2016 VULNERABILITY DATABASE

 

 

CVE-2016-5655

Summary: Misys FusionCapital Opics Plus does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate.

Published: 7/19/2016 6:59:04 PM

 

CVSS Severity: v3 - 5.9 MEDIUM      v2 - 4.3 MEDIUM

 

CVE-2016-5654

Summary: Misys FusionCapital Opics Plus allows remote authenticated users to gain privileges via a man-in-the-middle attack that modifies the xmlMessageOut parameter.

Published: 7/19/2016 6:59:03 PM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 8.5 HIGH

 

CVE-2016-5653

Summary: Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Plus allow remote authenticated users to execute arbitrary SQL commands via the (1) ID or (2) Branch parameter.

Published: 7/19/2016 6:59:02 PM

 

CVSS Severity: v3 - 6.5 MEDIUM      v2 - 4.0 MEDIUM

 

CVE-2016-5080

Summary: Integer overflow in the rtxMemHeapAlloc function in asn1rt_a.lib in Objective Systems ASN1C for C/C++ before 7.0.2 allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow), on a system running an application compiled by ASN1C, via crafted ASN.1 data.

Published: 7/19/2016 6:59:01 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 10.0 HIGH

 

CVE-2016-2775

Summary: ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.

Published: 7/19/2016 6:59:00 PM

 

CVSS Severity: v3 - 5.9 MEDIUM      v2 - 4.3 MEDIUM

 

CVE-2015-8947

Summary: hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052.

Published: 7/19/2016 6:59:00 AM

 

CVSS Severity: v3 - 7.6 HIGH      v2 - 7.5 HIGH

 

CVE-2016-5388

Summary: Apache Tomcat through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.

Published: 7/18/2016 10:00:20 PM

 

CVSS Severity: v3 - 8.1 HIGH      v2 - 5.1 MEDIUM

 

CVE-2016-5387

Summary: The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.

Published: 7/18/2016 10:00:19 PM

 

CVSS Severity: v3 - 8.1 HIGH      v2 - 5.1 MEDIUM

 

CVE-2016-5386

Summary: The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.

Published: 7/18/2016 10:00:18 PM

 

CVSS Severity: v3 - 8.1 HIGH      v2 - 5.1 MEDIUM

 

CVE-2016-5385

Summary: PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.

Published: 7/18/2016 10:00:17 PM

 

CVSS Severity: v3 - 8.1 HIGH      v2 - 5.1 MEDIUM

 

CVE-2016-3039

Summary: IBM Traveler 8.x and 9.x before 9.0.1.12 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Published: 7/17/2016 6:59:04 PM

 

CVE-2016-1459

Summary: Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 allow remote authenticated users to cause a denial of service (device reload) via crafted attributes in a BGP message, aka Bug ID CSCuz21061.

Published: 7/17/2016 6:59:03 PM

 

CVE-2016-1448

Summary: Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.7 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuy92706.

Published: 7/17/2016 6:59:02 PM

 

CVE-2016-0393

Summary: IBM Maximo Asset Management 7.5 before 7.5.0.10-TIV-MBS-IFIX002 and 7.6 before 7.6.0.5-TIV-MAMMT-FP001 allows remote attackers to obtain sensitive URL information by reading log files.

Published: 7/17/2016 6:59:01 PM

 

CVE-2016-0321

Summary: IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script.

Published: 7/17/2016 6:59:00 PM

 

CVE-2016-5661

Summary: Accela Civic Platform Citizen Access portal relies on the client to restrict file types for uploads, which allows remote authenticated users to execute arbitrary code via modified _EventArgument and filename parameters.

Published: 7/15/2016 2:59:10 PM

 

CVE-2016-5660

Summary: Cross-site scripting (XSS) vulnerability in AttachmentsList.aspx in Accela Civic Platform Citizen Access portal allows remote attackers to inject arbitrary web script or HTML via the iframeid parameter.

Published: 7/15/2016 2:59:09 PM

 

CVE-2016-5637

Summary: The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted BPG image, related to a "type confusion" issue.

Published: 7/15/2016 2:59:08 PM

 

CVE-2016-2865

Summary: The GIT Integration component in IBM Rational Team Concert (RTC) 5.x before 5.0.2 iFix14 and 6.x before 6.0.1 iFix5 and Rational Collaborative Lifecycle Management 5.x before 5.0.2 iFix14 and 6.x before 6.0.1 iFix5 allows remote authenticated users to obtain sensitive information via a malformed request.

Published: 7/15/2016 2:59:07 PM

 

CVE-2016-0357

Summary: IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows remote attackers to conduct clickjacking attacks via a crafted web site.

Published: 7/15/2016 2:59:06 PM

 

CVE-2016-0340

Summary: IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session expiration, which allows remote attackers to hijack sessions by leveraging an unattended workstation.

Published: 7/15/2016 2:59:05 PM

 

CVE-2016-0339

Summary: IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session identifiers after logout, which makes it easier for remote attackers to spoof users by leveraging knowledge of "traffic records."

Published: 7/15/2016 2:59:04 PM

 

CVE-2016-0338

Summary: IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows local users to discover cleartext passwords by (1) reading a configuration file or (2) examining a process.

Published: 7/15/2016 2:59:03 PM

 

CVE-2016-0330

Summary: IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorithm.

Published: 7/15/2016 2:59:02 PM

 

CVE-2016-0269

Summary: Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x before 9.1.8 and 9.2.x before 9.2.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Published: 7/15/2016 2:59:01 PM

 

CVE-2015-1977

Summary: Directory traversal vulnerability in the Web Administration tool in IBM Tivoli Directory Server (ITDS) before 6.1.0.74-ISS-ISDS-IF0074, 6.2.x before 6.2.0.50-ISS-ISDS-IF0050, and 6.3.x before 6.3.0.43-ISS-ISDS-IF0043 and IBM Security Directory Server (ISDS) before 6.3.1.18-ISS-ISDS-IF0018 and 6.4.x before 6.4.0.9-ISS-ISDS-IF0009 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.

Published: 7/15/2016 2:59:00 PM

 

CVE-2016-5807

Summary: Tollgrade LightHouse SMS before 5.1 patch 3 allows remote authenticated users to bypass an intended administrative-authentication requirement, and read or change parameter values, via a direct request.

Published: 7/15/2016 12:59:15 PM

 

CVE-2016-5804

Summary: Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.

Published: 7/15/2016 12:59:14 PM

 

CVE-2016-5797

Summary: Tollgrade LightHouse SMS before 5.1 patch 3 provides different error messages for failed authentication attempts depending on whether the username exists, which allows remote attackers to enumerate account names via a series of attempts.

Published: 7/15/2016 12:59:13 PM

 

CVE-2016-5790

Summary: Tollgrade LightHouse SMS before 5.1 patch 3 allows remote attackers to bypass authentication and restart the software via unspecified vectors.

Published: 7/15/2016 12:59:12 PM

 

 

<<< New  Older >>>