Weekly Vulnerabilities Reports > November 9 to 15, 2015

Overview

127 new vulnerabilities reported during this period, including 52 critical vulnerabilities and 19 high severity vulnerabilities. This weekly summary report vulnerabilities in 113 products from 41 vendors including Microsoft, Apple, Google, Linux, and Adobe. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Information Exposure", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", and "Improper Input Validation".

  • 111 reported vulnerabilities are remotely exploitables.
  • 9 reported vulnerabilities have public exploit available.
  • 16 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 111 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 68 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 49 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

52 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-11-11 CVE-2015-8046 Adobe
Apple
Microsoft
Google
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, and CVE-2015-8044.

10.0
2015-11-11 CVE-2015-8044 Adobe
Apple
Microsoft
Linux
Google
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, and CVE-2015-8046.

10.0
2015-11-11 CVE-2015-8043 Adobe
Apple
Microsoft
Google
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8044, and CVE-2015-8046.

10.0
2015-11-11 CVE-2015-7663 Adobe
Apple
Microsoft
Google
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.

10.0
2015-11-10 CVE-2015-7828 SAP Improper Input Validation vulnerability in SAP Hana

SAP HANA Database 1.00 SPS10 and earlier do not require authentication, which allows remote attackers to execute arbitrary code or have unspecified other impact via a TrexNet packet to the (1) fcopydir, (2) fmkdir, (3) frmdir, (4) getenv, (5) dumpenv, (6) fcopy, (7) fput, (8) fdel, (9) fmove, (10) fget, (11) fappend, (12) fdir, (13) getTraces, (14) kill, (15) pexec, (16) stop, or (17) pythonexec method, aka SAP Security Note 2165583.

10.0
2015-11-09 CVE-2015-8096 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Picasa 3.9.140

Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to "phase one 0x412 tag," which triggers a heap-based buffer overflow.

10.0
2015-11-09 CVE-2014-8873 Oracle Improper Input Validation vulnerability in Oracle Openjdk 1.7.0

A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type registration that is added to /etc/mailcap by mime-support, which allows remote attackers to execute arbitrary code via a JAR file.

10.0
2015-11-13 CVE-2015-6045 Microsoft Remote Memory Corruption vulnerability in Microsoft Internet Explorer 11

Use-after-free vulnerability in the CElement object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript that improperly interacts with use of the Cascading Style Sheets (CSS) empty-cells property for a TABLE element, aka "Internet Explorer Memory Corruption Vulnerability." <a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>

9.3
2015-11-11 CVE-2015-8042 Adobe
Apple
Microsoft
Google
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted loadSound call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.

9.3
2015-11-11 CVE-2015-7661 Adobe
Google
Apple
Microsoft
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted getBounds call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.

9.3
2015-11-11 CVE-2015-7660 Adobe
Apple
Google
Microsoft
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted setMask arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.

9.3
2015-11-11 CVE-2015-7659 Adobe
Linux
Apple
Microsoft
Google
Remote Code Execution vulnerability in Adobe Flash Player and AIR

Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion" in the NetConnection object implementation.

9.3
2015-11-11 CVE-2015-7658 Adobe
Google
Apple
Microsoft
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionInstanceOf arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.

9.3
2015-11-11 CVE-2015-7657 Adobe
Google
Apple
Microsoft
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionCallMethod arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.

9.3
2015-11-11 CVE-2015-7656 Adobe
Google
Apple
Microsoft
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionImplementsOp arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.

9.3
2015-11-11 CVE-2015-7655 Adobe
Google
Linux
Apple
Microsoft
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionExtends arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.

9.3
2015-11-11 CVE-2015-7654 Adobe
Google
Apple
Microsoft
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted attachSound arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.

9.3
2015-11-11 CVE-2015-7653 Adobe
Linux
Apple
Microsoft
Google
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted globalToLocal arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.

9.3
2015-11-11 CVE-2015-7652 Adobe
Apple
Microsoft
Google
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted gridFitType property value, a different vulnerability than CVE-2015-7651, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.

9.3
2015-11-11 CVE-2015-7651 Adobe
Google
Linux
Apple
Microsoft
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted DefineFunction atoms, a different vulnerability than CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.

9.3
2015-11-11 CVE-2015-6104 Microsoft Improper Input Validation vulnerability in Microsoft products

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Windows Graphics Memory Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-6103.

9.3
2015-11-11 CVE-2015-6103 Microsoft Improper Input Validation vulnerability in Microsoft products

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Windows Graphics Memory Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-6104.

9.3
2015-11-11 CVE-2015-6097 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista

Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted Journal (.jnt) file, aka "Windows Journal Heap Overflow Vulnerability."

9.3
2015-11-11 CVE-2015-6094 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Excel, Excel for mac and Sharepoint Server

Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3
2015-11-11 CVE-2015-6093 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3
2015-11-11 CVE-2015-6092 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3
2015-11-11 CVE-2015-6091 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Office, Word and Word Viewer

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3
2015-11-11 CVE-2015-6089 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Jscript and Vbscript

The Microsoft (1) VBScript and (2) JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."

9.3
2015-11-11 CVE-2015-6087 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6066, CVE-2015-6070, CVE-2015-6071, CVE-2015-6074, and CVE-2015-6076.

9.3
2015-11-11 CVE-2015-6085 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/11

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6064 and CVE-2015-6084.

9.3
2015-11-11 CVE-2015-6084 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/11

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6064 and CVE-2015-6085.

9.3
2015-11-11 CVE-2015-6082 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-6073, CVE-2015-6075, CVE-2015-6077, CVE-2015-6079, and CVE-2015-6080.

9.3
2015-11-11 CVE-2015-6081 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6069.

9.3
2015-11-11 CVE-2015-6080 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-6073, CVE-2015-6075, CVE-2015-6077, CVE-2015-6079, and CVE-2015-6082.

9.3
2015-11-11 CVE-2015-6079 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-6073, CVE-2015-6075, CVE-2015-6077, CVE-2015-6080, and CVE-2015-6082.

9.3
2015-11-11 CVE-2015-6078 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6065.

9.3
2015-11-11 CVE-2015-6077 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-6073, CVE-2015-6075, CVE-2015-6079, CVE-2015-6080, and CVE-2015-6082.

9.3
2015-11-11 CVE-2015-6076 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6066, CVE-2015-6070, CVE-2015-6071, CVE-2015-6074, and CVE-2015-6087.

9.3
2015-11-11 CVE-2015-6075 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-6073, CVE-2015-6077, CVE-2015-6079, CVE-2015-6080, and CVE-2015-6082.

9.3
2015-11-11 CVE-2015-6074 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6066, CVE-2015-6070, CVE-2015-6071, CVE-2015-6076, and CVE-2015-6087.

9.3
2015-11-11 CVE-2015-6073 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-6075, CVE-2015-6077, CVE-2015-6079, CVE-2015-6080, and CVE-2015-6082.

9.3
2015-11-11 CVE-2015-6072 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6068, CVE-2015-6073, CVE-2015-6075, CVE-2015-6077, CVE-2015-6079, CVE-2015-6080, and CVE-2015-6082.

9.3
2015-11-11 CVE-2015-6071 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6066, CVE-2015-6070, CVE-2015-6074, CVE-2015-6076, and CVE-2015-6087.

9.3
2015-11-11 CVE-2015-6070 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6066, CVE-2015-6071, CVE-2015-6074, CVE-2015-6076, and CVE-2015-6087.

9.3
2015-11-11 CVE-2015-6069 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6081.

9.3
2015-11-11 CVE-2015-6068 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6072, CVE-2015-6073, CVE-2015-6075, CVE-2015-6077, CVE-2015-6079, CVE-2015-6080, and CVE-2015-6082.

9.3
2015-11-11 CVE-2015-6066 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6070, CVE-2015-6071, CVE-2015-6074, CVE-2015-6076, and CVE-2015-6087.

9.3
2015-11-11 CVE-2015-6065 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6078.

9.3
2015-11-11 CVE-2015-6064 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6084 and CVE-2015-6085.

9.3
2015-11-11 CVE-2015-6038 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3
2015-11-11 CVE-2015-2503 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Project 2010 SP2, Publisher 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Pinyin IME 2010, Access 2013 SP1, Excel 2013 SP1, InfoPath 2013 SP1, OneNote 2013 SP1, PowerPoint 2013 SP1, Project 2013 SP1, Publisher 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, OneNote 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Access 2016, Excel 2016, OneNote 2016, PowerPoint 2016, Project 2016, Publisher 2016, Visio 2016, Word 2016, Skype for Business 2016, and Lync 2013 SP1 allow remote attackers to bypass a sandbox protection mechanism and gain privileges via a crafted web site that is accessed with Internet Explorer, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Microsoft Office Elevation of Privilege Vulnerability."

9.3
2015-11-11 CVE-2015-2427 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 9

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3

19 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-11-13 CVE-2015-2698 MIT Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in MIT Kerberos 5 1.14

The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote authenticated users to cause a denial of service (memory corruption) or possibly have unspecified other impact by interacting with an application that calls the gss_export_sec_context function.

8.5
2015-11-12 CVE-2015-6555 Symantec Code Injection vulnerability in Symantec Endpoint Protection Manager

Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary Java code by connecting to the console Java port.

8.5
2015-11-14 CVE-2015-7419 IBM Resource Management Errors vulnerability in IBM Websphere Portal 8.0.0.1/8.5.0.0

IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

7.8
2015-11-14 CVE-2015-6367 Cisco Resource Management Errors vulnerability in Cisco Aironet Access Point Software 8.1(131.0)

Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly establishing many SSHv2 connections, aka Bug ID CSCux13374.

7.8
2015-11-11 CVE-2015-7662 Adobe
Linux
Google
Apple
Microsoft
Permissions, Privileges, and Access Controls vulnerability in Adobe products

Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow remote attackers to bypass intended access restrictions and write to files via unspecified vectors.

7.8
2015-11-15 CVE-2015-3977 Schneider Electric Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Imt25 Magnetic Flow DTM

Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART Protocol allows remote authenticated users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HART reply.

7.7
2015-11-13 CVE-2015-8126 Libpng
Fedoraproject
Suse
Opensuse
Debian
Redhat
Oracle
Apple
Canonical
Classic Buffer Overflow vulnerability in multiple products

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

7.5
2015-11-13 CVE-2015-7905 Unitronics Code Injection vulnerability in Unitronics Visilogic Oplc IDE 9.8.0.00

Unitronics VisiLogic OPLC IDE before 9.8.02 allows remote attackers to execute unspecified code via unknown vectors.

7.5
2015-11-12 CVE-2015-6554 Symantec OS Command Injection vulnerability in Symantec Endpoint Protection Manager

Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary OS commands via crafted data.

7.5
2015-11-10 CVE-2015-7994 SAP Improper Input Validation vulnerability in SAP Hana 1.00.73.00.389160

The SQL interface in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to execute arbitrary code via unspecified vectors related to "SQL Login," aka SAP Security Note 2197428.

7.5
2015-11-10 CVE-2015-7993 SAP Improper Input Validation vulnerability in SAP Hana 1.00.73.00.389160

The Extended Application Services (aka XS or XS Engine) in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to execute arbitrary code via unspecified vectors related to "HTTP Login," aka SAP Security Note 2197397.

7.5
2015-11-09 CVE-2015-2213 Wordpress SQL Injection vulnerability in Wordpress

SQL injection vulnerability in the wp_untrash_post_comments function in wp-includes/post.php in WordPress before 4.2.4 allows remote attackers to execute arbitrary SQL commands via a comment that is mishandled after retrieval from the trash.

7.5
2015-11-12 CVE-2015-8113 Symantec Incomplete Fix Binary Planting vulnerability in Symantec Endpoint Protection 11.0

Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1 before 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install package.

7.2
2015-11-12 CVE-2015-7818 IBM
Lenovo
Permissions, Privileges, and Access Controls vulnerability in multiple products

The administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows local users to execute arbitrary JSP code with SYSTEM privileges by using the Apache Axis AdminService deployment method to install a .jsp file.

7.2
2015-11-11 CVE-2015-6098 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista

Buffer overflow in the Network Driver Interface Standard (NDIS) implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows NDIS Elevation of Privilege Vulnerability."

7.2
2015-11-11 CVE-2015-2478 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application that triggers a Winsock call referencing an invalid address, aka "Winsock Elevation of Privilege Vulnerability."

7.2
2015-11-12 CVE-2015-7820 Lenovo
IBM
Race Condition vulnerability in multiple products

Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide ZipDownload.jsp input containing directory traversal sequences to read arbitrary files, via a request to port 40080 or 40443.

7.1
2015-11-12 CVE-2015-7817 IBM
Lenovo
Race Condition vulnerability in multiple products

Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide FileReader.jsp input containing directory traversal sequences to read arbitrary text files, via a request to port 40080 or 40443.

7.1
2015-11-09 CVE-2015-2696 MIT
Opensuse
Suse
Debian
Canonical
Source Code vulnerability in multiple products

lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call.

7.1

45 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-11-11 CVE-2015-6101 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6100.

6.9
2015-11-11 CVE-2015-6100 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6101.

6.9
2015-11-13 CVE-2015-6478 Unitronics Improper Access Control vulnerability in Unitronics Visilogic Oplc IDE 9.8.0.00

Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site.

6.8
2015-11-11 CVE-2015-6111 Microsoft Resource Management Errors vulnerability in Microsoft products

IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated users to cause a denial of service (system hang) via crafted IP traffic, aka "Windows IPSec Denial of Service Vulnerability."

6.8
2015-11-10 CVE-2015-5214 Canonical
Debian
Libreoffice
Apache
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.

6.8
2015-11-10 CVE-2015-5213 Canonical
Debian
Apache
Libreoffice
Numeric Errors vulnerability in multiple products

Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.

6.8
2015-11-10 CVE-2015-5212 Libreoffice
Apache
Debian
Canonical
Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document.

6.8
2015-11-09 CVE-2015-8003 Mediawiki Resource Management Errors vulnerability in Mediawiki

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads.

6.8
2015-11-09 CVE-2015-8002 Mediawiki Resource Management Errors vulnerability in Mediawiki

The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 allows remote authenticated users to cause a denial of service (disk consumption) via a file upload using one byte chunks.

6.8
2015-11-09 CVE-2015-5731 Wordpress Cross-Site Request Forgery (CSRF) vulnerability in Wordpress

Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php in WordPress before 4.2.4 allows remote attackers to hijack the authentication of administrators for requests that lock a post, and consequently cause a denial of service (editing blockage), via a get-post-lock action.

6.8
2015-11-14 CVE-2015-7774 PC EGG
PHP
OS Command Injection vulnerability in Pc-Egg Pwebmanager

PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role.

6.5
2015-11-11 CVE-2015-6112 Microsoft Improper Input Validation vulnerability in Microsoft products

SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 lacks the required extended master-secret binding support to ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack," aka "Schannel TLS Triple Handshake Vulnerability."

5.8
2015-11-10 CVE-2015-5655 Adways Cryptographic Issues vulnerability in Adways Party Track SDK 1.6.5

The Adways Party Track SDK before 1.6.6 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2015-11-14 CVE-2015-7427 IBM Information Exposure vulnerability in IBM Datapower Gateway

IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x before 7.0.0.10, 7.1.0.x before 7.1.0.7, and 7.2.x before 7.2.0.1 do not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session.

5.0
2015-11-14 CVE-2015-6364 Cisco Information Exposure vulnerability in Cisco Videoscape Distribution Suite Service Manager 3.0.0/3.1.0/3.2.0

Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960.

5.0
2015-11-13 CVE-2015-6366 Cisco Improper Access Control vulnerability in Cisco IOS 15.2(4)M6/15.4(3)S

Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs supersede tunnel-interface ACLs, which allows remote attackers to bypass intended network-traffic restrictions in opportunistic circumstances by using a tunnel, aka Bug ID CSCur01042.

5.0
2015-11-12 CVE-2015-7819 Lenovo
IBM
Credentials Management vulnerability in multiple products

The DB service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain sensitive administrator-account information via a request on port 40999, as demonstrated by an improperly encrypted password.

5.0
2015-11-10 CVE-2015-7991 SAP Information Exposure vulnerability in SAP Hana 1.00.73.00.389160

The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to read web dispatcher and security trace files and possibly obtain passwords via unspecified vectors, aka SAP Security Note 2148854.

5.0
2015-11-09 CVE-2015-8005 Mediawiki Information Exposure vulnerability in Mediawiki

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote attackers to obtain the installation path by reading the metadata of a PNG thumbnail file.

5.0
2015-11-09 CVE-2015-8095 Monster Menus Module Project
Drupal
Information Exposure vulnerability in Monster Menus Module Project Monster Menus

The recycle bin feature in the Monster Menus module 7.x-1.21 before 7.x-1.24 for Drupal does not properly remove nodes from view, which allows remote attackers to obtain sensitive information via an unspecified URL pattern.

5.0
2015-11-09 CVE-2015-8041 W1 FI
Opensuse
Numeric Errors vulnerability in multiple products

Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.

5.0
2015-11-09 CVE-2015-7940 Opensuse
Bouncycastle
Oracle
Information Exposure vulnerability in multiple products

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."

5.0
2015-11-09 CVE-2015-7295 Qemu
Fedoraproject
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macvtap interface.

5.0
2015-11-09 CVE-2015-5730 Wordpress Information Exposure vulnerability in Wordpress

The sanitize_widget_instance function in wp-includes/class-wp-customize-widgets.php in WordPress before 4.2.4 does not use a constant-time comparison for widgets, which allows remote attackers to conduct a timing side-channel attack by measuring the delay before inequality is calculated.

5.0
2015-11-09 CVE-2015-2695 MIT
Oracle
Canonical
Debian
Opensuse
Suse
Release of Invalid Pointer or Reference vulnerability in multiple products

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.

5.0
2015-11-11 CVE-2015-6095 Microsoft Credentials Management vulnerability in Microsoft products

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles password changes, which allows physically proximate attackers to bypass authentication, and conduct decryption attacks against certain BitLocker configurations, by connecting to an unintended Key Distribution Center (KDC), aka "Windows Kerberos Security Feature Bypass."

4.9
2015-11-12 CVE-2015-5441 HP Cross-site Scripting vulnerability in HP Archsight Management Center and Arcsight Logger

Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Management Center before 2.1 and ArcSight Logger before 6.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2015-11-11 CVE-2015-6123 Microsoft Cross-site Scripting vulnerability in Microsoft Excel FOR mac 2011/2016

Cross-site scripting (XSS) vulnerability in Microsoft Excel for Mac 2011 and Excel 2016 for Mac allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message that is mishandled by Outlook for Mac, aka "Microsoft Outlook for Mac Spoofing Vulnerability."

4.3
2015-11-11 CVE-2015-6115 Microsoft Information Exposure vulnerability in Microsoft .Net Framework 2.0/3.5/3.5.1

Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka ".NET ASLR Bypass."

4.3
2015-11-11 CVE-2015-6099 Microsoft Cross-site Scripting vulnerability in Microsoft .Net Framework

Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka ".NET Elevation of Privilege Vulnerability."

4.3
2015-11-11 CVE-2015-6096 Microsoft Information Exposure vulnerability in Microsoft .Net Framework

The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka ".NET Information Disclosure Vulnerability."

4.3
2015-11-11 CVE-2015-6088 Microsoft Information Exposure vulnerability in Microsoft Edge and Internet Explorer

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass."

4.3
2015-11-11 CVE-2015-6086 Microsoft Information Exposure vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."

4.3
2015-11-11 CVE-2015-6061 Microsoft Cross-site Scripting vulnerability in Microsoft Lync, Lync Room System and Skype for Business

Cross-site scripting (XSS) vulnerability in Microsoft Skype for Business 2016, Lync 2010 and 2013 SP1, Lync 2010 Attendee, and Lync Room System allows remote attackers to inject arbitrary web script or HTML via an instant-message session, aka "Server Input Validation Information Disclosure Vulnerability."

4.3
2015-11-10 CVE-2015-4551 Libreoffice
Canonical
Debian
Apache
Information Exposure vulnerability in multiple products

LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer.

4.3
2015-11-09 CVE-2015-8006 Pagetriage Project Cross-site Scripting vulnerability in Pagetriage Project Pagetriage

Cross-site scripting (XSS) vulnerability in the PageTriage toolbar in the PageTriage extension for MediWiki allows remote attackers to inject arbitrary web script or HTML via the page title.

4.3
2015-11-09 CVE-2015-5734 Wordpress Cross-site Scripting vulnerability in Wordpress

Cross-site scripting (XSS) vulnerability in the legacy theme preview implementation in wp-includes/theme.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a crafted string.

4.3
2015-11-09 CVE-2015-5733 Wordpress Cross-site Scripting vulnerability in Wordpress

Cross-site scripting (XSS) vulnerability in the refreshAdvancedAccessibilityOfItem function in wp-admin/js/nav-menu.js in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via an accessibility-helper title.

4.3
2015-11-09 CVE-2015-5732 Wordpress Cross-site Scripting vulnerability in Wordpress

Cross-site scripting (XSS) vulnerability in the form function in the WP_Nav_Menu_Widget class in wp-includes/default-widgets.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a widget title.

4.3
2015-11-14 CVE-2015-6365 Cisco Improper Input Validation vulnerability in Cisco IOS 15.2(4)M/15.4(3)M

Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs supersede virtual PPP interface ACLs, which allows remote authenticated users to bypass intended network-traffic restrictions in opportunistic circumstances by using PPP, aka Bug ID CSCur61303.

4.0
2015-11-10 CVE-2015-7992 SAP Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Hana 1.00.73.00.389160

SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to cause a denial of service (memory corruption and indexserver crash) via unspecified vectors to the EXECUTE_SEARCH_RULE_SET stored procedure, aka SAP Security Note 2175928.

4.0
2015-11-10 CVE-2015-6362 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Connected Grid Network Management System 3.0(0.35)/3.0(0.54)

The web GUI in Cisco Connected Grid Network Management System (CG-NMS) 3.0(0.35) and 3.0(0.54) allows remote authenticated users to bypass intended access restrictions and modify the configuration by leveraging the Monitor-Only role, aka Bug ID CSCuw42640.

4.0
2015-11-09 CVE-2015-8007 Echo Project Information Exposure vulnerability in Echo Project Echo

The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows remote authenticated users to see hidden usernames in "non-revision based" notifications, as demonstrated by viewing a hidden username in a Thanks notification.

4.0
2015-11-09 CVE-2015-8004 Mediawiki Permissions, Privileges, and Access Controls vulnerability in Mediawiki

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly restrict access to revisions, which allows remote authenticated users with the viewsuppressed user right to remove revision suppressions via a crafted revisiondelete action, which returns a valid a change form.

4.0
2015-11-09 CVE-2015-2697 MIT
Oracle
Canonical
Debian
Opensuse
Suse
Out-of-bounds Read vulnerability in multiple products

The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.

4.0

11 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-11-14 CVE-2013-5229 Apple 7PK - Security Features vulnerability in Apple Remote Desktop and mac OS X

The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box.

3.7
2015-11-12 CVE-2015-6363 Cisco Cross-site Scripting vulnerability in Cisco Firesight System Software 5.4.1.4/6.0.1

Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco FireSIGHT Management Center (MC) 5.4.1.4 and 6.0.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuw88396.

3.5
2015-11-10 CVE-2015-8105 Opensuse
Roundcube
Cross-site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in program/js/app.js in Roundcube webmail before 1.0.7 and 1.1.x before 1.1.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name in a drag-n-drop file upload.

3.5
2015-11-09 CVE-2015-8001 Mediawiki Improper Access Control vulnerability in Mediawiki

The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not restrict the uploaded data to the claimed file size, which allows remote authenticated users to cause a denial of service via a chunk that exceeds the file size.

3.5
2015-11-11 CVE-2015-6113 Microsoft 7PK - Security Features vulnerability in Microsoft products

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass intended filesystem permissions by leveraging Low Integrity access, aka "Windows Kernel Security Feature Bypass Vulnerability."

2.1
2015-11-11 CVE-2015-6109 Microsoft Information Exposure vulnerability in Microsoft products

The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows Kernel Memory Information Disclosure Vulnerability."

2.1
2015-11-11 CVE-2015-6102 Microsoft Information Exposure vulnerability in Microsoft products

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows Kernel Memory Information Disclosure Vulnerability."

2.1
2015-11-10 CVE-2015-8025 Canonical
Xscreensaver Project
Permissions, Privileges, and Access Controls vulnerability in multiple products

driver/subprocs.c in XScreenSaver before 5.34 does not properly perform an internal consistency check, which allows physically proximate attackers to bypass the lock screen by hot swapping monitors.

2.1
2015-11-10 CVE-2015-8100 NET Snmp Information Exposure vulnerability in Net-Snmp

The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file.

2.1
2015-11-09 CVE-2015-5218 Kernel
Opensuse
Opensuse Project
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.

2.1
2015-11-14 CVE-2015-7404 IBM
Microsoft
Information Exposure vulnerability in IBM products

IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka Spectrum Protect for Databases) 5.5 before 5.5.6.2, 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server (aka Spectrum Protect for Mail) 5.5 before 5.5.1.1, 6.1 and 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; and Tivoli Storage FlashCopy Manager for Windows (aka Spectrum Protect Snapshot) 2.x and 3.1 before 3.1.1.6, 3.2 before 3.2.1.8, and 4.1 before 4.1.4, when application tracing is configured, write cleartext passwords during changetsmpassword command execution, which allows local users to obtain sensitive information by reading the application trace output.

1.9