2016 VULNERABILITY DATABASE
Summary: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031.
Published: 4/8/2016 9:59:29 PM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 10.0 HIGH
Summary: Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Published: 4/8/2016 9:59:28 PM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 10.0 HIGH
Summary: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031.
Published: 4/8/2016 9:59:27 PM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 10.0 HIGH
Summary: Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data.
Published: 4/8/2016 9:59:26 PM
Summary: McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allow local administrators to bypass intended self-protection rules and modify registry keys and files via unspecified vectors.
Published: 4/8/2016 11:59:10 AM
Summary: McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass malware detection by leveraging information about the parent process.
Published: 4/8/2016 11:59:09 AM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
Summary: Siemens SCALANCE S613 allows remote attackers to cause a denial of service (web-server outage) via traffic to TCP port 443.
Published: 4/8/2016 11:59:08 AM
CVSS Severity: v3 - 5.3 MEDIUM v2 - 5.0 MEDIUM
Summary: The password hasher in contrib/auth/hashers.py in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to enumerate users via a timing attack involving login requests.
Published: 4/8/2016 11:59:07 AM
CVSS Severity: v3 - 3.1 LOW v2 - 2.6 LOW
Summary: The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting (XSS) attacks via a URL containing basic authentication, as demonstrated by http://mysite.example.com\@attacker.com.
Published: 4/8/2016 11:59:06 AM
CVSS Severity: v3 - 7.4 HIGH v2 - 4.3 MEDIUM
Summary: Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
Published: 4/8/2016 11:59:05 AM
Summary: Cross-site scripting (XSS) vulnerability in Cisco IP Interoperability and Collaboration System 4.10(1) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy12339.
Published: 4/8/2016 11:59:04 AM
Summary: Cross-site scripting (XSS) vulnerability in the Cyber-Will Social-button Premium plugin before 1.1 for EC-CUBE 2.13.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Published: 4/8/2016 11:59:02 AM
Summary: The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.
Published: 4/8/2016 11:59:01 AM
Summary: The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors.
Published: 4/8/2016 11:59:00 AM
Summary: The Java Startup Framework (aka jstart) in SAP JAVA AS 7.4 allows remote attackers to cause a denial of service via a crafted HTTP request, aka SAP Security Note 2259547.
Published: 4/8/2016 10:59:09 AM
Summary: Internet Communication Manager (aka ICMAN or ICM) in SAP JAVA AS 7.4 allows remote attackers to cause a denial of service via a crafted HTTP request, aka SAP Security Note 2256185.
Published: 4/8/2016 10:59:08 AM
Summary: The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" parameter to "login."
Published: 4/8/2016 10:59:07 AM
Summary: The _prepopulate_request_walk function in the Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the (1) actions, (2) container, (3) token, (4) password, (5) password_confirm, (6) text_format, or (7) markup field type, and consequently have unspecified impact, via unspecified vectors.
Published: 4/8/2016 10:59:06 AM
Summary: The Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the REQUEST superglobal array, and consequently have unspecified impact, via a base64-encoded pp parameter.
Published: 4/8/2016 10:59:05 AM
Summary: The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object.
Published: 4/8/2016 10:59:04 AM
Summary: SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to execute arbitrary PHP code by adding content, related to the filtrer_entites function.
Published: 4/8/2016 10:59:03 AM
Summary: Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.
Published: 4/8/2016 10:59:02 AM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 10.0 HIGH
Summary: revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.
Published: 4/8/2016 10:59:01 AM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 10.0 HIGH
Summary: Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra Collaboration Server (ZCS) before 8.5 allow remote attackers to hijack the authentication of arbitrary users for requests that change account preferences via a SOAP request to service/soap/BatchRequest.
Published: 4/8/2016 10:59:00 AM
CVSS Severity: v3 - 8.8 HIGH v2 - 6.8 MEDIUM
Summary: The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp, or (3) webcontent/aas/aas_store.jsp, aka SAP Security Note 1945215.
Published: 4/7/2016 8:59:00 PM
CVSS Severity: v3 - 6.3 MEDIUM v2 - 6.5 MEDIUM
Summary: Directory traversal vulnerability in SAP NetWeaver AS Java 7.4 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors related to CrashFileDownloadServlet, aka SAP Security Note 2234971.
Published: 4/7/2016 7:59:10 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
Summary: Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow.
Published: 4/7/2016 7:59:09 PM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 7.5 HIGH
Summary: Cross-site scripting (XSS) vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Published: 4/7/2016 7:59:08 PM
CVSS Severity: v3 - 6.1 MEDIUM v2 - 4.3 MEDIUM
Summary: Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request.
Published: 4/7/2016 7:59:07 PM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 7.5 HIGH
Summary: Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method.
Published: 4/7/2016 7:59:06 PM
CVSS Severity: v3 - 7.3 HIGH v2 - 7.5 HIGH
Summary: Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1.14.2 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0752.
Published: 4/7/2016 7:59:05 PM
CVSS Severity: v3 - 5.3 MEDIUM v2 - 5.0 MEDIUM