2016 VULNERABILITY DATABASE
CVE-2016-5655
Summary: Misys FusionCapital Opics Plus does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate.
Published: 7/19/2016 6:59:04 PM
CVSS Severity: v3 - 5.9 MEDIUM v2 - 4.3 MEDIUM
CVE-2016-5654
Summary: Misys FusionCapital Opics Plus allows remote authenticated users to gain privileges via a man-in-the-middle attack that modifies the xmlMessageOut parameter.
Published: 7/19/2016 6:59:03 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 8.5 HIGH
CVE-2016-5653
Summary: Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Plus allow remote authenticated users to execute arbitrary SQL commands via the (1) ID or (2) Branch parameter.
Published: 7/19/2016 6:59:02 PM
CVSS Severity: v3 - 6.5 MEDIUM v2 - 4.0 MEDIUM
CVE-2016-5080
Summary: Integer overflow in the rtxMemHeapAlloc function in asn1rt_a.lib in Objective Systems ASN1C for C/C++ before 7.0.2 allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow), on a system running an application compiled by ASN1C, via crafted ASN.1 data.
Published: 7/19/2016 6:59:01 PM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 10.0 HIGH
CVE-2016-2775
Summary: ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.
Published: 7/19/2016 6:59:00 PM
CVSS Severity: v3 - 5.9 MEDIUM v2 - 4.3 MEDIUM
CVE-2015-8947
Summary: hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052.
Published: 7/19/2016 6:59:00 AM
CVSS Severity: v3 - 7.6 HIGH v2 - 7.5 HIGH
CVE-2016-5388
Summary: Apache Tomcat through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.
Published: 7/18/2016 10:00:20 PM
CVSS Severity: v3 - 8.1 HIGH v2 - 5.1 MEDIUM
CVE-2016-5387
Summary: The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.
Published: 7/18/2016 10:00:19 PM
CVSS Severity: v3 - 8.1 HIGH v2 - 5.1 MEDIUM
CVE-2016-5386
Summary: The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
Published: 7/18/2016 10:00:18 PM
CVSS Severity: v3 - 8.1 HIGH v2 - 5.1 MEDIUM
CVE-2016-5385
Summary: PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
Published: 7/18/2016 10:00:17 PM
CVSS Severity: v3 - 8.1 HIGH v2 - 5.1 MEDIUM
CVE-2016-3039
Summary: IBM Traveler 8.x and 9.x before 9.0.1.12 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Published: 7/17/2016 6:59:04 PM
CVE-2016-1459
Summary: Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 allow remote authenticated users to cause a denial of service (device reload) via crafted attributes in a BGP message, aka Bug ID CSCuz21061.
Published: 7/17/2016 6:59:03 PM
CVE-2016-1448
Summary: Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.7 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuy92706.
Published: 7/17/2016 6:59:02 PM
CVE-2016-0393
Summary: IBM Maximo Asset Management 7.5 before 7.5.0.10-TIV-MBS-IFIX002 and 7.6 before 7.6.0.5-TIV-MAMMT-FP001 allows remote attackers to obtain sensitive URL information by reading log files.
Published: 7/17/2016 6:59:01 PM
CVE-2016-0321
Summary: IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script.
Published: 7/17/2016 6:59:00 PM
CVE-2016-5661
Summary: Accela Civic Platform Citizen Access portal relies on the client to restrict file types for uploads, which allows remote authenticated users to execute arbitrary code via modified _EventArgument and filename parameters.
Published: 7/15/2016 2:59:10 PM
CVE-2016-5660
Summary: Cross-site scripting (XSS) vulnerability in AttachmentsList.aspx in Accela Civic Platform Citizen Access portal allows remote attackers to inject arbitrary web script or HTML via the iframeid parameter.
Published: 7/15/2016 2:59:09 PM
CVE-2016-5637
Summary: The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted BPG image, related to a "type confusion" issue.
Published: 7/15/2016 2:59:08 PM
CVE-2016-2865
Summary: The GIT Integration component in IBM Rational Team Concert (RTC) 5.x before 5.0.2 iFix14 and 6.x before 6.0.1 iFix5 and Rational Collaborative Lifecycle Management 5.x before 5.0.2 iFix14 and 6.x before 6.0.1 iFix5 allows remote authenticated users to obtain sensitive information via a malformed request.
Published: 7/15/2016 2:59:07 PM
CVE-2016-0357
Summary: IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows remote attackers to conduct clickjacking attacks via a crafted web site.
Published: 7/15/2016 2:59:06 PM
CVE-2016-0340
Summary: IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session expiration, which allows remote attackers to hijack sessions by leveraging an unattended workstation.
Published: 7/15/2016 2:59:05 PM
CVE-2016-0339
Summary: IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session identifiers after logout, which makes it easier for remote attackers to spoof users by leveraging knowledge of "traffic records."
Published: 7/15/2016 2:59:04 PM
CVE-2016-0338
Summary: IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows local users to discover cleartext passwords by (1) reading a configuration file or (2) examining a process.
Published: 7/15/2016 2:59:03 PM
CVE-2016-0330
Summary: IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorithm.
Published: 7/15/2016 2:59:02 PM
CVE-2016-0269
Summary: Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x before 9.1.8 and 9.2.x before 9.2.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Published: 7/15/2016 2:59:01 PM
CVE-2015-1977
Summary: Directory traversal vulnerability in the Web Administration tool in IBM Tivoli Directory Server (ITDS) before 6.1.0.74-ISS-ISDS-IF0074, 6.2.x before 6.2.0.50-ISS-ISDS-IF0050, and 6.3.x before 6.3.0.43-ISS-ISDS-IF0043 and IBM Security Directory Server (ISDS) before 6.3.1.18-ISS-ISDS-IF0018 and 6.4.x before 6.4.0.9-ISS-ISDS-IF0009 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.
Published: 7/15/2016 2:59:00 PM
CVE-2016-5807
Summary: Tollgrade LightHouse SMS before 5.1 patch 3 allows remote authenticated users to bypass an intended administrative-authentication requirement, and read or change parameter values, via a direct request.
Published: 7/15/2016 12:59:15 PM
CVE-2016-5804
Summary: Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.
Published: 7/15/2016 12:59:14 PM
CVE-2016-5797
Summary: Tollgrade LightHouse SMS before 5.1 patch 3 provides different error messages for failed authentication attempts depending on whether the username exists, which allows remote attackers to enumerate account names via a series of attempts.
Published: 7/15/2016 12:59:13 PM
CVE-2016-5790
Summary: Tollgrade LightHouse SMS before 5.1 patch 3 allows remote attackers to bypass authentication and restart the software via unspecified vectors.
Published: 7/15/2016 12:59:12 PM
