2016 VULNERABILITY DATABASE

 

 

 

CVE-2016-1685

Summary: core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document.

Published: 6/5/2016 7:59:14 PM

 

CVSS Severity: v3 - 6.5 MEDIUM      v2 - 4.3 MEDIUM

 

CVE-2016-1684

Summary: numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document.

Published: 6/5/2016 7:59:13 PM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 5.1 MEDIUM

 

CVE-2016-1683

Summary: numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.

Published: 6/5/2016 7:59:12 PM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 5.1 MEDIUM

 

CVE-2016-1682

Summary: The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a ServiceWorker registration.

Published: 6/5/2016 7:59:11 PM

 

CVSS Severity: v3 - 6.1 MEDIUM      v2 - 4.3 MEDIUM

 

CVE-2016-1681

Summary: Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document.

Published: 6/5/2016 7:59:10 PM

 

CVSS Severity: v3 - 8.8 HIGH      v2 - 6.8 MEDIUM

 

CVE-2016-1680

Summary: Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors.

Published: 6/5/2016 7:59:08 PM

 

CVSS Severity: v3 - 8.8 HIGH      v2 - 6.8 MEDIUM

 

CVE-2016-1679

Summary: The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.

Published: 6/5/2016 7:59:07 PM

 

CVSS Severity: v3 - 8.8 HIGH      v2 - 6.8 MEDIUM

 

CVE-2016-1678

Summary: objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

Published: 6/5/2016 7:59:06 PM

 

CVSS Severity: v3 - 8.8 HIGH      v2 - 6.8 MEDIUM

 

CVE-2016-1677

Summary: uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."

Published: 6/5/2016 7:59:05 PM

 

CVSS Severity: v3 - 6.5 MEDIUM      v2 - 4.3 MEDIUM

 

CVE-2016-1676

Summary: extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Published: 6/5/2016 7:59:04 PM

 

CVSS Severity: v3 - 8.8 HIGH      v2 - 6.8 MEDIUM

 

CVE-2016-1675

Summary: Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp.

Published: 6/5/2016 7:59:03 PM

 

CVSS Severity: v3 - 8.8 HIGH      v2 - 6.8 MEDIUM

 

CVE-2016-1674

Summary: The extensions subsystem in Google Chrome before 51.0.2704.63 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Published: 6/5/2016 7:59:02 PM

 

CVSS Severity: v3 - 8.8 HIGH      v2 - 6.8 MEDIUM

 

CVE-2016-1673

Summary: Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Published: 6/5/2016 7:59:01 PM

 

CVSS Severity: v3 - 8.8 HIGH      v2 - 6.8 MEDIUM

 

CVE-2016-1672

Summary: The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vectors.

Published: 6/5/2016 7:59:00 PM

 

CVSS Severity: v3 - 8.8 HIGH      v2 - 6.8 MEDIUM

 

CVE-2016-1230

Summary: Cross-site scripting (XSS) vulnerability in NTT PC Communications WebARENA Service formmail before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: 6/4/2016 9:59:04 PM

 

CVSS Severity: v3 - 6.1 MEDIUM      v2 - 4.3 MEDIUM

 

CVE-2016-1229

Summary: Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Published: 6/4/2016 9:59:03 PM

 

CVSS Severity: v3 - 5.4 MEDIUM      v2 - 3.5 LOW

 

CVE-2016-1222

Summary: Cross-site scripting (XSS) vulnerability in Kobe Beauty php-contact-form before 2016-05-18 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.

Published: 6/4/2016 9:59:01 PM

 

CVSS Severity: v3 - 6.1 MEDIUM      v2 - 4.3 MEDIUM

 

CVE-2016-1212

Summary: Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors.

Published: 6/4/2016 9:59:00 PM

 

CVSS Severity: v3 - 2.7 LOW      v2 - 4.0 MEDIUM

 

CVE-2016-4812

Summary: Cross-site scripting (XSS) vulnerability in the Markdown on Save Improved plugin before 2.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: 6/4/2016 12:59:03 PM

 

CVE-2016-4564

Summary: The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

Published: 6/4/2016 12:59:02 PM

 

CVE-2016-4563

Summary: The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

Published: 6/4/2016 12:59:01 PM

 

CVE-2016-4562

Summary: The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

Published: 6/4/2016 12:59:00 PM

 

CVE-2016-1403

Summary: CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005.

Published: 6/4/2016 10:59:01 AM

 

CVE-2016-1211

Summary: Cross-site scripting (XSS) vulnerability in Epoch Web Mailing List 0.31 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: 6/4/2016 10:59:00 AM

 

CVE-2016-1391

Summary: Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889.

Published: 6/3/2016 9:59:03 PM

 

CVE-2016-1390

Summary: Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892.

Published: 6/3/2016 9:59:02 PM

 

CVE-2016-0908

Summary: EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges.

Published: 6/3/2016 9:59:01 PM

 

CVE-2016-4804

Summary: The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function.

Published: 6/3/2016 10:59:06 AM

 

CVSS Severity: v3 - 6.2 MEDIUM      v2 - 2.1 LOW

 

CVE-2016-3944

Summary: UpdateAgent in Lenovo Accelerator Application allows man-in-the-middle attackers to execute arbitrary code by spoofing an update response from susapi.lenovomm.com.

Published: 6/3/2016 10:59:05 AM

 

CVE-2016-3096

Summary: The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.

Published: 6/3/2016 10:59:04 AM

 

CVE-2016-0376

Summary: The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-5456.

Published: 6/3/2016 10:59:02 AM

 

CVE-2016-0363

Summary: The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009.

Published: 6/3/2016 10:59:01 AM

 

CVE-2015-8872

Summary: The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."

Published: 6/3/2016 10:59:00 AM

 

CVSS Severity: v3 - 6.2 MEDIUM      v2 - 2.1 LOW

 

CVE-2016-1388

Summary: Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882.

Published: 6/2/2016 10:01:07 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 7.5 HIGH

 

CVE-2016-1370

Summary: Cisco Prime Network Analysis Module (NAM) before 6.2(1-b) miscalculates IPv6 payload lengths, which allows remote attackers to cause a denial of service (mond process crash and monitoring outage) via crafted IPv6 packets, aka Bug ID CSCuy37324.

Published: 6/2/2016 10:01:06 PM

 

CVSS Severity: v3 - 5.3 MEDIUM      v2 - 5.0 MEDIUM

 

 

<<< New  Older >>>