Weekly Vulnerabilities Reports > November 28 to December 4, 2016

Overview

86 new vulnerabilities reported during this period, including 5 critical vulnerabilities and 9 high severity vulnerabilities. This weekly summary report vulnerabilities in 253 products from 19 vendors including IBM, Linux, Bluez, Lenovo, and Microsoft. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Information Exposure", "Cross-site Scripting", "Improper Input Validation", and "Improper Access Control".

  • 61 reported vulnerabilities are remotely exploitables.
  • 4 reported vulnerabilities have public exploit available.
  • 25 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 60 reported vulnerabilities are exploitable by an anonymous user.
  • IBM has the most reported vulnerabilities, with 47 reported vulnerabilities.
  • Linux has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

5 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2016-12-03 CVE-2016-9796 Alcatel Lucent Permissions, Privileges, and Access Controls vulnerability in Alcatel-Lucent Omnivista 8770 Network Management System 2.0/2.6/3.0

Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be queried using the GIOP protocol on TCP port 30024.

10.0
2016-11-28 CVE-2016-9555 Linux Out-of-bounds Read vulnerability in Linux Kernel

The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.

10.0
2016-11-28 CVE-2016-9644 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel

The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application.

9.3
2016-11-28 CVE-2016-9313 Linux NULL Pointer Dereference vulnerability in Linux Kernel

security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial of service (NULL pointer dereference and panic) or possibly have unspecified other impact via a crafted application that uses the big_key data type.

9.3
2016-11-29 CVE-2016-5685 Dell Injection vulnerability in Dell Idrac7 Firmware and Idrac8 Firmware

Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.

9.0

9 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2016-11-30 CVE-2016-2876 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it easier for remote authenticated users to obtain root access by leveraging a command-injection issue.

8.5
2016-11-29 CVE-2016-9481 Exponentcms SQL Injection vulnerability in Exponentcms Exponent CMS 2.4.0

In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id input is passed into showComments.

7.5
2016-12-02 CVE-2016-9638 BMC Permissions, Privileges, and Access Controls vulnerability in BMC Patrol 9.13.10.01

In BMC Patrol before 9.13.10.02, the binary "listguests64" is configured with the setuid bit.

7.2
2016-12-01 CVE-2016-2946 IBM
Linux
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Tivoli Monitoring

Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors.

7.2
2016-11-29 CVE-2016-8223 Lenovo
Microsoft
Improper Access Control vulnerability in Lenovo System Interface Foundation

During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with local privileges could run arbitrary code with administrator level privileges.

7.2
2016-11-29 CVE-2016-1247 Nginx Link Following vulnerability in Nginx

The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users with access to the web server user account to gain root privileges via a symlink attack on the error log.

7.2
2016-11-28 CVE-2016-9083 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state machine confusion bug."

7.2
2016-11-28 CVE-2016-8632 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability.

7.2
2016-11-28 CVE-2015-1328 Canonical
Linux
Permissions, Privileges, and Access Controls vulnerability in multiple products

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

7.2

58 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2016-11-30 CVE-2016-2963 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Bigfix Remote Control 9.1.2

Cross-site request forgery (CSRF) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

6.8
2016-11-30 CVE-2016-2933 IBM Path Traversal vulnerability in IBM Bigfix Remote Control 9.1.2

Directory traversal vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated administrators to read arbitrary files via a crafted request.

6.8
2016-11-29 CVE-2016-1251 DBD Mysql Project Use After Free vulnerability in Dbd-Mysql Project Dbd-Mysql

There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1.

6.8
2016-11-30 CVE-2016-2917 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Tririga Application Platform 10.4/10.5

The notifications component in IBM TRIRIGA Applications 10.4 and 10.5 before 10.5.1 allows remote authenticated users to obtain sensitive password information, and consequently gain privileges, via unspecified vectors.

6.5
2016-11-30 CVE-2016-2873 IBM SQL Injection vulnerability in IBM Qradar Security Information and Event Manager

SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.5
2016-11-29 CVE-2016-5393 Apache Improper Access Control vulnerability in Apache Hadoop

In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service.

6.5
2016-11-30 CVE-2016-2881 IBM 7PK - Security Features vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 and QRadar Incident Forensics 7.2 before 7.2.7 allow remote attackers to bypass intended access restrictions via modified request parameters.

6.4
2016-11-30 CVE-2016-2937 IBM Improper Input Validation vulnerability in IBM Bigfix Remote Control 9.1.2

IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive information or spoof e-mail transmission via a crafted POST request, related to an "untrusted information vulnerability."

6.4
2016-11-29 CVE-2016-9480 Libdwarf Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libdwarf Project Libdwarf 20161021

libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read" issue affecting the dwarf_util.c component, aka DW201611-006.

6.4
2016-11-28 CVE-2016-8633 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.

6.2
2016-11-30 CVE-2016-2884 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Forms Experience Builder

Cross-site request forgery (CSRF) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3.1, in an unspecified non-default configuration, allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

6.0
2016-11-30 CVE-2016-2878 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Qradar Security Information and Event Manager

Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

6.0
2016-12-01 CVE-2016-3055 IBM XXE vulnerability in IBM Filenet Workplace 4.0.2

IBM FileNet Workplace 4.0.2 before 4.0.2.14 LA012 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

5.5
2016-12-01 CVE-2016-3033 IBM XXE vulnerability in IBM Appscan Source

IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

5.5
2016-11-30 CVE-2016-2887 IBM
Microsoft
Improper Access Control vulnerability in IBM IMS Enterprise Suite 1.1/2.1/2.2

IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for Microsoft .NET allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.

5.5
2016-12-03 CVE-2016-9804 Bluez Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez 5.42

In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file.

5.0
2016-12-03 CVE-2016-9803 Bluez Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez 5.42

In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file.

5.0
2016-12-03 CVE-2016-9802 Bluez Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez 5.42

In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file.

5.0
2016-12-03 CVE-2016-9801 Bluez Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez 5.42

In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file.

5.0
2016-12-03 CVE-2016-9800 Bluez Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez 5.42

In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file.

5.0
2016-12-03 CVE-2016-9799 Bluez Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez 5.42

In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file.

5.0
2016-12-03 CVE-2016-9798 Bluez Use After Free vulnerability in Bluez 5.42

In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file.

5.0
2016-12-03 CVE-2016-9797 Bluez Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez 5.42

In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file.

5.0
2016-12-02 CVE-2016-9479 B2Evolution Credentials Management vulnerability in B2Evolution

The "lost password" functionality in b2evolution before 6.7.9 allows remote attackers to reset arbitrary user passwords via a crafted request.

5.0
2016-12-01 CVE-2016-9752 S9Y Server-Side Request Forgery (SSRF) vulnerability in S9Y Serendipity

In Serendipity before 2.0.5, an attacker can bypass SSRF protection by using a malformed IP address (e.g., http://127.1) or a 30x (aka Redirection) HTTP status code.

5.0
2016-12-01 CVE-2016-3012 IBM Information Exposure vulnerability in IBM API Connect and Network Path Manager

IBM API Connect (aka APIConnect) before 5.0.3.0 with NPM before 2.2.8 includes certain internal server credentials in the software package, which might allow remote attackers to bypass intended access restrictions by leveraging knowledge of these credentials.

5.0
2016-11-30 CVE-2016-9564 BOA Improper Input Validation vulnerability in BOA 0.92R

Buffer overflow in send_redirect() in Boa Webserver 0.92r allows remote attackers to DoS via an HTTP GET request requesting a long URI with only '/' and '.' characters.

5.0
2016-11-30 CVE-2016-5987 IBM Improper Input Validation vulnerability in IBM Maximo Asset Management

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.10 IF4, and 7.6 before 7.6.0.5 IF3 allows remote attackers to obtain sensitive information via a crafted HTTP request that triggers construction of a runtime error message.

5.0
2016-11-30 CVE-2016-2944 IBM Improper Authentication vulnerability in IBM Bigfix Remote Control 9.1.2

IBM BigFix Remote Control before 9.1.3 does not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach.

5.0
2016-11-30 CVE-2016-2940 IBM Information Exposure vulnerability in IBM Bigfix Remote Control 9.1.2

Multiple unspecified vulnerabilities in IBM BigFix Remote Control before 9.1.3 allow remote attackers to obtain sensitive information via unknown vectors.

5.0
2016-11-30 CVE-2016-2936 IBM Credentials Management vulnerability in IBM Bigfix Remote Control 9.1.2

IBM BigFix Remote Control before 9.1.3 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information via unknown vectors.

5.0
2016-11-30 CVE-2016-2935 IBM Improper Input Validation vulnerability in IBM Bigfix Remote Control 9.1.2

The broker application in IBM BigFix Remote Control before 9.1.3 allows remote attackers to cause a denial of service via an invalid HTTP request.

5.0
2016-11-30 CVE-2016-2932 IBM XML Injection (aka Blind XPath Injection) vulnerability in IBM Bigfix Remote Control 9.1.2

IBM BigFix Remote Control before 9.1.3 allows remote attackers to conduct XML injection attacks via unspecified vectors.

5.0
2016-11-30 CVE-2016-2931 IBM Information Exposure vulnerability in IBM Bigfix Remote Control 9.1.2

IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive cleartext information by sniffing the network.

5.0
2016-12-01 CVE-2016-3047 IBM Open Redirect vulnerability in IBM Filenet Workplace 4.0.2

Open redirect vulnerability in IBM FileNet Workplace 4.0.2 through 4.0.2.14 IF001 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

4.9
2016-12-01 CVE-2016-3044 IBM Improper Input Validation vulnerability in IBM Powerkvm

The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 and 3.1 before 3.1.0.2 allows guest OS users to cause a denial of service (host OS infinite loop and hang) via unspecified vectors.

4.9
2016-11-30 CVE-2016-3004 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Connections 4.0.0.0/4.5.0.0/5.0.0.0

Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that modify the set of available applications.

4.9
2016-11-28 CVE-2016-9191 Linux Improper Input Validation vulnerability in Linux Kernel

The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by trinity.

4.9
2016-11-28 CVE-2016-8650 Linux Improper Input Validation vulnerability in Linux Kernel

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

4.9
2016-11-28 CVE-2016-8646 Linux NULL Pointer Dereference vulnerability in Linux Kernel

The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data.

4.9
2016-11-28 CVE-2016-8645 Linux Improper Access Control vulnerability in Linux Kernel

The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.

4.9
2016-11-28 CVE-2016-8630 Linux Improper Access Control vulnerability in Linux Kernel

The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux kernel before 4.8.7, when KVM is enabled, allows local users to cause a denial of service (host OS crash) via a certain use of a ModR/M byte in an undefined instruction.

4.9
2016-11-28 CVE-2015-8970 Linux NULL Pointer Dereference vulnerability in Linux Kernel

crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that does not supply a key, related to the lrw_crypt function in crypto/lrw.c.

4.9
2016-11-30 CVE-2016-8222 Lenovo Improper Access Control vulnerability in Lenovo products

A vulnerability has been identified in a signed kernel driver for the BIOS of some ThinkPad systems that can allow an attacker with Windows administrator-level privileges to call System Management Mode (SMM) services.

4.7
2016-11-30 CVE-2016-2871 IBM Credentials Management vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information by reading a configuration file.

4.6
2016-11-30 CVE-2016-2948 IBM Use of Hard-coded Credentials vulnerability in IBM Bigfix Remote Control 9.1.2

IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unspecified vectors.

4.6
2016-11-29 CVE-2016-8224 Lenovo Cryptographic Issues vulnerability in Lenovo products

A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections.

4.6
2016-11-28 CVE-2016-9084 Linux Integer Overflow or Wraparound vulnerability in Linux Kernel

drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.

4.6
2016-12-01 CVE-2016-9751 Piwigo Cross-site Scripting vulnerability in Piwigo 2.8.3

Cross-site scripting (XSS) vulnerability in the search results front end in Piwigo 2.8.3 allows remote attackers to inject arbitrary web script or HTML via the search parameter.

4.3
2016-11-30 CVE-2016-3057 IBM Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 5.2

Cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2016-11-30 CVE-2016-2953 IBM Cryptographic Issues vulnerability in IBM Connections 4.0.0.0/4.5.0.0/5.0.0.0

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 does not require SSL, which allows remote attackers to obtain sensitive cleartext information by sniffing the network.

4.3
2016-11-30 CVE-2016-2952 IBM Information Exposure vulnerability in IBM Bigfix Remote Control 9.1.2

IBM BigFix Remote Control before 9.1.3 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP.

4.3
2016-11-30 CVE-2016-2951 IBM Cryptographic Issues vulnerability in IBM Bigfix Remote Control 9.1.2

IBM BigFix Remote Control before 9.1.3 does not properly set the default encryption strength, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and performing calculations on encrypted data.

4.3
2016-11-30 CVE-2016-2934 IBM Cross-site Scripting vulnerability in IBM Bigfix Remote Control 9.1.2

Cross-site scripting (XSS) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2016-11-29 CVE-2016-5765 Microfocus Path Traversal vulnerability in Microfocus products

Administrative Server in Micro Focus Host Access Management and Security Server (MSS) and Reflection for the Web (RWeb) and Reflection Security Gateway (RSG) and Reflection ZFE (ZFE) allows remote unauthenticated attackers to read arbitrary files via a specially crafted URL that allows limited directory traversal.

4.3
2016-11-30 CVE-2016-2958 IBM Information Exposure vulnerability in IBM Connections 4.0.0.0/4.5.0.0/5.0.0.0

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to obtain sensitive information by reading an "archaic" e-mail address in a response.

4.0
2016-11-30 CVE-2016-2957 IBM Information Exposure vulnerability in IBM Connections 4.0.0.0/4.5.0.0/5.0.0.0

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to obtain sensitive information by reading a stack trace in a response.

4.0
2016-11-30 CVE-2016-2950 IBM SQL Injection vulnerability in IBM Bigfix Remote Control 9.1.2

SQL injection vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

4.0

14 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2016-12-01 CVE-2016-2994 IBM Cross-site Scripting vulnerability in IBM Urbancode Deploy

Cross-site scripting (XSS) vulnerability in IBM UrbanCode Deploy 6.2.x before 6.2.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2016-12-01 CVE-2016-2991 IBM Cross-site Scripting vulnerability in IBM Lotus Protector for Mail Security 2.8/2.8.1

Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Protector for Mail Security 2.8.0.0 through 2.8.1.0 before 2.8.1.0-22115 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2016-12-01 CVE-2016-2955 IBM Cross-site Scripting vulnerability in IBM Connections 5.0.0.0/5.5.0.0

Cross-site scripting (XSS) vulnerability in IBM Connections 5.0 before CR4 and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2016-11-30 CVE-2016-2874 IBM Improper Access Control vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

3.5
2016-11-30 CVE-2016-2869 IBM Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager

Multiple cross-site scripting (XSS) vulnerabilities in the UI in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote authenticated users to inject arbitrary web script or HTML via crafted fields in a URL.

3.5
2016-11-30 CVE-2016-5905 IBM Cross-site Scripting vulnerability in IBM Maximo Asset Management

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.10 IF3 and 7.6 before 7.6.0.5 IF2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2016-11-30 CVE-2016-5890 IBM Credentials Management vulnerability in IBM Sterling B2B Integrator 5.2

IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote authenticated users to change arbitrary passwords via unspecified vectors.

3.5
2016-11-30 CVE-2016-3014 IBM Cross-site Scripting vulnerability in IBM products

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Quality Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Team Concert 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational DOORS Next Generation 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Rhapsody Design Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, and Rational Software Architect Design Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2016-11-30 CVE-2016-3009 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Connections 4.0.0.0/4.5.0.0/5.0.0.0

Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that modify the Connections generic page.

3.5
2016-11-30 CVE-2016-2877 IBM Permission Issues vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified directories under the web root, which allows local users to modify data by writing to a file.

2.1
2016-11-30 CVE-2016-3002 IBM Information Exposure vulnerability in IBM Connections 4.0.0.0/4.5.0.0/5.0.0.0

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows physically proximate attackers to obtain sensitive information by reading cached data on a client device.

2.1
2016-11-30 CVE-2016-2949 IBM Information Exposure vulnerability in IBM Bigfix Remote Control 9.1.2

IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by reading cached web pages from a different user's session.

2.1
2016-11-28 CVE-2016-9178 Linux Information Exposure vulnerability in Linux Kernel

The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does not initialize a certain integer variable, which allows local users to obtain sensitive information from kernel stack memory by triggering failure of a get_user_ex call.

2.1
2016-11-30 CVE-2016-2943 IBM Information Exposure Through Log Files vulnerability in IBM Bigfix Remote Control 9.1.2

IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by leveraging unspecified privileges to read a log file.

1.9