Weekly Vulnerabilities Reports > January 2 to 8, 2017

Overview

95 new vulnerabilities reported during this period, including 9 critical vulnerabilities and 24 high severity vulnerabilities. This weekly summary report vulnerabilities in 79 products from 44 vendors including Debian, Canonical, Pidgin, PHP, and Hancom. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Integer Overflow or Wraparound", "Out-of-bounds Read", "Information Exposure", and "Permissions, Privileges, and Access Controls".

  • 81 reported vulnerabilities are remotely exploitables.
  • 3 reported vulnerabilities have public exploit available.
  • 18 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 83 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 16 reported vulnerabilities.
  • Netgear has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

9 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-01-06 CVE-2015-2868 Trane Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trane Comfortlink II Firmware 2.0.2

An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service.

10.0
2017-01-06 CVE-2015-2867 Trane Use of Hard-coded Credentials vulnerability in Trane Comfortlink II Firmware 2.0.2

A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system.

10.0
2017-01-05 CVE-2016-6890 Matrixssl Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Matrixssl

Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.

10.0
2017-01-04 CVE-2016-7399 Veritas Command Injection vulnerability in Veritas Netbackup Appliance Firmware

scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense.

10.0
2017-01-04 CVE-2016-10115 Netgear Use of Hard-coded Credentials vulnerability in Netgear products

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration.

10.0
2017-01-03 CVE-2016-10108 Western Digital Command Injection vulnerability in Western Digital Mycloud NAS 2.11.142

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data.

10.0
2017-01-03 CVE-2016-10107 Western Digital Command Injection vulnerability in Western Digital Mycloud NAS 2.11.142

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header.

10.0
2017-01-04 CVE-2016-10116 Netgear Permissions, Privileges, and Access Controls vulnerability in Netgear products

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier use a pattern of adjective, noun, and three-digit number for the customized password, which makes it easier for remote attackers to obtain access via a dictionary attack.

9.3
2017-01-05 CVE-2015-3441 Genexia Command Injection vulnerability in Genexia Drgos 1.14

The Parental Control panel in Genexis devices with DRGOS before 1.14.1 allows remote authenticated users to execute arbitrary CLI commands via the (1) start_hour, (2) start_minute, (3) end_hour, (4) end_minute, or (5) hostname parameter.

9.0

24 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-01-04 CVE-2016-6894 Arista Resource Management Errors vulnerability in Arista products

Arista EOS 4.15 before 4.15.8M, 4.16 before 4.16.7M, and 4.17 before 4.17.0F on DCS-7050 series devices allow remote attackers to cause a denial of service (device reboot) by sending crafted packets to the control plane.

7.8
2017-01-05 CVE-2016-10030 Schedmd Improper Access Control vulnerability in Schedmd Slurm

The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node.

7.6
2017-01-06 CVE-2016-9885 Pivotal Software Information Exposure vulnerability in Pivotal Software Gemfire FOR Pivotal Cloud Foundry

An issue was discovered in Pivotal GemFire for PCF 1.6.x versions prior to 1.6.5 and 1.7.x versions prior to 1.7.1.

7.5
2017-01-06 CVE-2016-8705 Memcached Integer Overflow or Wraparound vulnerability in Memcached

Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.

7.5
2017-01-06 CVE-2016-8704 Memcached Integer Overflow or Wraparound vulnerability in Memcached

An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.

7.5
2017-01-06 CVE-2016-4336 Lexmark Out-of-bounds Write vulnerability in Lexmark Perceptive Document Filters

An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality.

7.5
2017-01-06 CVE-2016-2368 Pidgin
Canonical
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin.

7.5
2017-01-06 CVE-2016-2339 Ruby Lang Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ruby-Lang Ruby 2.2.2/2.3.0

An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby.

7.5
2017-01-06 CVE-2016-2337 Ruby Lang Remote Code Execution vulnerability in Ruby TclTkIp 'ip_cancel_eval()' Function Type Confusion

Type confusion exists in _cancel_eval Ruby's TclTkIp class method.

7.5
2017-01-06 CVE-2016-2336 Ruby Lang Type Confusion Multiple Remote Code Execution vulnerability in Ruby 2.2.2/2.3.0

Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface.

7.5
2017-01-05 CVE-2016-10009 Openbsd Untrusted Search Path vulnerability in Openbsd Openssh

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

7.5
2017-01-04 CVE-2016-9936 PHP Use After Free vulnerability in PHP

The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted serialized data.

7.5
2017-01-04 CVE-2016-9935 PHP Out-of-bounds Read vulnerability in PHP

The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document.

7.5
2017-01-04 CVE-2016-9138 PHP Use After Free vulnerability in PHP

PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::__toString with DateInterval::__wakeup.

7.5
2017-01-04 CVE-2016-9137 PHP Use After Free vulnerability in PHP

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing.

7.5
2017-01-04 CVE-2016-8670 Libgd
PHP
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libgd

Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call.

7.5
2017-01-04 CVE-2014-9912 PHP Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in PHP

The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14 does not properly restrict calls to the ICU uresbund.cpp component, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a locale_get_display_name call with a long first argument.

7.5
2017-01-04 CVE-2014-9911 ICU Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Icu-Project International Components FOR Unicode

Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDisplayName call.

7.5
2017-01-04 CVE-2016-10114 Awebsupport SQL Injection vulnerability in Awebsupport Aweb Cart Watching System for Virtuemart 2.6.0

SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch.

7.5
2017-01-03 CVE-2016-10105 Piwigo Improper Access Control vulnerability in Piwigo

admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to include files.

7.5
2017-01-02 CVE-2017-5005 Quickheal Out-of-bounds Write vulnerability in Quickheal Antivirus Pro, Internet Security and Total Security

Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O file that is mishandled during a Security Scan (aka Custom Scan) operation.

7.5
2017-01-06 CVE-2016-4288 Bluestacks Permission Issues vulnerability in Bluestacks 2.1.3.5650

A local privilege escalation vulnerability exists in BlueStacks App Player.

7.2
2017-01-05 CVE-2016-9754 Linux Integer Overflow or Wraparound vulnerability in Linux Kernel

The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file.

7.2
2017-01-05 CVE-2016-10012 Openbsd Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Openbsd Openssh

The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

7.2

49 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-01-05 CVE-2016-10010 Openbsd Permissions, Privileges, and Access Controls vulnerability in Openbsd Openssh

sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

6.9
2017-01-06 CVE-2016-8706 Memcached Integer Overflow or Wraparound vulnerability in Memcached

An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.

6.8
2017-01-06 CVE-2016-5684 Freeimage Project Out-of-bounds Write vulnerability in Freeimage Project Freeimage 3.17.0

An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library.

6.8
2017-01-06 CVE-2016-5652 Libtiff Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6

An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool.

6.8
2017-01-06 CVE-2016-5646 Lexmark Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lexmark Perceptive Document Filters 11.2.0.1732

An exploitable heap overflow vulnerability exists in the Compound Binary File Format (CBFF) parser functionality of Lexmark Perceptive Document Filters library.

6.8
2017-01-06 CVE-2016-4335 Lexmark Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lexmark Perceptive Document Filters

An exploitable buffer overflow exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality.

6.8
2017-01-06 CVE-2016-4298 Hancom Integer Overflow or Wraparound vulnerability in Hancom Office 2014 9.1.0.2176

When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a list of elements using a length from the file.

6.8
2017-01-06 CVE-2016-4296 Hancom Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hancom Office 2014 9.1.0.2176

When opening a Hangul Hcell Document (.cell) and processing a record that uses the CSSValFormat object, Hancom Office 2014 will search for an underscore ("_") character at the end of the string and write a null terminator after it.

6.8
2017-01-06 CVE-2016-4295 Hancom Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hancom Office 2014 9.1.0.2176

When opening a Hangul Hcell Document (.cell) and processing a particular record within the Workbook stream, an index miscalculation leading to a heap overlow can be made to occur in Hancom Office 2014.

6.8
2017-01-06 CVE-2016-4294 Hancom Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hancom Office 2014 9.1.0.2176

When opening a Hangul Hcell Document (.cell) and processing a property record within the Workbook stream, Hancom Office 2014 will attempt to allocate space for an element using a length from the file.

6.8
2017-01-06 CVE-2016-4292 Hancom Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hancom Office 2014 9.1.0.2176

When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will use a static size to allocate a heap buffer yet explicitly trust a size from the file when modifying data inside of it.

6.8
2017-01-06 CVE-2016-4291 Hancom Integer Overflow or Wraparound vulnerability in Hancom Office 2014 9.1.0.2176

When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will use a field from the structure in an operation that can cause the integer to overflow.

6.8
2017-01-06 CVE-2016-4290 Hancom Integer Overflow or Wraparound vulnerability in Hancom Office 2014 9.1.0.2176

When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a block of data within the file.

6.8
2017-01-06 CVE-2016-2378 Pidgin
Canonical
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin.

6.8
2017-01-06 CVE-2016-2377 Pidgin
Canonical
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin.

6.8
2017-01-06 CVE-2016-2376 Pidgin
Canonical
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin.

6.8
2017-01-06 CVE-2016-2374 Pidgin
Canonical
Debian
Information Exposure vulnerability in multiple products

An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin.

6.8
2017-01-06 CVE-2016-2371 Pidgin
Canonical
Debian
Out-of-bounds Write vulnerability in multiple products

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin.

6.8
2017-01-05 CVE-2016-7169 Wordpress Path Traversal vulnerability in Wordpress

Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter.

6.5
2017-01-04 CVE-2016-7902 Dotclear Unrestricted Upload of File with Dangerous Type vulnerability in Dotclear

Unrestricted file upload vulnerability in the fileUnzip->unzip method in Dotclear before 2.10.3 allows remote authenticated users with permissions to manage media items to execute arbitrary code by uploading a ZIP file containing a file with a crafted extension, as demonstrated by .php.txt or .php%20.

6.5
2017-01-06 CVE-2016-1548 NTP Data Processing Errors vulnerability in NTP 4.2.8

An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server.

6.4
2017-01-06 CVE-2016-4323 Pidgin
Canonical
Debian
Path Traversal vulnerability in multiple products

A directory traversal exists in the handling of the MXIT protocol in Pidgin.

5.8
2017-01-06 CVE-2016-9879 Vmware
IBM
Channel and Path Errors vulnerability in multiple products

An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1.

5.0
2017-01-06 CVE-2016-2375 Pidgin
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin.

5.0
2017-01-06 CVE-2016-1550 NTP Information Exposure vulnerability in NTP 4.2.8

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92.

5.0
2017-01-06 CVE-2016-1547 NTP Improper Input Validation vulnerability in NTP

An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer.

5.0
2017-01-06 CVE-2015-7848 NTP Integer Overflow or Wraparound vulnerability in NTP Ntp-Dev 4.3.70

An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet.

5.0
2017-01-05 CVE-2016-6892 Matrixssl Use After Free vulnerability in Matrixssl

The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (free of unallocated memory) via a crafted X.509 certificate.

5.0
2017-01-05 CVE-2016-6891 Matrixssl Out-of-bounds Read vulnerability in Matrixssl

MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate.

5.0
2017-01-04 CVE-2016-9934 PHP NULL Pointer Dereference vulnerability in PHP

ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string.

5.0
2017-01-04 CVE-2016-9933 Libgd
PHP
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libgd 2.2.1

Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.

5.0
2017-01-04 CVE-2016-8860 Torproject Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Torproject TOR

Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote attackers to cause a denial of service (client, hidden service, relay, or authority crash) via crafted data.

5.0
2017-01-02 CVE-2016-10100 Borg Improper Input Validation vulnerability in Borg

Borg (aka BorgBackup) before 1.0.9 has a flaw in the way duplicate archive names were processed during manifest recovery, potentially allowing an attacker to overwrite an archive.

5.0
2017-01-02 CVE-2016-10099 Borg Project Cryptographic Issues vulnerability in Borg Project Borg

Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives.

5.0
2017-01-02 CVE-2016-10097 Forgerock XXE vulnerability in Forgerock Openam 10.1.0

XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM - Access Management 10.1.0 allows remote attackers to read arbitrary files via the SAMLRequest parameter.

5.0
2017-01-06 CVE-2016-2372 Pidgin
Canonical
Debian
Information Exposure vulnerability in multiple products

An information leak exists in the handling of the MXIT protocol in Pidgin.

4.9
2017-01-06 CVE-2016-9867 EMC Permissions, Privileges, and Access Controls vulnerability in EMC Scaleio

An issue was discovered in EMC ScaleIO versions before 2.0.1.1.

4.6
2017-01-06 CVE-2016-8334 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Reader 8.0.2.805

A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure.

4.3
2017-01-06 CVE-2016-2380 Pidgin
Canonical
Debian
Information Exposure vulnerability in multiple products

An information leak exists in the handling of the MXIT protocol in Pidgin.

4.3
2017-01-06 CVE-2016-2373 Pidgin
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin.

4.3
2017-01-06 CVE-2016-2370 Pidgin
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin.

4.3
2017-01-06 CVE-2016-2369 Pidgin
Canonical
Debian
NULL Pointer Dereference vulnerability in multiple products

A NULL pointer dereference vulnerability exists in the handling of the MXIT protocol in Pidgin.

4.3
2017-01-06 CVE-2016-2366 Pidgin
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin.

4.3
2017-01-06 CVE-2016-2365 Pidgin
Canonical
Debian
NULL Pointer Dereference vulnerability in multiple products

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin.

4.3
2017-01-04 CVE-2016-7903 Dotclear Permissions, Privileges, and Access Controls vulnerability in Dotclear

Dotclear before 2.10.3, when the Host header is not part of the web server routing process, allows remote attackers to modify the password reset address link via the HTTP Host header.

4.3
2017-01-03 CVE-2016-5024 F5 Improper Input Validation vulnerability in F5 products

Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic.

4.3
2017-01-06 CVE-2016-1549 NTP Data Processing Errors vulnerability in NTP 4.2.8

A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock.

4.0
2017-01-04 CVE-2016-6595 Docker Resource Management Errors vulnerability in Docker 1.12.0

** DISPUTED ** The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins) via a long sequence of join and quit actions.

4.0
2017-01-03 CVE-2016-10106 Netgear Path Traversal vulnerability in Netgear products

Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, and SRX5308 devices with firmware before 4.3.3-8 allows remote authenticated users to read arbitrary files via a ..

4.0

13 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-01-06 CVE-2016-2367 Pidgin
Canonical
Debian
Information Exposure vulnerability in multiple products

An information leak exists in the handling of the MXIT protocol in Pidgin.

3.5
2017-01-05 CVE-2017-5179 Tenable Cross-site Scripting vulnerability in Tenable Nessus

Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2017-01-05 CVE-2016-7168 Wordpress Cross-site Scripting vulnerability in Wordpress

Cross-site scripting (XSS) vulnerability in the media_handle_upload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename.

3.5
2017-01-04 CVE-2016-10112 Woocommerce Cross-site Scripting vulnerability in Woocommerce

Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.6.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML by providing crafted tax-rate table values in CSV format.

3.5
2017-01-06 CVE-2016-9869 EMC Permission Issues vulnerability in EMC Scaleio

An issue was discovered in EMC ScaleIO versions before 2.0.1.1.

2.1
2017-01-06 CVE-2016-9868 EMC 7PK - Security Features vulnerability in EMC Scaleio

An issue was discovered in EMC ScaleIO versions before 2.0.1.1.

2.1
2017-01-06 CVE-2016-4329 Kaspersky Improper Input Validation vulnerability in Kaspersky Anti-Virus, Internet Security and Total Security

A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software.

2.1
2017-01-06 CVE-2016-4307 Kaspersky Improper Access Control vulnerability in Kaspersky Internet Security 16.0.0

A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver.

2.1
2017-01-06 CVE-2016-4306 Kaspersky Information Exposure vulnerability in Kaspersky Total Security 16.0.0.614

Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver.

2.1
2017-01-06 CVE-2016-4305 Kaspersky Improper Access Control vulnerability in Kaspersky Internet Security 16.0.0

A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver.

2.1
2017-01-06 CVE-2016-4304 Kaspersky Improper Access Control vulnerability in Kaspersky Internet Security 16.0.0

A denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driver.

2.1
2017-01-05 CVE-2016-10011 Openbsd Key Management Errors vulnerability in Openbsd Openssh

authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

2.1
2017-01-05 CVE-2016-8006 Mcafee Permissions, Privileges, and Access Controls vulnerability in Mcafee Security Information and Event Management

Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an administrator to make changes to other SIEM users' information including user passwords without supplying the current administrator password a second time via the GUI or GUI terminal commands.

1.7