Weekly Vulnerabilities Reports > March 14 to 20, 2016
Overview
31 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 6 high severity vulnerabilities. This weekly summary report vulnerabilities in 37 products from 18 vendors including HP, IBM, Symantec, Vmware, and Microfocus. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Improper Access Control".
- 26 reported vulnerabilities are remotely exploitables.
- 10 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 18 reported vulnerabilities are exploitable by an anonymous user.
- HP has the most reported vulnerabilities, with 8 reported vulnerabilities.
- HP has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
6 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-03-19 | CVE-2016-2245 | HP | Improper Authentication vulnerability in HP Support Assistant 8.1.40.3 HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors. | 10.0 |
2016-03-18 | CVE-2016-1995 | HP | Unspecified vulnerability in HP System Management Homepage HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2016-03-17 | CVE-2016-2345 | Dameware | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dameware Mini Remote Control 12.0 Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafted string. | 10.0 |
2016-03-15 | CVE-2016-1989 | HP | Unspecified vulnerability in HP Network Automation HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988. | 10.0 |
2016-03-15 | CVE-2016-1988 | HP | Unspecified vulnerability in HP Network Automation HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1989. | 10.0 |
2016-03-18 | CVE-2015-8154 | Symantec | Permissions, Privileges, and Access Controls vulnerability in Symantec Endpoint Protection Manager The SysPlant.sys driver in the Application and Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6-MP4 allows remote attackers to execute arbitrary code via a crafted HTML document, related to "RWX Permissions." | 9.3 |
6 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-03-18 | CVE-2014-9768 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Netview Access Services IBM Tivoli NetView Access Services (NVAS) allows remote authenticated users to gain privileges by entering the ADM command and modifying a "page ID" field to the EMSPG2 transaction code. | 8.8 |
2016-03-18 | CVE-2015-8152 | Symantec | Cross-Site Request Forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager 12.1 Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script. | 8.5 |
2016-03-18 | CVE-2015-8153 | Symantec | SQL Injection vulnerability in Symantec Endpoint Protection Manager SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 8.3 |
2016-03-17 | CVE-2016-2342 | Quagga Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data length field during a data copy, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted packet. | 7.6 |
2016-03-17 | CVE-2016-3191 | Pcre | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre and Pcre2 The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542. | 7.5 |
2016-03-14 | CVE-2016-2856 | Canonical Debian GNU | Permissions, Privileges, and Access Controls vulnerability in multiple products pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. | 7.2 |
14 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-03-16 | CVE-2016-2846 | Siemens | 7PK - Security Features vulnerability in Siemens Simatic S7 CPU 1200 Firmware 2.0/3.0/3.0.2 Siemens SIMATIC S7-1200 CPU devices before 4.0 allow remote attackers to bypass a "user program block" protection mechanism via unspecified vectors. | 6.4 |
2016-03-18 | CVE-2015-5968 | Novell | Cross-site Scripting vulnerability in Novell Filr 1.2 Cross-site scripting (XSS) vulnerability in Novell Filr 1.2 before Hot Patch 4 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 6.1 |
2016-03-18 | CVE-2016-2281 | ABB | Permissions, Privileges, and Access Controls vulnerability in ABB Panel Builder 800 5.1 Untrusted search path vulnerability in ABB Panel Builder 800 5.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | 6.0 |
2016-03-16 | CVE-2016-1991 | Microfocus | Arbitrary File Download vulnerability in HP ArcSight ESM and ArcSight ESM Express HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors. | 6.0 |
2016-03-18 | CVE-2016-1993 | HP | Unspecified vulnerability in HP System Management Homepage HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | 5.5 |
2016-03-14 | CVE-2016-1731 | Apple | Cryptographic Issues vulnerability in Apple Software Update Apple Software Update before 2.2 on Windows does not use HTTPS, which makes it easier for man-in-the-middle attackers to spoof updates by modifying the client-server data stream. | 5.0 |
2016-03-19 | CVE-2016-0283 | IBM | Cross-site Scripting vulnerability in IBM Websphere Application Server Cross-site scripting (XSS) vulnerability in the OpenID Connect (OIDC) client web application in IBM WebSphere Application Server (WAS) Liberty Profile 8.5.5 before 8.5.5.9 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2016-03-19 | CVE-2016-2287 | Xzeres | Cross-site Scripting vulnerability in Xzeres 442Sr OS Cross-site scripting (XSS) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2016-03-19 | CVE-2015-2286 | EDX | Information Exposure vulnerability in EDX Open EDX 20150127 lms/templates/footer-edx-new.html in Open edX edx-platform before 2015-01-29 does not properly restrict links on the password-reset page, which allows user-assisted remote attackers to discover password-reset tokens by reading a referer log after a victim navigates from this page to a social-sharing site. | 4.3 |
2016-03-16 | CVE-2016-1990 | Microfocus | Permissions, Privileges, and Access Controls vulnerability in Microfocus Arcsight Enterprise Security Manager HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors. | 4.3 |
2016-03-14 | CVE-2016-0208 | IBM | Improper Access Control vulnerability in IBM Websphere Commerce IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and 8.x before 8.0.0.3 allows remote attackers to cause a denial of service (order-processing outage) via unspecified vectors. | 4.3 |
2016-03-18 | CVE-2016-1994 | HP | Information Exposure vulnerability in HP System Management Homepage HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors. | 4.0 |
2016-03-17 | CVE-2016-1992 | HP | Information Exposure vulnerability in HP products HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors. | 4.0 |
2016-03-14 | CVE-2016-0222 | IBM | Improper Access Control vulnerability in IBM products IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote authenticated users to bypass intended access restrictions and read arbitrary purchase-order work logs via unspecified vectors. | 4.0 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-03-18 | CVE-2016-3155 | Siemens | Information Exposure vulnerability in Siemens Apogee Insight Siemens APOGEE Insight uses weak permissions for the application folder, which allows local users to obtain sensitive information or modify data via unspecified vectors. | 3.6 |
2016-03-18 | CVE-2016-1996 | HP | Security Bypass vulnerability in HP System Management Homepage HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors. | 3.6 |
2016-03-16 | CVE-2016-2075 | Vmware | Cross-site Scripting vulnerability in VMWare Vrealize Business Advanced and Enterprise Cross-site scripting (XSS) vulnerability in VMware vRealize Business Advanced and Enterprise 8.x before 8.2.5 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2016-03-16 | CVE-2015-2344 | Linux Vmware | Cross-site Scripting vulnerability in VMWare Vrealize Automation Cross-site scripting (XSS) vulnerability in VMware vRealize Automation 6.x before 6.2.4 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2016-03-14 | CVE-2016-0262 | IBM | Cross-site Scripting vulnerability in IBM Maximo Asset Management Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1.1 through 7.1.1.3, 7.5.0 before 7.5.0.9 IFIX004, and 7.6.0 before 7.6.0.3 IFIX001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |