2016 VULNERABILITY DATABASE
Summary: Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
Published: 4/7/2016 7:59:04 PM
CVSS Severity: v3 - 7.0 HIGH v2 - 6.9 MEDIUM
Summary: Multiple unspecified API endpoints in CloudBees Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
Published: 4/7/2016 7:59:03 PM
CVSS Severity: v3 - 8.8 HIGH v2 - 9.0 HIGH
Summary: CloudBees Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.
Published: 4/7/2016 7:59:02 PM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 7.5 HIGH
Summary: CloudBees Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify API tokens, which makes it easier for remote attackers to determine API tokens via a brute-force approach.
Published: 4/7/2016 7:59:01 PM
CVSS Severity: v3 - 5.3 MEDIUM v2 - 5.0 MEDIUM
Summary: CRLF injection vulnerability in the CLI command documentation in CloudBees Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Published: 4/7/2016 7:59:01 PM
CVSS Severity: v3 - 6.1 MEDIUM v2 - 4.3 MEDIUM
Summary: The remoting module in CloudBees Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execute arbitrary code by opening a JRMP listener.
Published: 4/7/2016 7:59:00 PM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 10.0 HIGH
Summary: Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter to log.php.
Published: 4/7/2016 5:59:03 PM
CVSS Severity: v3 - 6.1 MEDIUM v2 - 4.3 MEDIUM
Summary: The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allows remote attackers to bypass an HTTP response-splitting protection mechanism via UTF-8 encoded Unicode characters in the HTTP header, as demonstrated by %c4%8d%c4%8a.
Published: 4/7/2016 5:59:02 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 4.3 MEDIUM
Summary: Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
Published: 4/7/2016 5:59:01 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
Summary: Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitrary code via a crafted document.
Published: 4/7/2016 5:59:01 PM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 7.5 HIGH
Summary: Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).
Published: 4/7/2016 5:59:00 PM
Summary: BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler.
Published: 4/7/2016 4:59:05 PM
Summary: The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application with the camera permission, aka an "interface access control vulnerability."
Published: 4/7/2016 4:59:04 PM
CVSS Severity: v3 - 7.8 HIGH v2 - 9.3 HIGH
Summary: The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application with the graphics permission, aka an "interface access control vulnerability," a different vulnerability than CVE-2015-8307.
Published: 4/7/2016 4:59:03 PM
CVSS Severity: v3 - 7.8 HIGH v2 - 9.3 HIGH
Summary: The (1) ION and (2) Maxim_smartpa_dev drivers in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allow attackers to cause a denial of service (system crash) via a crafted application, which triggers an invalid memory access.
Published: 4/7/2016 4:59:02 PM
CVSS Severity: v3 - 5.5 MEDIUM v2 - 7.1 HIGH
Summary: Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2015-8318.
Published: 4/7/2016 4:59:01 PM
CVSS Severity: v3 - 7.8 HIGH v2 - 9.3 HIGH
Summary: Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2015-8319.
Published: 4/7/2016 4:59:01 PM
CVSS Severity: v3 - 7.8 HIGH v2 - 9.3 HIGH
Summary: The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application with the graphics permission, aka an "interface access control vulnerability," a different vulnerability than CVE-2015-8680.
Published: 4/7/2016 4:59:00 PM
CVSS Severity: v3 - 7.8 HIGH v2 - 9.3 HIGH
Summary: Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to NavigationURLTester, aka SAP Security Note 2238375.
Published: 4/7/2016 3:59:06 PM
CVSS Severity: v3 - 6.1 MEDIUM v2 - 4.3 MEDIUM
Summary: XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.4 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request, related to the ctcprotocol servlet, aka SAP Security Note 2235994.
Published: 4/7/2016 3:59:05 PM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 7.5 HIGH