ECI Blog @WordPress

Latest news from the ECI Networks Group

SB15-257 Vulnerability Summary for the Week of September 7th 2015

National Cyber Awareness System: 09/14/2015 06:24 AM EDT

Original release date: September 14, 2015

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.


The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
  • Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
  • Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — shockwave_player Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6681. 2015-09-08 10.0 CVE-2015-6680
CONFIRM
adobe — shockwave_player Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6680. 2015-09-08 10.0 CVE-2015-6681
CONFIRM
ffmpeg — ffmpeg The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted image with two or more of these chunks. 2015-09-05 7.5 CVE-2015-6818
CONFIRM
ffmpeg — ffmpeg Multiple integer underflows in the ff_mjpeg_decode_frame function in libavcodec/mjpegdec.c in FFmpeg before 2.7.2 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data. 2015-09-05 7.5 CVE-2015-6819
CONFIRM
ffmpeg — ffmpeg The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matching AAC frame syntax element before proceeding with Spectral Band Replication calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted AAC data. 2015-09-05 7.5 CVE-2015-6820
CONFIRM
ffmpeg — ffmpeg The ff_mpv_common_init function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted MPEG data. 2015-09-05 7.5 CVE-2015-6821
CONFIRM
ffmpeg — ffmpeg The destroy_buffers function in libavcodec/sanm.c in FFmpeg before 2.7.2 does not properly maintain height and width values in the video context, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via crafted LucasArts Smush video data. 2015-09-05 7.5 CVE-2015-6822
CONFIRM
ffmpeg — ffmpeg The allocate_buffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have unspecified other impact via crafted Apple Lossless Audio Codec (ALAC) data. 2015-09-05 7.5 CVE-2015-6823
CONFIRM
ffmpeg — ffmpeg The sws_init_context function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certain pixbuf data structures, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have unspecified other impact via crafted video data. 2015-09-05 7.5 CVE-2015-6824
CONFIRM
ffmpeg — ffmpeg The ff_frame_thread_init function in libavcodec/pthread_frame.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via a crafted file, as demonstrated by an AVI file. 2015-09-05 7.5 CVE-2015-6825
CONFIRM
ffmpeg — ffmpeg The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted (1) RV30 or (2) RV40 RealVideo data. 2015-09-05 7.5 CVE-2015-6826
CONFIRM
isc — bind buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. 2015-09-04 7.8 CVE-2015-5722
CONFIRM
isc — bind openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response. 2015-09-04 7.1 CVE-2015-5986
CONFIRM
libvdpau_project — libvdpau libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, related to the VDPAU_DRIVER_PATH environment variable. 2015-09-08 7.2 CVE-2015-5198
CONFIRM
UBUNTU
MLIST
libvdpau_project — libvdpau Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAU_DRIVER environment variable. 2015-09-08 7.2 CVE-2015-5199
CONFIRM
UBUNTU
MLIST
microsoft — edge Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2491 and CVE-2015-2541. 2015-09-08 9.3 CVE-2015-2485
MS
MS
microsoft — edge Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499. 2015-09-08 9.3 CVE-2015-2486
MS
MS
microsoft — internet_explorer Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499. 2015-09-08 9.3 CVE-2015-2487
MS
microsoft — internet_explorer Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2492, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499. 2015-09-08 9.3 CVE-2015-2490
MS
microsoft — internet_explorer Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2485 and CVE-2015-2541. 2015-09-08 9.3 CVE-2015-2491
MS
microsoft — internet_explorer Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499. 2015-09-08 9.3 CVE-2015-2492
MS
microsoft — internet_explorer The (1) VBScript and (2) JScript engines in Microsoft Internet Explorer 8 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Scripting Engine Memory Corruption Vulnerability.” 2015-09-08 9.3 CVE-2015-2493
MS
microsoft — edge Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2498, and CVE-2015-2499. 2015-09-08 9.3 CVE-2015-2494
MS
MS
microsoft — internet_explorer Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, and CVE-2015-2499. 2015-09-08 9.3 CVE-2015-2498
MS
microsoft — internet_explorer Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, and CVE-2015-2498. 2015-09-08 9.3 CVE-2015-2499
MS
microsoft — internet_explorer Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability.” 2015-09-08 9.3 CVE-2015-2500
MS
microsoft — internet_explorer Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability.” 2015-09-08 9.3 CVE-2015-2501
MS
microsoft — .net_framework Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 improperly counts objects before performing an array copy, which allows remote attackers to (1) execute arbitrary code via a crafted XAML browser application (XBAP) or (2) bypass Code Access Security restrictions via a crafted .NET Framework application, aka “.NET Elevation of Privilege Vulnerability.” 2015-09-08 9.3 CVE-2015-2504
MS
microsoft — windows_10 atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (system crash) via a crafted OpenType font, aka “OpenType Font Parsing Vulnerability.” 2015-09-08 9.3 CVE-2015-2506
MS
microsoft — windows_10 The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka “Font Driver Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2512. 2015-09-08 7.2 CVE-2015-2507
MS
microsoft — windows_10 The Adobe Type Manager Library in Microsoft Windows 10 allows local users to gain privileges via a crafted application, aka “Font Driver Elevation of Privilege Vulnerability.” 2015-09-08 7.2 CVE-2015-2508
MS
microsoft — windows_7 Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Media Center link (mcl) file, aka “Windows Media Center RCE Vulnerability.” 2015-09-08 9.3 CVE-2015-2509
MS
microsoft — live_meeting_console Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted OpenType font, aka “Graphics Component Buffer Overflow Vulnerability.” 2015-09-08 9.3 CVE-2015-2510
MS
microsoft — windows_10 The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka “Win32k Memory Corruption Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2517, CVE-2015-2518, and CVE-2015-2546. 2015-09-08 7.2 CVE-2015-2511
MS
microsoft — windows_10 The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka “Font Driver Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2507. 2015-09-08 7.2 CVE-2015-2512
MS
microsoft — windows_10 Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka “Windows Journal RCE Vulnerability,” a different vulnerability than CVE-2015-2514 and CVE-2015-2530. 2015-09-08 9.3 CVE-2015-2513
MS
microsoft — windows_10 Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka “Windows Journal RCE Vulnerability,” a different vulnerability than CVE-2015-2513 and CVE-2015-2530. 2015-09-08 9.3 CVE-2015-2514
MS
microsoft — windows_10 The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka “Win32k Memory Corruption Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2511, CVE-2015-2518, and CVE-2015-2546. 2015-09-08 7.2 CVE-2015-2517
MS
microsoft — windows_10 The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka “Win32k Memory Corruption Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2511, CVE-2015-2517, and CVE-2015-2546. 2015-09-08 7.2 CVE-2015-2518
MS
microsoft — windows_10 Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka “Windows Journal Integer Overflow RCE Vulnerability.” 2015-09-08 9.3 CVE-2015-2519
MS
microsoft — excel Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.” 2015-09-08 9.3 CVE-2015-2520
MS
microsoft — excel Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.” 2015-09-08 9.3 CVE-2015-2521
MS
microsoft — excel Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.” 2015-09-08 9.3 CVE-2015-2523
MS
microsoft — windows_10 Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka “Windows Task Management Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2528. 2015-09-08 7.2 CVE-2015-2524
MS
microsoft — windows_10 Task Scheduler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass intended filesystem restrictions and delete arbitrary files via unspecified vectors, aka “Windows Task File Deletion Elevation of Privilege Vulnerability.” 2015-09-08 7.2 CVE-2015-2525
MS
microsoft — windows_10 The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka “Win32k Elevation of Privilege Vulnerability.” 2015-09-08 7.2 CVE-2015-2527
MS
microsoft — windows_10 Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka “Windows Task Management Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2524. 2015-09-08 7.2 CVE-2015-2528
MS
microsoft — windows_10 Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka “Windows Journal RCE Vulnerability,” a different vulnerability than CVE-2015-2513 and CVE-2015-2514. 2015-09-08 9.3 CVE-2015-2530
MS
microsoft — internet_explorer Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2485 and CVE-2015-2491. 2015-09-08 9.3 CVE-2015-2541
MS
microsoft — edge Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability.” 2015-09-08 9.3 CVE-2015-2542
MS
MS
microsoft — office Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka “Microsoft Office Malformed EPS File Vulnerability.” 2015-09-08 9.3 CVE-2015-2545
MS
microsoft — windows_10 The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka “Win32k Memory Corruption Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2015-2511, CVE-2015-2517, and CVE-2015-2518. 2015-09-08 7.2 CVE-2015-2546
MS

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
cisco — telepresence_system_software_ix Cisco TelePresence IX5000 8.0.3 stores a private key associated with an X.509 certificate under the web root with insufficient access control, which allows remote attackers to obtain cleartext versions of HTTPS traffic or spoof devices via a direct request to the certificate directory, aka Bug ID CSCuu63501. 2015-09-04 5.0 CVE-2015-6276
CISCO
freebit — elphonebtnv6_activex_control Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ELPhoneBtnV6 ActiveX control allows remote attackers to execute arbitrary code via a crafted HTML document, related to the discontinued “Click to Live” service. 2015-09-07 6.8 CVE-2015-5624
JVNDB
JVN
guide-park — bbs_x102 Cross-site scripting (XSS) vulnerability in guide-park.com BBS X102 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2015-09-05 4.3 CVE-2015-2985
JVNDB
JVN
lemon-s_php — twit_bbs Cross-site scripting (XSS) vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter. 2015-09-07 4.3 CVE-2015-2989
JVNDB
JVN
libvdpau_project — libvdpau The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors. 2015-09-08 6.3 CVE-2015-5200
CONFIRM
UBUNTU
MLIST
microsoft — internet_explorer Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka “Information Disclosure Vulnerability.” 2015-09-08 5.0 CVE-2015-2483
MS
microsoft — internet_explorer Microsoft Internet Explorer 10 and 11 uses an incorrect flag during certain filesystem accesses, which allows remote attackers to delete arbitrary files via unspecified vectors, aka “Tampering Vulnerability.” 2015-09-08 6.4 CVE-2015-2484
MS
microsoft — internet_explorer Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka “Elevation of Privilege Vulnerability.” 2015-09-08 4.3 CVE-2015-2489
MS
microsoft — exchange_server Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to obtain sensitive stacktrace information via a crafted request, aka “Exchange Information Disclosure Vulnerability.” 2015-09-08 5.0 CVE-2015-2505
MS
microsoft — windows_10 Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (data loss) via a crafted .jnt file, aka “Windows Journal DoS Vulnerability.” 2015-09-08 4.3 CVE-2015-2516
MS
microsoft — .net_framework Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to cause a denial of service to an ASP.NET web site via crafted requests, aka “MVC Denial of Service Vulnerability.” 2015-09-08 5.0 CVE-2015-2526
MS
microsoft — lync_server Cross-site scripting (XSS) vulnerability in the jQuery engine in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Skype for Business Server and Lync Server XSS Information Disclosure Vulnerability.” 2015-09-08 4.3 CVE-2015-2531
MS
microsoft — lync_server Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Lync Server XSS Information Disclosure Vulnerability.” 2015-09-08 4.3 CVE-2015-2532
MS
microsoft — windows_server_2008 Active Directory in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service outage) by creating multiple machine accounts, aka “Active Directory Denial of Service Vulnerability.” 2015-09-08 4.0 CVE-2015-2535
MS
microsoft — lync_server Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka “Skype for Business Server and Lync Server XSS Elevation of Privilege Vulnerability.” 2015-09-08 4.3 CVE-2015-2536
MS
microsoft — exchange_server Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka “Exchange Spoofing Vulnerability.” 2015-09-08 4.3 CVE-2015-2543
MS
microsoft — exchange_server Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka “Exchange Spoofing Vulnerability.” 2015-09-08 4.3 CVE-2015-2544
MS
neojapan — desknet_neo Directory traversal vulnerability in zhtml.cgi in NEOJAPAN desknet NEO 2.0R1.0 through 2.5R1.4 allows remote authenticated users to read arbitrary files via a crafted parameter. 2015-09-04 4.0 CVE-2015-2990
CONFIRM
JVNDB
JVN
nscripter_project — nscripter Buffer overflow in NScripter before 3.00 allows remote attackers to execute arbitrary code via crafted save data. 2015-09-04 6.8 CVE-2015-2991
CONFIRM
JVNDB
JVN
opendocman — opendocman Cross-site scripting (XSS) vulnerability in OpenDocMan before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter. 2015-09-07 4.3 CVE-2015-5625
JVNDB
JVN
openstack — compute OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance. 2015-09-08 6.8 CVE-2015-3241
CONFIRM
REDHAT
rakuto — rktsns2 Cross-site scripting (XSS) vulnerability in rakuto.net hitSuji (rktSNS2) 0.2.2b allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2015-09-05 4.3 CVE-2015-2986
JVNDB
JVN
redhat — openshift_origin The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service (master process crash) via crafted JSON data. 2015-09-08 4.0 CVE-2015-5250
CONFIRM
CONFIRM
REDHAT
spice_project — spice Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors. 2015-09-08 6.9 CVE-2015-3247
SECTRACK
REDHAT
REDHAT
REDHAT

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
microsoft — sharepoint_foundation Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content, aka “Microsoft SharePoint XSS Spoofing Vulnerability.” 2015-09-08 3.5 CVE-2015-2522
MS
microsoft — windows_10 The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka “Kernel ASLR Bypass Vulnerability.” 2015-09-08 2.1 CVE-2015-2529
MS
microsoft — windows_10 Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted application, aka “Hyper-V Security Feature Bypass Vulnerability.” 2015-09-08 1.9 CVE-2015-2534
MS
redhat — enterprise_virtualization The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view. 2015-09-08 3.7 CVE-2015-1841
SECTRACK
REDHAT

#post-1361 .CPlase_panel {display:none;}

SB15-257 Vulnerability Summary for the Week of September 7th 2015 was originally published on Blogg'n @ ECI

September 14, 2015 - Posted by | ANSI, IT Security, NewsUpdate, NIST, Security Alerts, Security Issues, US-CERT | , , , , , , , , , , , , , , , , , , , , ,

Sorry, the comment form is closed at this time.