Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-23 | CVE-2016-9563 | XXE vulnerability in SAP Netweaver Application Server Java 7.50 BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909. | 6.5 |
| 2016-11-23 | CVE-2016-9562 | NULL Pointer Dereference vulnerability in SAP Netweaver Application Server Java 7.40 SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835. | 7.5 |
| 2016-11-22 | CVE-2016-9540 | Out-of-bounds Write vulnerability in Libtiff 4.0.6 tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. | 9.8 |
| 2016-11-22 | CVE-2016-9539 | Out-of-bounds Read vulnerability in Libtiff 4.0.6 tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). | 9.8 |
| 2016-11-22 | CVE-2016-9538 | Integer Overflow or Wraparound vulnerability in Libtiff 4.0.6 tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. | 9.8 |
| 2016-11-22 | CVE-2016-9537 | Out-of-bounds Write vulnerability in Libtiff 4.0.6 tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. | 9.8 |
| 2016-11-22 | CVE-2016-9536 | Out-of-bounds Write vulnerability in Libtiff 4.0.6 tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). | 9.8 |
| 2016-11-22 | CVE-2016-9535 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. | 9.8 |
| 2016-11-22 | CVE-2016-9534 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. | 9.8 |
| 2016-11-22 | CVE-2016-9533 | Out-of-bounds Write vulnerability in Libtiff 4.0.6 tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. | 9.8 |