017-02-17 4.3 CVE-2016-6191
MLIST
CONFIRM
CONFIRM
libdwarf_project — libdwarf The print_frame_inst_bytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via an object file with empty bss-like sections. 2017-02-17 4.3 CVE-2016-5028
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The create_fullest_file_path function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted dwarf file. 2017-02-17 4.3 CVE-2016-5029
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The _dwarf_calculate_info_section_end_ptr function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. 2017-02-17 4.3 CVE-2016-5030
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The print_frame_inst_bytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. 2017-02-17 4.3 CVE-2016-5031
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The dwarf_get_xu_hash_entry function in libdwarf before 20160923 allows remote attackers to cause a denial of service (crash) via a crafted file. 2017-02-17 4.3 CVE-2016-5032
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The print_exprloc_content function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. 2017-02-17 4.3 CVE-2016-5033
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf dwarf_elf_access.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file, related to relocation records. 2017-02-17 4.3 CVE-2016-5034
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The _dwarf_read_line_table_header function in dwarf_line_table_reader.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. 2017-02-17 4.3 CVE-2016-5035
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The dump_block function in print_sections.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted frame data. 2017-02-17 5.0 CVE-2016-5036
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The _dwarf_load_section function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. 2017-02-17 4.3 CVE-2016-5037
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The dwarf_get_macro_startend_file function in dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted string offset for .debug_str. 2017-02-17 5.0 CVE-2016-5038
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The get_attr_value function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted object with all-bits on. 2017-02-17 5.0 CVE-2016-5039
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a large length value in a compilation unit header. 2017-02-17 4.3 CVE-2016-5040
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section. 2017-02-17 5.0 CVE-2016-5042
MLIST
MLIST
CONFIRM
CONFIRM
libdwarf_project — libdwarf The dwarf_dealloc function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted DWARF section. 2017-02-17 5.0 CVE-2016-5043
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The WRITE_UNALIGNED function in dwarf_elf_access.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted DWARF section. 2017-02-17 5.0 CVE-2016-5044
MLIST
MLIST
CONFIRM
libdwarf_project — libdwarf The read_line_table_program function in dwarf_line_table_reader_common.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted input. 2017-02-17 4.3 CVE-2016-7510
MISC
CONFIRM
libdwarf_project — libdwarf Integer overflow in the dwarf_die_deliv.c in libdwarf 20160613 allows remote attackers to cause a denial of service (crash) via a crafted file. 2017-02-17 4.3 CVE-2016-7511
CONFIRM
CONFIRM
linux — linux_kernel The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context. 2017-02-24 4.6 CVE-2017-5669
MISC
CONFIRM
linux — linux_kernel The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag. 2017-02-23 5.0 CVE-2017-6214
CONFIRM
CONFIRM
CONFIRM
mail-masta — mail-masta_plugin A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to WordPress admin) with the GET Parameter: filter_list. 2017-02-21 6.5 CVE-2017-6096
MISC
mail-masta — mail-masta_plugin A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to WordPress admin) with the POST Parameter: camp_id. 2017-02-21 6.5 CVE-2017-6097
MISC
mail-masta — mail-masta_plugin A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to WordPress admin) with the POST Parameter: list_id. 2017-02-21 6.5 CVE-2017-6098
MISC
mantisbt — mantisbt Cross-site scripting (XSS) vulnerability in manage_custom_field_edit_page.php in MantisBT 1.2.19 and earlier allows remote attackers to inject arbitrary web script or HTML via the return parameter. 2017-02-17 4.3 CVE-2016-5364
MLIST
CONFIRM
CONFIRM
CONFIRM
metalgenix — genixcms SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter. 2017-02-17 6.5 CVE-2017-6065
MISC
shadow_project — shadow Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. 2017-02-17 4.6 CVE-2016-6252
MLIST
MLIST
MLIST
MLIST
BID
CONFIRM
CONFIRM
tcpdf_project — tcpdf tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP. 2017-02-23 5.0 CVE-2017-6100
MLIST
CONFIRM
CONFIRM
tnef_project — tnef An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker. 2017-02-23 6.8 CVE-2017-6307
MISC
MISC
MISC
tnef_project — tnef An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation. 2017-02-23 6.8 CVE-2017-6308
MISC
MISC
MISC
tnef_project — tnef An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker. 2017-02-23 6.8 CVE-2017-6309
MISC
MISC
MISC
tnef_project — tnef An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker. 2017-02-23 6.8 CVE-2017-6310
MISC
MISC
MISC
trendmicro — interscan_web_security_virtual_appliance Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to backup the system configuration and download it onto their local machine. This backup file contains sensitive information like passwd/shadow files, RSA certificates, Private Keys and Default Passphrase, etc. This was resolved in Version 6.5 CP 1737. 2017-02-21 4.0 CVE-2016-9314
CONFIRM
trendmicro — interscan_web_security_virtual_appliance Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to change Master Admin’s password and/or add new admin accounts. This was resolved in Version 6.5 CP 1737. 2017-02-21 4.0 CVE-2016-9315
CONFIRM
ytnef_project — ytnef An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “1 of 9. Null Pointer Deref / calloc return value not checked.” 2017-02-23 6.8 CVE-2017-6298
MISC
MISC
MISC
ytnef_project — ytnef An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c.” 2017-02-23 4.3 CVE-2017-6299
MISC
MISC
MISC
ytnef_project — ytnef An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “3 of 9. Buffer Overflow in version field in lib/tnef-types.h.” 2017-02-23 6.8 CVE-2017-6300
MISC
MISC
MISC
ytnef_project — ytnef An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “4 of 9. Out of Bounds Reads.” 2017-02-23 6.8 CVE-2017-6301
MISC
MISC
MISC
ytnef_project — ytnef An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “5 of 9. Integer Overflow.” 2017-02-23 6.8 CVE-2017-6302
MISC
MISC
MISC
ytnef_project — ytnef An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “6 of 9. Invalid Write and Integer Overflow.” 2017-02-23 6.8 CVE-2017-6303
MISC
MISC
MISC
ytnef_project — ytnef An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “7 of 9. Out of Bounds read.” 2017-02-23 6.8 CVE-2017-6304
MISC
MISC
MISC
ytnef_project — ytnef An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “8 of 9. Out of Bounds read and write.” 2017-02-23 6.8 CVE-2017-6305
MISC
MISC
MISC
ytnef_project — ytnef An issue was discovered in ytnef before 1.9.1. This is related to a patch described as “9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c.” 2017-02-23 6.8 CVE-2017-6306
MISC
MISC
MISC

 

Low Vulnerabilities

Primary
Vendor — Product		 Description Published CVSS Score Source & Patch Info
apple — icloud An issue was discovered in certain Apple products. iCloud before 6.1 is affected. The issue involves the “Windows Security” component. It allows local users to obtain sensitive information from iCloud desktop-client process memory via unspecified vectors. 2017-02-20 2.1 CVE-2016-7614
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the “Contacts” component, which does not prevent an app’s Address Book access after access revocation. 2017-02-20 3.6 CVE-2016-4686
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “SpringBoard” component, which allows physically proximate attackers to maintain the unlocked state via vectors related to Handoff with Siri. 2017-02-20 2.1 CVE-2016-7597
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “Accessibility” component, which accepts spoken passwords without considering that they are locally audible. 2017-02-20 2.1 CVE-2016-7634
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “Find My iPhone” component, which allows physically proximate attackers to disable this component by bypassing authentication. 2017-02-20 2.1 CVE-2016-7638
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “Media Player” component, which allows physically proximate attackers to obtain sensitive photo and contact information by leveraging lockscreen access. 2017-02-20 2.1 CVE-2016-7653
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “Accessibility” component. which allows physically proximate attackers to obtain sensitive photo and contact information by leveraging the availability of excessive options during lockscreen access. 2017-02-20 2.1 CVE-2016-7664
BID
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10 is affected. The issue involves the “Springboard” component, which allows physically proximate attackers to obtain sensitive information by viewing application snapshots in the Task Switcher. 2017-02-20 2.1 CVE-2016-7759
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the “Clipboard” component, which allows physically proximate attackers to obtain sensitive information in the lockscreen state by viewing clipboard contents. 2017-02-20 2.1 CVE-2016-7765
CONFIRM
apple — iphone_os An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the “WiFi” component, which allows physically proximate attackers to bypass the activation-lock protection mechanism and view the home screen via unspecified vectors. 2017-02-20 2.1 CVE-2017-2351
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the “Security” component. It allows local users to discover lengths of arbitrary passwords by reading a log. 2017-02-20 2.1 CVE-2016-4670
BID
CONFIRM
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “OpenPAM” component, which allows local users to obtain sensitive information by leveraging mishandling of failed PAM authentication by a sandboxed app. 2017-02-20 2.1 CVE-2016-7600
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “IOFireWireFamily” component, which allows local users to obtain sensitive information from kernel memory via unspecified vectors. 2017-02-20 2.1 CVE-2016-7608
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “IOSurface” component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. 2017-02-20 2.1 CVE-2016-7620
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “IOAcceleratorFamily” component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. 2017-02-20 2.1 CVE-2016-7624
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “IOKit” component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. 2017-02-20 2.1 CVE-2016-7625
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “Assets” component, which allows local users to bypass intended permission restrictions and change a downloaded mobile asset via unspecified vectors. 2017-02-20 2.1 CVE-2016-7628
BID
CONFIRM
apple — mac_os_x An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the “WiFi” component, which allows local users to obtain sensitive network-configuration information by leveraging global storage. 2017-02-20 2.1 CVE-2016-7761
CONFIRM
apple — safari An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the “Safari Reader” component, which allows remote attackers to conduct UXSS attacks via a crafted web site. 2017-02-20 2.6 CVE-2016-7650
BID
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “libarchive” component, which allows local users to write to arbitrary files via vectors related to symlinks. 2017-02-20 2.1 CVE-2016-7619
BID
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the “IOKit” component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. 2017-02-20 2.1 CVE-2016-7714
CONFIRM
CONFIRM
CONFIRM
apple — watch_os An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. watchOS before 3.1.3 is affected. The issue involves the “Unlock with iPhone” component, which allows attackers to bypass the wrist-presence protection mechanism and unlock a Watch device via unspecified vectors. 2017-02-20 2.1 CVE-2017-2352
BID
CONFIRM
CONFIRM
cisco — firepower_management_center A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. More Information: CSCvc72741. Known Affected Releases: 6.2.1. 2017-02-21 3.5 CVE-2017-3847
CONFIRM
f5 — big-ip_application_acceleration_manager F5 BIG-IP 12.0.0 and 11.5.0 – 11.6.1 REST requests which timeout during user account authentication may log sensitive attributes such as passwords in plaintext to /var/log/restjavad.0.log. It may allow local users to obtain sensitive information by reading these files. 2017-02-20 2.1 CVE-2016-6249
CONFIRM
ibm — rational_requirements_composer IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515. 2017-02-23 3.5 CVE-2016-6055
CONFIRM
intersect_alliance — snare_epilog Cross-site scripting (XSS) vulnerability in InterSect Alliance SNARE Epilog for UNIX version 1.5 allows remote authenticated users to inject arbitrary web script or HTML via the str_log_name parameter in a “Web Admin Portal > Log Configuration > Add” action. 2017-02-17 3.5 CVE-2017-5998
MISC
mantisbt — mantisbt MantisBT before 1.3.1 and 2.x before 2.0.0-beta.2 uses a weak Content Security Policy when using the Gravatar plugin, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. 2017-02-17 2.6 CVE-2016-7111
MLIST
MLIST
CONFIRM
CONFIRM
munin-monitoring — munin Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user. 2017-02-22 1.9 CVE-2017-6188
CONFIRM
CONFIRM
trendmicro — interscan_web_security_virtual_appliance Multiple stored Cross-Site-Scripting (XSS) vulnerabilities in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allow authenticated, remote users with least privileges to inject arbitrary HTML/JavaScript code into web pages. This was resolved in Version 6.5 CP 1737. 2017-02-21 3.5 CVE-2016-9316
CONFIRM
vce_vision — intelligent_operations The System Library in VCE Vision Intelligent Operations before 2.6.5 does not properly implement cryptography, which makes it easier for local users to discover credentials by leveraging administrative access. 2017-02-21 2.1 CVE-2015-4056
BUGTRAQ
wolfssl — wolfssl In versions of wolfSSL before 3.10.2 the function fp_mul_comba makes it easier to extract RSA key information for a malicious user who has access to view cache on a machine. 2017-02-23 2.1 CVE-2017-6076
CONFIRM
xen — xen Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging IDT entry miscalculation. 2017-02-22 2.1 CVE-2016-9377
BID
CONFIRM
xen — xen Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging an incorrect choice for software interrupt delivery. 2017-02-22 2.1 CVE-2016-9378
BID
CONFIRM
xen — xen Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table. 2017-02-22 2.1 CVE-2016-9384
BID
CONFIRM
CONFIRM

 

Severity Not Yet Assigned

Primary
Vendor — Product		 Description Published CVSS Score Source & Patch Info
apple — mac_os_x The installPackage function in the installerHelper subcomponent in Libmacgpg in GPG Suite before 2015.06 allows local users to execute arbitrary commands with root privileges via shell metacharacters in the xmlPath argument. 2017-02-22 not yet calculated CVE-2014-4677
MISC
CONFIRM
bilboplanet — bilboplanet Multiple cross-site scripting (XSS) vulnerabilities in Bilboplanet 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) tribe_name or (2) tags parameter in a tribes page request to user/ or the (3) user_id or (4) fullname parameter to signup.php. 2017-02-23 not yet calculated CVE-2014-9916
EXPLOIT-DB
cisco — asyncos_software A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA, both virtual and hardware appliances, that are configured with message or content filters to scan incoming email attachments on the ESA or services scanning content of web access on the WSA. More Information: SCvb91473, CSCvc76500. Known Affected Releases: 10.0.0-203 9.9.9-894 WSA10.0.0-233. 2017-02-21 not yet calculated CVE-2017-3827
CONFIRM
dell — vce_vision_intelligent_operations The “Plug-in for VMware vCenter” in VCE Vision Intelligent Operations before 2.6.5 sends a cleartext HTTP response upon a request for the Settings screen, which allows remote attackers to discover the admin user password by sniffing the network. 2017-02-21 not yet calculated CVE-2015-4057
BUGTRAQ
ghostscript — ghostscript Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document. 2017-02-23 not yet calculated CVE-2017-6196
CONFIRM
CONFIRM
ibm — jazz IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 1998714. 2017-02-24 not yet calculated CVE-2016-9975
CONFIRM
ibm — rhapsody IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 1997798. 2017-02-23 not yet calculated CVE-2016-8974
CONFIRM
ibm — tivoli IBM Tivoli Storage Manager Server 7.1 could allow an authenticated user with TSM administrator privileges to cause a buffer overflow using a specially crafted SQL query and execute arbitrary code on the server. IBM Reference #: 1998747. 2017-02-24 not yet calculated CVE-2016-8998
CONFIRM
ibm — websphere IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647. 2017-02-24 not yet calculated CVE-2016-9009
CONFIRM
justsystems — ichitaro_office JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function’s result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application. 2017-02-24 not yet calculated CVE-2017-2791
MISC
justsystems — ichitaro_office When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application. 2017-02-24 not yet calculated CVE-2017-2790
MISC
justsystems — ichitaro_office When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application. 2017-02-24 not yet calculated CVE-2017-2789
MISC
libdwarf — libdwarf dwarf_form.c in libdwarf 20160115 allows remote attackers to cause a denial of service (crash) via a crafted elf file. 2017-02-24 not yet calculated CVE-2016-5027
MLIST
MLIST
CONFIRM
libiberty — libiberty Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to “ktypevec.” 2017-02-24 not yet calculated CVE-2016-4488
MLIST
CONFIRM
libiberty — libiberty Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to “btypevec.” 2017-02-24 not yet calculated CVE-2016-4487
MLIST
CONFIRM
libiberty — libiberty Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow. 2017-02-24 not yet calculated CVE-2016-2226
MLIST
CONFIRM
libiberty — libiberty Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the “demangling of virtual tables.” 2017-02-24 not yet calculated CVE-2016-4489
MLIST
CONFIRM
libiberty — libiberty Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths. 2017-02-24 not yet calculated CVE-2016-4490
MLIST
CONFIRM
libiberty — libiberty Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary. 2017-02-24 not yet calculated CVE-2016-4492
MLIST
CONFIRM
MLIST
libiberty — libiberty The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary. 2017-02-24 not yet calculated CVE-2016-4493
MLIST
CONFIRM
MLIST
libiberty — libiberty The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having “itself as ancestor more than once.” 2017-02-24 not yet calculated CVE-2016-4491
MLIST
CONFIRM
MLIST
microsoft — windows gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process heap memory via a crafted EMF file, as demonstrated by an EMR_SETDIBITSTODEVICE record with modified Device Independent Bitmap (DIB) dimensions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-3216, CVE-2016-3219, and/or CVE-2016-3220. 2017-02-20 not yet calculated CVE-2017-0038
MISC
opentext — documentum_content_server OpenText Documentum Content Server (formerly EMC Documentum Content Server) 7.3, when PostgreSQL Database is used and return_top_results_row_based config option is false, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and execute arbitrary DML or DDL commands via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2520. 2017-02-22 not yet calculated CVE-2017-5585
MISC
opentext — documentum_d2 OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the BeanShell (bsh) and Apache Commons Collections (ACC) libraries. 2017-02-22 not yet calculated CVE-2017-5586
MISC
EXPLOIT-DB
paypal — paypal Cross-site scripting (XSS) vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK (aka merchant-sdk-php) 3.9.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter. 2017-02-23 not yet calculated CVE-2017-6099
MISC
pcsc-lite — pcsc-lite Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses “cardsList” after the handle has been released through the SCardReleaseContext function. 2017-02-23 not yet calculated CVE-2016-10109
MLIST
BID
UBUNTU
CONFIRM
MLIST
plone — plone Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote authenticated users to bypass Restricted Python by leveraging permissions to create or edit templates. 2017-02-24 not yet calculated CVE-2016-4043
MLIST
CONFIRM
plone — plone Plone 4.0 through 5.1a1 does not have security declarations for Dexterity content-related WebDAV requests, which allows remote attackers to gain webdav access via unspecified vectors. 2017-02-24 not yet calculated CVE-2016-4041
MLIST
CONFIRM
plone — plone Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors. 2017-02-24 not yet calculated CVE-2016-4042
MLIST
CONFIRM
quagga — quagga It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent. 2017-02-22 not yet calculated CVE-2016-1245
CONFIRM
BID
CONFIRM
CONFIRM
CONFIRM
siemens — simatic Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication. 2017-02-21 not yet calculated CVE-2017-2684
CONFIRM
teeworlds — teeworlds The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code via vectors involving snap handling. 2017-02-22 not yet calculated CVE-2016-9400
MLIST
MLIST
BID
CONFIRM
FEDORA
CONFIRM
 radrare — radrare2 The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by the r_read_le32 function. 2017-02-23 not yet calculated CVE-2017-6197
CONFIRM
CONFIRM