National Cyber Awareness System:
07/27/2015 06:08 AM EDT
Original release date: July 27, 2015
The US-CERT Cyber Security Bulletin provides a
summary of new vulnerabilities that have been
recorded by the National Institute of
Standards and Technology (NIST) National
Vulnerability Database (NVD) in the past week.
The NVD is sponsored by the Department
of Homeland Security (DHS) National
Cybersecurity and Communications Integration
Center (NCCIC) / United States
Computer Emergency Readiness Team (US-CERT).
For modified or updated entries, please visit the NVD, which contains historical
vulnerability information.
The vulnerabilities are based on the CVE
vulnerability naming standard and are organized
according to severity, determined by the Common Vulnerability Scoring
System (CVSS) standard. The division of high,
medium, and low severities correspond to the
following scores:
-
High
- Vulnerabilities will be labeled High severity
if they have a CVSS base score of 7.0 - 10.0
-
Medium -
Vulnerabilities will be labeled Medium severity
if they have a CVSS base score of 4.0 - 6.9
-
Low
- Vulnerabilities will be labeled Low severity
if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided
by organizations and efforts sponsored by US-CERT.
This information may include identifying
information, values, definitions, and related links.
Patch information is provided when available. Please
note that some of the information in the bulletins
is compiled from external, open source reports and
is not a direct result of US-CERT analysis.
High Vulnerabilities
Primary
Vendor -- Product |
Description |
Published |
CVSS Score |
Source
& Patch Info |
adobe --
air |
Adobe
Flash Player before 13.0.0.302 and 14.x
through 18.x before 18.0.0.203 on Windows
and OS X and before 11.2.202.481 on Linux,
Adobe AIR before 18.0.0.180, Adobe AIR SDK
before 18.0.0.180, and Adobe AIR SDK &
Compiler before 18.0.0.180 allow attackers
to execute arbitrary code or cause a denial
of service (memory corruption) via
unspecified vectors, a different
vulnerability than CVE-2015-3117,
CVE-2015-3123, CVE-2015-3130, CVE-2015-3133,
CVE-2015-3134, and CVE-2015-4431. |
2015-07-20 |
10.0 |
CVE-2015-5124
CONFIRM |
cisco --
application_policy_infrastructure_controller_(apic) |
Cisco
Application Policy Infrastructure Controller
(APIC) devices with software before 1.0(3o)
and 1.1 before 1.1(1j) and Nexus 9000 ACI
devices with software before 11.0(4o) and
11.x before 11.1(1j) do not properly
restrict access to the APIC filesystem,
which allows remote authenticated users to
obtain root privileges via unspecified use
of the APIC cluster-management configuration
feature, aka Bug IDs CSCuu72094 and
CSCuv11991. |
2015-07-24 |
9.0 |
CVE-2015-4235
CISCO |
cisco --
unified_meetingplace_web_conferencing |
The
password-change feature in Cisco Unified
MeetingPlace Web Conferencing 8.5 before
8.5(5) MR3 and 8.6 before 8.6(2) does not
check the session ID or require entry of the
current password, which allows remote
attackers to reset arbitrary passwords via a
crafted HTTP request, aka Bug ID CSCuu51839. |
2015-07-24 |
10.0 |
CVE-2015-4262
CISCO |
cisco --
unified_computing_system |
The
Manager component in Cisco Unified Computing
System (UCS) 2.2(3b) on B Blade Server
devices allows local users to gain
privileges for executing arbitrary CLI
commands by leveraging access to the
subordinate fabric interconnect, aka Bug ID
CSCut32778. |
2015-07-20 |
7.2 |
CVE-2015-4279
CISCO |
cisco --
videoscape_policy_resource_manager |
Cisco
Videoscape Policy Resource Manager (PRM)
3.5.4 allows remote attackers to cause a
denial of service (CPU and memory
consumption, and TCP service outage) via (1)
a SYN flood or (2) another type of TCP
traffic flood, aka Bug IDs CSCuu35104 and
CSCuu35128. |
2015-07-21 |
7.8 |
CVE-2015-4283
CISCO |
eaton --
proview |
Eaton
Cooper Power Systems ProView 4.0 and 5.0
before 5.0 11 on Form 6 controls and Idea
and IdeaPLUS relays generates TCP initial
sequence number (ISN) values linearly, which
makes it easier for remote attackers to
spoof TCP sessions by predicting an ISN
value. |
2015-07-19 |
9.3 |
CVE-2014-9196
MISC |
emc --
avamar_server |
Directory
traversal vulnerability in EMC Avamar Server
7.x before 7.1.2 and Avamar Virtual Addition
(AVE) 7.x before 7.1.2 allows remote
attackers to read arbitrary files by using
the Avamar Desktop/Laptop client interface
to send crafted parameters. |
2015-07-23 |
7.8 |
CVE-2015-4527
BUGTRAQ |
fca --
uconnect |
Unspecified
vulnerability in Uconnect 15.26.1, as used
in certain Fiat Chrysler Automobiles (FCA),
allows remote attackers in the same cellular
network to control vehicle movement, cause
human harm or physical damage, or modify
dashboard settings via vectors related to
modification of entertainment-system
firmware and access of the CAN bus due to
insufficient "Radio security protection," as
demonstrated on a 2014 Jeep Cherokee Limited
FWD. |
2015-07-21 |
8.3 |
CVE-2015-5611
MISC
MISC
MISC
MISC
MISC
MISC |
gemalto_safenet_luna_hsm
-- - |
Unspecified
vulnerability on the Gemalto SafeNet Luna
HSM has unknown impact and attack vectors. |
2015-07-22 |
10.0 |
CVE-2015-5464
CONFIRM |
google
-- chrome |
Use-after-free
vulnerability in the GPU process
implementation in Google Chrome before
44.0.2403.89 allows remote attackers to
cause a denial of service or possibly have
unspecified other impact by leveraging the
continued availability of a GPUChannelHost
data structure during Blink shutdown,
related to
content/browser/gpu/browser_gpu_channel_host_factory.cc
and content/renderer/render_thread_impl.cc. |
2015-07-22 |
7.5 |
CVE-2015-1272
CONFIRM
MISC
CONFIRM
CONFIRM |
google
-- chrome |
Use-after-free
vulnerability in
content/browser/indexed_db/indexed_db_backing_store.cc
in the IndexedDB implementation in Google
Chrome before 44.0.2403.89 allows remote
attackers to cause a denial of service or
possibly have unspecified other impact by
leveraging an abort action before a certain
write operation. |
2015-07-22 |
7.5 |
CVE-2015-1276
CONFIRM
CONFIRM
CONFIRM |
google
-- chrome |
Use-after-free
vulnerability in the accessibility
implementation in Google Chrome before
44.0.2403.89 allows remote attackers to
cause a denial of service or possibly have
unspecified other impact by leveraging lack
of certain validity checks for
accessibility-tree data structures. |
2015-07-22 |
7.5 |
CVE-2015-1277
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
google
-- chrome |
Integer
overflow in the CJBig2_Image::expand
function in fxcodec/jbig2/JBig2_Image.cpp in
PDFium, as used in Google Chrome before
44.0.2403.89, allows remote attackers to
cause a denial of service (heap-based buffer
overflow) or possibly have unspecified other
impact via large height and stride values. |
2015-07-22 |
7.5 |
CVE-2015-1279
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
google
-- chrome |
SkPictureShader.cpp
in Skia, as used in Google Chrome before
44.0.2403.89, allows remote attackers to
cause a denial of service (memory
corruption) or possibly have unspecified
other impact by leveraging access to a
renderer process and providing crafted
serialized data. |
2015-07-22 |
7.5 |
CVE-2015-1280
CONFIRM
CONFIRM
CONFIRM |
google
-- chrome |
The
LocalFrame::isURLAllowed function in
core/frame/LocalFrame.cpp in Blink, as used
in Google Chrome before 44.0.2403.89, does
not properly check for a page's maximum
number of frames, which allows remote
attackers to cause a denial of service
(invalid count value and use-after-free) or
possibly have unspecified other impact via
crafted JavaScript code that makes many
createElement calls for IFRAME elements. |
2015-07-22 |
7.5 |
CVE-2015-1284
CONFIRM
CONFIRM
CONFIRM |
google
-- chrome |
Multiple
unspecified vulnerabilities in Google Chrome
before 44.0.2403.89 allow attackers to cause
a denial of service or possibly have other
impact via unknown vectors. |
2015-07-22 |
7.5 |
CVE-2015-1289
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
ibm --
db2 |
The
scalar-function implementation in IBM DB2
9.7 through FP10, 9.8 through FP5, 10.1
before FP5, and 10.5 through FP5 on Linux,
UNIX, and Windows allows remote attackers to
cause a denial of service or execute
arbitrary code via unspecified vectors. |
2015-07-19 |
8.0 |
CVE-2015-1935
CONFIRM
AIXAPAR
AIXAPAR
AIXAPAR
AIXAPAR |
microsoft
-- windows_7 |
Buffer
underflow in atmfd.dll in the Windows Adobe
Type Manager Library in Microsoft Windows
Vista SP2, Windows Server 2008 SP2 and R2
SP1, Windows 7 SP1, Windows 8, Windows 8.1,
Windows Server 2012 Gold and R2, and Windows
RT Gold and 8.1 allows remote attackers to
execute arbitrary code via a crafted
OpenType font, aka "OpenType Font Driver
Vulnerability." |
2015-07-20 |
9.3 |
CVE-2015-2426
CERT-VN
MS
MISC |
nvidia
-- gpu_driver |
The
NVIDIA GPU driver for FreeBSD R352 before
352.09, 346 before 346.72, R349 before
349.16, R343 before 343.36, R340 before
340.76, R337 before 337.25, R334 before
334.21, R331 before 331.113, and R304 before
304.125 allows local users with certain
permissions to read or write arbitrary
kernel memory via unspecified vectors that
trigger an untrusted pointer dereference. |
2015-07-17 |
7.2 |
CVE-2015-3625
CONFIRM |
siemens
-- siprotec_firmware |
The
EN100 module with firmware before 4.25 for
Siemens SIPROTEC 4 and SIPROTEC Compact
devices allows remote attackers to cause a
denial of service via crafted packets on UDP
port 50000. |
2015-07-18 |
7.8 |
CVE-2015-5374
CONFIRM |
sysphonic
-- thetis |
Multiple
SQL injection vulnerabilities in Sysphonic
Thetis before 2.3.0 allow remote attackers
to execute arbitrary SQL commands via
unspecified vectors. |
2015-07-19 |
7.5 |
CVE-2015-2972
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
JVNDB
JVN |
tibco --
silver_fabric_enabler_for_spotfire_webplayer |
Multiple
unspecified vulnerabilities in TIBCO
Spotfire Client and Spotfire Web Player
Client in Spotfire Analyst before 5.5.2,
6.0.x before 6.0.3, 6.5.x before 6.5.3, and
7.0.x before 7.0.1; Spotfire Analytics
Platform for AWS 6.5 and 7.0.x before 7.0.1;
Spotfire Automation Services before 5.5.2,
6.0.x before 6.0.3, 6.5.x before 6.5.3, and
7.0.x before 7.0.1; Spotfire Deployment Kit
before 5.5.2, 6.0.x before 6.0.3, 6.5.x
before 6.5.3, and 7.0.x before 7.0.1;
Spotfire Desktop before 6.5.2 and 7.0.x
before 7.0.1; Spotfire Desktop Language
Packs 7.0.x before 7.0.1; Spotfire
Professional before 5.5.2, 6.0.x before
6.0.3, 6.5.x before 6.5.3, and 7.0.x before
7.0.1; Spotfire Web Player before 5.5.2,
6.0.x before 6.0.3, 6.5.x before 6.5.3, and
7.0.x before 7.0.1; and Silver Fabric
Enabler for Spotfire Web Player before 2.1.1
allow remote attackers to execute arbitrary
code or obtain sensitive information via
unknown vectors. |
2015-07-21 |
7.5 |
CVE-2015-4554
CONFIRM
CONFIRM |
Back to top
Medium Vulnerabilities
Primary
Vendor -- Product |
Description |
Published |
CVSS Score |
Source
& Patch Info |
apache -- http_server |
The
read_request_line function in
server/protocol.c in the Apache HTTP Server
2.4.12 does not initialize the protocol
structure member, which allows remote
attackers to cause a denial of service (NULL
pointer dereference and process crash) by
sending a request that lacks a method to an
installation that enables the INCLUDES
filter and has an ErrorDocument 400
directive specifying a local URI. |
2015-07-20 |
5.0 |
CVE-2015-0253
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
apache -- http_server |
The
chunked transfer coding implementation in
the Apache HTTP Server before 2.4.14 does
not properly parse chunk headers, which
allows remote attackers to conduct HTTP
request smuggling attacks via a crafted
request, related to mishandling of large
chunk-size values and invalid
chunk-extension characters in
modules/http/http_filters.c. |
2015-07-20 |
5.0 |
CVE-2015-3183
CONFIRM
CONFIRM
CONFIRM |
apache -- http_server |
The
ap_some_auth_required function in
server/request.c in the Apache HTTP Server
2.4.x before 2.4.14 does not consider that a
Require directive may be associated with an
authorization setting rather than an
authentication setting, which allows remote
attackers to bypass intended access
restrictions in opportunistic circumstances
by leveraging the presence of a module that
relies on the 2.2 API behavior. |
2015-07-20 |
4.3 |
CVE-2015-3185
CONFIRM
CONFIRM
CONFIRM |
blackberry -- blackberry_link |
mc_demux_mp4_ds.ax
in an unspecified third-party codec demux in
BlackBerry Link before 1.2.3.53 with
installer before 1.1.0.22 allows remote
attackers to execute arbitrary code via a
crafted MP4 file. |
2015-07-19 |
6.8 |
CVE-2015-4111
CONFIRM |
cisco -- webex_training_center |
Cross-site
scripting (XSS) vulnerability in Cisco WebEx
Meeting Center allows remote attackers to
inject arbitrary web script or HTML via an
unspecified value, aka Bug ID CSCuv01955. |
2015-07-21 |
4.3 |
CVE-2015-4246
CISCO |
cisco -- prime_collaboration |
Cisco
Prime Collaboration Assurance 10.0 allows
remote attackers to cause a denial of
service (HTTP service outage) via a crafted
HTTP request, aka Bug ID CSCum38844. |
2015-07-18 |
5.0 |
CVE-2015-4280
CISCO |
cisco -- webex_meetings_server |
Cross-site
request forgery (CSRF) vulnerability in
Cisco WebEx Meetings Server 2.5 MR1 allows
remote attackers to hijack the
authentication of arbitrary users, aka Bug
IDs CSCus56150 and CSCus56146. |
2015-07-22 |
6.8 |
CVE-2015-4281
CISCO |
cisco -- ios_xr |
The
Concurrent Data Management Replication
process in Cisco IOS XR 5.3.0 on ASR 9000
devices allows remote attackers to cause a
denial of service (BGP process reload) via
malformed BGPv4 packets, aka Bug ID
CSCur70670. |
2015-07-22 |
5.0 |
CVE-2015-4284
CISCO |
cisco -- ios_xr |
The
Local Packet Transport Services (LPTS)
implementation in Cisco IOS XR 5.1.2, 5.1.3,
5.2.1, and 5.2.2 on ASR9k devices makes
incorrect decisions about the opening of TCP
and UDP ports during the processing of flow
base entries, which allows remote attackers
to cause a denial of service (resource
consumption) by sending traffic to these
ports continuously, aka Bug ID CSCur88273. |
2015-07-23 |
5.0 |
CVE-2015-4285
CISCO |
cisco --
adaptive_security_appliance_software |
The
TLS implementation in the Cavium
cryptographic-module firmware, as
distributed with Cisco Adaptive Security
Appliance (ASA) Software 9.1(5.21) and other
products, does not verify the MAC field,
which allows man-in-the-middle attackers to
spoof TLS content by modifying packets, aka
Bug ID CSCuu52976. |
2015-07-18 |
4.3 |
CVE-2015-4458
CISCO |
ghisler -- total_commander |
The
FileInfo plugin before 2.22 for Ghisler
Total Commander allows remote attackers to
cause a denial of service (out-of-bounds
read and application crash) via (1) a large
Size value in the Archive Member Header of a
COFF Archive Library file, (2) a large
Number Of Symbols value in the 1st Linker
Member of a COFF Archive Library file, (3) a
large Resource Table Count value in the LE
Header of a Linear Executable file, or (4) a
large value in a certain Object field in a
Resource Table Entry in a Linear Executable
file. |
2015-07-21 |
5.0 |
CVE-2015-2869
CERT-VN
MISC
MISC |
google -- chrome |
The
ucnv_io_getConverterName function in
common/ucnv_io.cpp in International
Components for Unicode (ICU), as used in
Google Chrome before 44.0.2403.89,
mishandles converter names with initial x-
substrings, which allows remote attackers to
cause a denial of service (read of
uninitialized memory) or possibly have
unspecified other impact via a crafted file. |
2015-07-22 |
6.8 |
CVE-2015-1270
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
PDFium,
as used in Google Chrome before
44.0.2403.89, does not properly handle
certain out-of-memory conditions, which
allows remote attackers to cause a denial of
service (heap-based buffer overflow) or
possibly have unspecified other impact via a
crafted PDF document that triggers a large
memory allocation. |
2015-07-22 |
6.8 |
CVE-2015-1271
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
Heap-based
buffer overflow in j2k.c in OpenJPEG before
r3002, as used in PDFium in Google Chrome
before 44.0.2403.89, allows remote attackers
to cause a denial of service or possibly
have unspecified other impact via invalid
JPEG2000 data in a PDF document. |
2015-07-22 |
6.8 |
CVE-2015-1273
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
Google
Chrome before 44.0.2403.89 does not ensure
that the auto-open list omits all dangerous
file types, which makes it easier for remote
attackers to execute arbitrary code by
providing a crafted file and leveraging a
user's previous "Always open files of this
type" choice, related to
download_commands.cc and download_prefs.cc. |
2015-07-22 |
6.8 |
CVE-2015-1274
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
Cross-site
scripting (XSS) vulnerability in
org/chromium/chrome/browser/UrlUtilities.java
in Google Chrome before 44.0.2403.89 on
Android allows remote attackers to inject
arbitrary web script or HTML via a crafted
intent: URL, as demonstrated by a trailing
alert(document.cookie);// substring, aka
"Universal XSS (UXSS)." |
2015-07-22 |
4.3 |
CVE-2015-1275
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
content/browser/web_contents/web_contents_impl.cc
in Google Chrome before 44.0.2403.89 does
not ensure that a PDF document's modal
dialog is closed upon navigation to an
interstitial page, which allows remote
attackers to spoof URLs via a crafted
document, as demonstrated by the
alert_dialog.pdf document. |
2015-07-22 |
4.3 |
CVE-2015-1278
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
core/loader/ImageLoader.cpp
in Blink, as used in Google Chrome before
44.0.2403.89, does not properly determine
the V8 context of a microtask, which allows
remote attackers to bypass Content Security
Policy (CSP) restrictions by providing an
image from an unintended source. |
2015-07-22 |
4.3 |
CVE-2015-1281
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
Multiple
use-after-free vulnerabilities in
fpdfsdk/src/javascript/Document.cpp in
PDFium, as used in Google Chrome before
44.0.2403.89, allow remote attackers to
cause a denial of service or possibly have
unspecified other impact via a crafted PDF
document, related to the (1) Document::delay
and (2) Document::DoFieldDelay functions. |
2015-07-22 |
6.8 |
CVE-2015-1282
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
Multiple
integer overflows in the XML_GetBuffer
function in Expat through 2.1.0, as used in
Google Chrome before 44.0.2403.89 and other
products, allow remote attackers to cause a
denial of service (heap-based buffer
overflow) or possibly have unspecified other
impact via crafted XML data, a related issue
to CVE-2015-2716. |
2015-07-22 |
6.8 |
CVE-2015-1283
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
The
XSSAuditor::canonicalize function in
core/html/parser/XSSAuditor.cpp in the XSS
auditor in Blink, as used in Google Chrome
before 44.0.2403.89, does not properly
choose a truncation point, which makes it
easier for remote attackers to obtain
sensitive information via an unspecified
linear-time attack. |
2015-07-22 |
5.0 |
CVE-2015-1285
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
Cross-site
scripting (XSS) vulnerability in the
V8ContextNativeHandler::GetModuleSystem
function in
extensions/renderer/v8_context_native_handler.cc
in Google Chrome before 44.0.2403.89 allows
remote attackers to inject arbitrary web
script or HTML by leveraging the lack of a
certain V8 context restriction, aka a Blink
"Universal XSS (UXSS)." |
2015-07-22 |
4.3 |
CVE-2015-1286
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
Blink,
as used in Google Chrome before
44.0.2403.89, enables a quirks-mode
exception that limits the cases in which a
Cascading Style Sheets (CSS) document is
required to have the text/css content type,
which allows remote attackers to bypass the
Same Origin Policy via a crafted web site,
related to
core/fetch/CSSStyleSheetResource.cpp. |
2015-07-22 |
4.3 |
CVE-2015-1287
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
The
Spellcheck API implementation in Google
Chrome before 44.0.2403.89 does not use an
HTTPS session for downloading a Hunspell
dictionary, which allows man-in-the-middle
attackers to deliver incorrect spelling
suggestions or possibly have unspecified
other impact via a crafted file, a related
issue to CVE-2015-1263. |
2015-07-22 |
6.8 |
CVE-2015-1288
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
The
regular-expression implementation in Google
V8, as used in Google Chrome before
44.0.2403.89, mishandles interrupts, which
allows remote attackers to cause a denial of
service (application crash) via crafted
JavaScript code, as demonstrated by an error
in garbage collection during allocation of a
stack-overflow exception message. |
2015-07-22 |
5.0 |
CVE-2015-5605
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
hp -- system_management_homepage |
Cross-site
request forgery (CSRF) vulnerability in HP
System Management Homepage (SMH) before
7.5.0 allows remote authenticated users to
hijack the authentication of unspecified
victims via unknown vectors. |
2015-07-21 |
6.0 |
CVE-2015-2134
HP |
ibm -- db2 |
IBM
DB2 9.7 through FP10, 9.8 through FP5, 10.1
before FP5, and 10.5 through FP5 on Linux,
UNIX, and Windows allows remote
authenticated users to read arbitrary text
files via a crafted XML/XSLT function in a
SELECT statement. |
2015-07-19 |
4.0 |
CVE-2014-8910
CONFIRM
AIXAPAR
AIXAPAR
AIXAPAR
AIXAPAR |
ibm -- db2 |
IBM
DB2 9.7 through FP10, 9.8 through FP5, 10.1
before FP5, and 10.5 through FP5 on Linux,
UNIX, and Windows allows remote
authenticated users to cause a denial of
service (daemon crash) by leveraging an
unspecified scalar function in a SQL
statement. |
2015-07-19 |
6.8 |
CVE-2015-0157
CONFIRM
AIXAPAR
AIXAPAR
AIXAPAR
AIXAPAR |
ibm -- db2 |
IBM
DB2 9.7 through FP10, 9.8 through FP5, 10.1
before FP5, and 10.5 through FP5 on Linux,
UNIX, and Windows allows remote
authenticated users to read certain
administrative files via crafted use of an
automated-maintenance policy stored
procedure. |
2015-07-19 |
4.0 |
CVE-2015-1883
CONFIRM
AIXAPAR
AIXAPAR
AIXAPAR
AIXAPAR |
ibm -- business_process_manager |
The
REST API in IBM Business Process Manager
(BPM) 7.5.x through 7.5.1.2, 8.0.x through
8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5
through 8.5.5.0, and 8.5.6 through 8.5.6.0
allows remote authenticated users to bypass
intended access restrictions on
task-variable value changes via unspecified
vectors. |
2015-07-21 |
4.0 |
CVE-2015-1905
CONFIRM
AIXAPAR |
ibm --
infosphere_master_data_management |
IBM
InfoSphere Master Data Management
Collaborative Edition 9.1, 10.1, 11.0, 11.3,
and 11.4 before FP03 allows remote
authenticated users to obtain sensitive
information via a crafted request, which
reveals the full path in an error message. |
2015-07-19 |
4.0 |
CVE-2015-1982
CONFIRM |
ibm --
infosphere_master_data_management |
IBM
InfoSphere Master Data Management
Collaborative Edition 9.1, 10.1, 11.0, 11.3,
and 11.4 before FP03 allows remote
authenticated users to bypass intended
access restrictions and read arbitrary
profiles via unspecified vectors, as
demonstrated by discovering usernames for
use in brute-force attacks. |
2015-07-19 |
4.0 |
CVE-2015-1984
CONFIRM |
kaseya --
virtual_system_administrator |
Directory
traversal vulnerability in Kaseya Virtual
System Administrator (VSA) 7.x before
7.0.0.29, 8.x before 8.0.0.18, 9.0 before
9.0.0.14, and 9.1 before 9.1.0.4 allows
remote authenticated users to read arbitrary
files via a crafted HTTP request. |
2015-07-20 |
4.0 |
CVE-2015-2862
CERT-VN |
kaseya --
virtual_system_administrator |
Open
redirect vulnerability in Kaseya Virtual
System Administrator (VSA) 7.x before
7.0.0.29, 8.x before 8.0.0.18, 9.0 before
9.0.0.14, and 9.1 before 9.1.0.4 allows
remote attackers to redirect users to
arbitrary web sites and conduct phishing
attacks via unspecified vectors. |
2015-07-20 |
4.3 |
CVE-2015-2863
CERT-VN |
microsoft --
malicious_software_removal_tool |
Race
condition in Microsoft Malicious Software
Removal Tool (MSRT) before 5.26 allows local
users to gain privileges via a crafted DLL,
aka "MSRT Race Condition Vulnerability." |
2015-07-20 |
6.9 |
CVE-2015-2418
CONFIRM |
netiq --
security_solutions_for_iseries |
Multiple
stack-based buffer overflows in the
SafeShellExecute method in the
NetIQExecObject.NetIQExec.1 ActiveX control
in NetIQExec.dll in NetIQ Security Solutions
for iSeries 8.1 allow remote attackers to
execute arbitrary code via long arguments,
aka ZDI-CAN-2699. |
2015-07-18 |
6.8 |
CVE-2015-0795
CONFIRM
MISC |
novell -- groupwise |
Multiple
cross-site scripting (XSS) vulnerabilities
in WebAccess in Novell GroupWise 2012 before
Support Pack 4 and 2014 before Support Pack
2 allow remote attackers to inject arbitrary
web script or HTML via unspecified vectors. |
2015-07-22 |
4.3 |
CVE-2014-0611
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
seeds -- acmailer |
Directory
traversal vulnerability in Seeds acmailer
before 3.8.18 and 3.9.x before 3.9.12 Beta
allows remote authenticated users to delete
arbitrary files via a crafted string. |
2015-07-19 |
5.5 |
CVE-2015-2971
CONFIRM
JVNDB
JVN |
solarwinds -- n-able_n-central |
The
RSM (aka RSMWinService) service in
SolarWinds N-Able N-Central before
9.5.1.4514 uses the same password decryption
key across different customers'
installations, which makes it easier for
remote authenticated users to obtain the
cleartext domain-administrator password by
locating the encrypted password within HTML
source code and then leveraging knowledge of
this key from another installation. |
2015-07-21 |
4.0 |
CVE-2015-5610
CERT-VN |
wireshark -- wireshark |
The
dissect_wccp2r1_address_table_info function
in epan/dissectors/packet-wccp.c in the WCCP
dissector in Wireshark 1.12.x before 1.12.6
does not properly determine whether enough
memory is available for storing IP address
strings, which allows remote attackers to
cause a denial of service (application
crash) via a crafted packet. |
2015-07-21 |
5.0 |
CVE-2015-4651
CONFIRM
CONFIRM
CONFIRM |
wireshark -- wireshark |
epan/dissectors/packet-gsm_a_dtap.c
in the GSM DTAP dissector in Wireshark
1.12.x before 1.12.6 does not properly
validate digit characters, which allows
remote attackers to cause a denial of
service (application crash) via a crafted
packet, related to the de_emerg_num_list and
de_bcd_num functions. |
2015-07-21 |
4.3 |
CVE-2015-4652
CONFIRM
CONFIRM
CONFIRM |
Back to top
Low Vulnerabilities
Primary
Vendor -- Product |
Description |
Published |
CVSS Score |
Source
& Patch Info |
ibm --
rational_collaborative_lifecycle_management |
Cross-site
scripting (XSS) vulnerability in Jazz Team
Server in Jazz Foundation in IBM Rational
Collaborative Lifecycle Management (CLM) 4.x
before 4.0.7 IF6 and 5.x before 5.0.2 IF5;
Rational Quality Manager (RQM) 4.x before
4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational
Team Concert (RTC) 4.x before 4.0.7 IF6 and
5.x before 5.0.2 IF5; Rational Requirements
Composer (RRC) 4.x through 4.0.7; and
Rational DOORS Next Generation (RDNG) 4.x
before 4.0.7 IF6 and 5.x before 5.0.2 IF5
allows remote authenticated users to inject
arbitrary web script or HTML via a crafted
URL. |
2015-07-19 |
3.5 |
CVE-2015-0130
CONFIRM |
ibm -- business_process_manager |
Cross-site
scripting (XSS) vulnerability in the REST
API in IBM Business Process Manager (BPM)
7.5.x through 7.5.1.2, 8.0.x through
8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5
through 8.5.5.0, and 8.5.6 through 8.5.6.0
allows remote authenticated users to inject
arbitrary web script or HTML via a crafted
URL. |
2015-07-21 |
3.5 |
CVE-2015-1906
CONFIRM
AIXAPAR |
ibm -- db2 |
The
Data Movement implementation in IBM DB2 9.7
through FP10, 9.8 through FP5, 10.1 before
FP5, and 10.5 through FP5 on Linux, UNIX,
and Windows allows remote authenticated
users to bypass intended access restrictions
and delete table rows via unspecified
vectors. |
2015-07-19 |
3.5 |
CVE-2015-1922
AIXAPAR
CONFIRM
AIXAPAR
AIXAPAR
AIXAPAR |
ibm --
infosphere_master_data_management |
Cross-site
scripting (XSS) vulnerability in IBM
InfoSphere Master Data Management
Collaborative Edition 9.1, 10.1, 11.0, 11.3,
and 11.4 before FP03 allows remote
authenticated users to inject arbitrary web
script or HTML via a crafted URL. |
2015-07-19 |
3.5 |
CVE-2015-1968
CONFIRM |
ibm -- case_manager |
Multiple
cross-site scripting (XSS) vulnerabilities
in the Error dialog in IBM Case Manager
5.2.1 before 5.2.1.2 allow remote
authenticated users to inject arbitrary web
script or HTML via crafted input to the (1)
addressability or (2) comments component. |
2015-07-19 |
3.5 |
CVE-2015-1979
CONFIRM |
ibm --
infosphere_master_data_management |
IBM
InfoSphere Master Data Management
Collaborative Edition 9.1, 10.1, 11.0, 11.3,
and 11.4 before FP03 allows remote
authenticated users to conduct clickjacking
attacks via unspecified vectors. |
2015-07-19 |
3.5 |
CVE-2015-1980
CONFIRM |
Back to top
This product is provided subject to this Notification
and this Privacy
& Use policy.
A
copy of this publication is available at www.us-cert.gov.
If you need help or have questions, please send
an email to in...@us-cert.gov. Do not
reply to this message since this email was sent
from a notification-only address that is not
monitored. To ensure you receive future US-CERT
products, please add US-...@ncas.us-cert.gov to
your address book. |
STAY CONNECTED: |
|
This email was
sent to gera...@gmail.com using GovDelivery,
on behalf of: United States Computer Emergency
Readiness Team (US-CERT) · 245 Murray Lane SW
Bldg 410 · Washington, DC 20598 · (888)
282-0870 |
|
|