Vulnerabilities > Redhat > Enterprise Linux Server AUS > High

DATE CVE VULNERABILITY TITLE RISK
2016-09-21 CVE-2016-5418 Data Processing Errors vulnerability in multiple products
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
network
low complexity
redhat oracle libarchive CWE-19
7.5
2016-09-21 CVE-2016-4809 Improper Input Validation vulnerability in multiple products
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
network
low complexity
redhat oracle libarchive CWE-20
7.5
2016-09-21 CVE-2016-4302 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
local
low complexity
redhat libarchive CWE-119
7.8
2016-09-21 CVE-2016-4300 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.
local
low complexity
libarchive redhat CWE-190
7.8
2016-07-19 CVE-2016-5388 Improper Access Control vulnerability in multiple products
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
network
high complexity
redhat hp oracle apache CWE-284
8.1
2016-07-19 CVE-2016-5387 The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. 8.1
2016-07-19 CVE-2016-5386 Improper Access Control vulnerability in multiple products
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
network
high complexity
fedoraproject oracle redhat golang CWE-284
8.1
2016-06-27 CVE-2016-0758 Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
local
low complexity
redhat linux canonical
7.8
2016-06-13 CVE-2016-3698 Improper Access Control vulnerability in multiple products
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.
network
high complexity
redhat libndp debian canonical CWE-284
8.1
2016-06-13 CVE-2016-2818 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
8.8