sign in sign up
<<
Home , Adobe ColdFusion, Arbitrary code execution

Vulnerability Summary for the Week of December 12, 2016

Please Note:

• The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low.

• The CVE indentity number is the publicly known ID given to that particular vulnerability. Therefore you can search the status of that particular vulnerability using that ID.

• The CVSS (Common Vulnerability Scoring System) score is a standard scoring system used to determine the severity of the vulnerability.

High Severity Vulnerabilities The Primary Vendor --- Description Date CVSS The CVE Product Published Score Identity

7-zip -- 7-zip Heap-based in the 2016-12-13 9.3 CVE-2016-2334 MISC (link is NArchive::NHfs::CHandler::ExtractZlibFile external) method in 7zip before 16.00 and p7zip allows CONFIRM (link remote attackers to execute arbitrary code via a is external) BID (link is crafted HFS+ image. external) SECTRACK (link is external) MISC (link is external) FEDORA FEDORA adobe -- dng_converter Adobe DNG Converter versions 9.7 and earlier 2016-12-15 10.0 CVE-2016-7856 BID (link is have an exploitable memory corruption external) vulnerability. Successful exploitation could lead CONFIRM (link to arbitrary code execution. is external) adobe -- animate versions 15.2.1.95 and earlier 2016-12-15 10.0 CVE-2016-7866 BID (link is have an exploitable memory corruption external) vulnerability. Successful exploitation could lead CONFIRM (link to arbitrary code execution. is external) adobe -- flash_player Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7867 BID (link is earlier, 11.2.202.644 and earlier have an external) CONFIRM (link exploitable buffer overflow / underflow is external) vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution. adobe -- flash_player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7868 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable buffer overflow / underflow CONFIRM (link vulnerability in the RegExp class related to is external) alternation functionality. Successful exploitation could lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7869 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable buffer overflow / underflow CONFIRM (link vulnerability in the RegExp class related to is external) backtrack search functionality. Successful exploitation could lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7870 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable buffer overflow / underflow CONFIRM (link vulnerability in the RegExp class for specific is external) search strategies. Successful exploitation could lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7871 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable memory corruption vulnerability in CONFIRM (link the Worker class. Successful exploitation could is external) lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7872 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable use after free vulnerability in the CONFIRM (link MovieClip class related to objects at multiple is external) presentation levels. Successful exploitation could lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7873 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable memory corruption vulnerability in CONFIRM (link is external) the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7874 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable memory corruption vulnerability in CONFIRM (link the NetConnection class when handling the is external) proxy types. Successful exploitation could lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7875 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable integer overflow vulnerability in the CONFIRM (link BitmapData class. Successful exploitation could is external) lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7876 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable memory corruption vulnerability in CONFIRM (link the Clipboard class related to data handling is external) functionality. Successful exploitation could lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7877 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable use after free vulnerability in the CONFIRM (link serialization (AFM0). is external) Successful exploitation could lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7878 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable use after free vulnerability in the CONFIRM (link PSDK's MediaPlayer class. Successful exploitation is external) could lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7879 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable use after free vulnerability in the CONFIRM (link NetConnection class when handling an attached is external) script object. Successful exploitation could lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7880 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable use after free vulnerability when CONFIRM (link setting the length property of an array object. is external) Successful exploitation could lead to arbitrary code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7881 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable use after free vulnerability in the CONFIRM (link MovieClip class when handling conversion to an is external) object. Successful exploitation could lead to arbitrary code execution. adobe -- indesign Adobe InDesign version 11.4.1 and earlier, 2016-12-15 10.0 CVE-2016-7886 BID (link is Adobe InDesign Server 11.0.0 and earlier have an external) exploitable memory corruption vulnerability. CONFIRM (link Successful exploitation could lead to arbitrary is external) code execution. adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 7.5 CVE-2016-7890 BID (link is earlier, 11.2.202.644 and earlier have security external) bypass vulnerability in the implementation of CONFIRM (link the same origin policy. is external) adobe -- flash_player Adobe Flash Player versions 23.0.0.207 and 2016-12-15 10.0 CVE-2016-7892 BID (link is earlier, 11.2.202.644 and earlier have an external) exploitable use after free vulnerability in the CONFIRM (link TextField class. Successful exploitation could is external) lead to arbitrary code execution. atlassian -- crowd The LDAP directory connector in Atlassian Crowd 2016-12-09 7.5 CVE-2016-6496 BUGTRAQ before 2.8.8 and 2.9.x before 2.9.5 allows remote (link is external) attackers to execute arbitrary code via an LDAP BID (link is attribute with a crafted serialized object, external) CONFIRM (link aka LDAP entry poisoning. is external) CONFIRM (link is external) MISC (link is external) bdwgc_project -- bdwgc Integer overflow vulnerability in bdwgc before 2016-12-11 7.5 CVE-2016-9427 MLIST (link is 2016-09-27 allows attackers to cause client of external) bdwgc denial of service (heap buffer overflow BID (link is ) and possibly execute arbitrary code via external) huge allocation. CONFIRM (link is external) bmc -- BMC BladeLogic Server Automation (BSA) before 2016-12-13 7.5 CVE-2016-4322 MISC (link is bladelogic_server_autom 8.7 Patch 3 allows remote attackers to bypass external) ation_console authentication and consequently read arbitrary BUGTRAQ files or possibly have unspecified other impact (link is external) BID (link is by leveraging a "logic flaw" in the authentication external) process. busybox -- busybox The recv_and_process_client_pkt function in 2016-12-09 7.8 CVE-2016-6301 MLIST (link is networking/ntpd.c in busybox allows remote external) attackers to cause a denial of service (CPU and BID (link is bandwidth consumption) via a forged NTP external) CONFIRM (link packet, which triggers a communication loop. is external) CONFIRM (link is external) cisco -- A vulnerability in the installation procedure of 2016-12-13 7.2 CVE-2016-6470 BID (link is hybrid_media_service the Cisco Hybrid Media Service could allow an external) authenticated, local attacker to elevate CONFIRM (link privileges to the root level. More Information: is external) CSCvb81344. Known Affected Releases: 1.0. cisco -- A vulnerability in Cisco AnyConnect Secure 2016-12-13 7.2 CVE-2016-9192 BID (link is anyconnect_secure_mobil Mobility Client for Windows could allow an external) ity_client authenticated, local attacker to install and CONFIRM (link execute an arbitrary executable file with is external) privileges equivalent to the SYSTEM account. More Information: CSCvb68043. Known Affected Releases: 4.3(2039) 4.3(748). Known Fixed Releases: 4.3(4019) 4.4(225). cisco -- ios_xr A vulnerability in Cisco IOS XR Software could 2016-12-13 7.2 CVE-2016-9215 BID (link is allow an authenticated, local attacker to log in to external) the device with the privileges of the root user. CONFIRM (link More Information: CSCva38434. Known Affected is external) Releases: 6.1.1.BASE. crowbar_project -- The trove service user in (1) Openstack 2016-12-09 7.5 CVE-2016-6829 MLIST (link is barclamp-trove deployment (aka crowbar-openstack) and (2) external) Trove Barclamp (aka barclamp-trove and MLIST (link is crowbar-barclamp-trove) in the Crowbar external) BID (link is Framework has a default password, which makes it easier for remote attackers to obtain access via external) CONFIRM (link unspecified vectors. is external) CONFIRM (link is external) CONFIRM (link is external) djangoproject -- Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, 2016-12-09 7.5 CVE-2016-9013 BID (link is and 1.10.x before 1.10.3 use a hardcoded external) password for a temporary user created SECTRACK when running tests with an Oracle database, (link is external) UBUNTU (link which makes it easier for remote attackers to is external) obtain access to the database server by FEDORA leveraging failure to manually specify a FEDORA password in the database settings TEST CONFIRM (link is external) dictionary. fedoraproject -- fedora The (1) XvQueryAdaptors and (2) 2016-12-13 7.5 CVE-2016-5407 MLIST (link is XvQueryEncodings functions in X.org libXv external) before 1.0.11 allow remote X servers to trigger MLIST (link is out-of-bounds memory access operations via external) BID (link is vectors involving length specifications in external) received data. SECTRACK (link is external) CONFIRM FEDORA FEDORA MLIST fedoraproject -- fedora The XGetImage function in X.org libX11 before 2016-12-13 7.5 CVE-2016-7942 MLIST (link is 1.6.4 might allow remote X servers to gain external) privileges via vectors involving image type and MLIST (link is geometry, which triggers out-of-bounds read external) BID (link is operations. external) SECTRACK (link is external) CONFIRM FEDORA MLIST fedoraproject -- fedora The XListFonts function in X.org libX11 before 2016-12-13 7.5 CVE-2016-7943 MLIST (link is 1.6.4 might allow remote X servers to gain external) privileges via vectors involving length fields, MLIST (link is which trigger out-of-bounds write operations. external) BID (link is external) SECTRACK (link is external) CONFIRM FEDORA MLIST fedoraproject -- fedora Integer overflow in X.org libXfixes before 5.0.3 2016-12-13 7.5 CVE-2016-7944 MLIST (link is on 32-bit platforms might allow remote X servers external) to gain privileges via a length value of INT_MAX, MLIST (link is which triggers the client to stop reading data external) BID (link is and get out of sync. external) SECTRACK (link is external) CONFIRM FEDORA FEDORA MLIST fedoraproject -- fedora Multiple integer overflows in X.org libXrandr 2016-12-13 7.5 CVE-2016-7947 MLIST (link is before 1.5.1 allow remote X servers to trigger external) out-of-bounds write operations via a crafted MLIST (link is response. external) BID (link is external) SECTRACK (link is external) CONFIRM FEDORA FEDORA MLIST fedoraproject -- fedora X.org libXrandr before 1.5.1 allows remote X 2016-12-13 7.5 CVE-2016-7948 MLIST (link is servers to trigger out-of-bounds write external) operations by leveraging mishandling of reply MLIST (link is data. external) BID (link is external) SECTRACK (link is external) CONFIRM FEDORA FEDORA MLIST fedoraproject -- fedora Multiple buffer overflows in the (1) 2016-12-13 7.5 CVE-2016-7949 MLIST (link is XvQueryAdaptors and (2) XvQueryEncodings external) functions in X.org libXrender before 0.9.10 allow MLIST (link is remote X servers to trigger out-of-bounds write external) BID (link is operations via vectors involving length fields. external) SECTRACK (link is external) CONFIRM FEDORA FEDORA MLIST fedoraproject -- fedora The XRenderQueryFilters function in X.org 2016-12-13 7.5 CVE-2016-7950 MLIST (link is libXrender before 0.9.10 allows remote X servers external) to trigger out-of-bounds write operations via MLIST (link is vectors involving filter name lengths. external) BID (link is external) SECTRACK (link is external) CONFIRM FEDORA FEDORA MLIST fedoraproject -- fedora Multiple integer overflows in X.org libXtst before 2016-12-13 7.5 CVE-2016-7951 MLIST (link is 1.2.3 allow remote X servers to trigger out-of- external) bounds memory access operations by leveraging MLIST (link is the lack of range checks. external) BID (link is external) SECTRACK (link is external) CONFIRM FEDORA FEDORA MLIST fedoraproject -- fedora Buffer underflow in X.org libXvMC before 1.0.10 2016-12-13 7.5 CVE-2016-7953 MLIST (link is allows remote X servers to have unspecified external) impact via an empty string. MLIST (link is external) BID (link is external) SECTRACK (link is external) CONFIRM FEDORA FEDORA MLIST google -- android A remote code execution vulnerability in 2016-12-13 9.3 CVE-2016-6699 BID (link is libstagefright in Mediaserver in Android 7.0 external) before 2016-11-01 could enable an attacker CONFIRM (link using a specially crafted file to cause memory is external) CONFIRM (link corruption during media file and data is external) processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Android ID: A-31373622. google -- android An elevation of privilege vulnerability in 2016-12-13 9.3 CVE-2016-6706 BID (link is libstagefright in Mediaserver in Android 7.0 external) before 2016-11-01 could enable a local malicious CONFIRM (link application to execute arbitrary code within the is external) CONFIRM (link context of a privileged process. This issue is is external) rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Android ID: A-31385713. google -- android A remote denial of service vulnerability in libvpx 2016-12-13 7.1 CVE-2016-6711 BID (link is in Mediaserver in Android 4.x before 4.4.4, 5.0.x external) before 5.0.2, 5.1.x before 5.1.1, and 6.x before CONFIRM (link 2016-11-01 could enable an attacker to use a is external) CONFIRM (link specially crafted file to cause a device hang or is external) reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A-30593765. google -- android A remote denial of service vulnerability in libvpx 2016-12-13 7.1 CVE-2016-6712 BID (link is in Mediaserver in Android 4.x before 4.4.4, 5.0.x external) before 5.0.2, 5.1.x before 5.1.1, and 6.x before CONFIRM (link 2016-11-01 could enable an attacker to use a is external) CONFIRM (link specially crafted file to cause a device hang or is external) reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A-30593752. jfrog -- artifactory JFrog Artifactory before 4.11 allows remote 2016-12-09 7.5 CVE-2016-6501 BID (link is attackers to execute arbitrary code via an LDAP external) attribute with a crafted serialized Java object, MISC (link is aka LDAP entry poisoning. external) CONFIRM (link is external) joyent -- smartos An exploitable integer overflow exists in the 2016-12-14 7.2 CVE-2016-8733 MISC (link is Joyent SmartOS 20161110T013148Z Hyprlofs file external) system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a kernel panic and potentially be leveraged into a full privilege escalation vulnerability. This vulnerability is distinct from CVE-2016-9031. mailcwp_project -- Mailcwp remote file upload vulnerability 2016-12-14 7.5 CVE-2016- 1000156 mailcwp incomplete fix v1.100 MISC (link is external) MISC nagios -- nagios MagpieRSS, as used in the front-end component 2016-12-15 7.5 CVE-2016-9565 MISC (link is in Nagios Core before 4.2.2 might allow remote external) attackers to read or write to arbitrary files by FULLDISC spoofing a crafted response from the Nagios RSS BUGTRAQ (link is external) feed server. NOTE: this vulnerability exists BID (link is because of an incomplete fix for CVE-2008-4796. external) MISC (link is external) CONFIRM nagios -- nagios base/logging.c in Nagios Core before 4.2.4 2016-12-15 7.2 CVE-2016-9566 FULLDISC allows local users with access to an account in BID (link is the nagios group to gain root privileges via a external) symlink attack on the log file. NOTE: this can be CONFIRM (link is external) leveraged by remote attackers using CVE-2016- CONFIRM (link 9565. is external) MISC (link is external) CONFIRM oracle -- solaris The VerticalFilter function in the DDS coder in 2016-12-13 7.5 CVE-2016-5687 MLIST (link is ImageMagick before 6.9.4-3 and 7.x before 7.0.1- external) 4 allows remote attackers to have unspecified MLIST (link is impact via a crafted DDS file, which triggers an external) CONFIRM (link out-of-bounds read. is external) BID (link is external) MISC oracle -- solaris The DCM reader in ImageMagick before 6.9.4-5 2016-12-13 7.5 CVE-2016-5689 MLIST (link is and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of external) MLIST (link is NULL pointer checks. external) CONFIRM (link is external) BID (link is external) MISC CONFIRM (link is external) CONFIRM (link is external) CONFIRM (link is external) oracle -- solaris The ReadDCMImage function in DCM reader in 2016-12-13 7.5 CVE-2016-5690 MLIST (link is ImageMagick before 6.9.4-5 and 7.x before 7.0.1- external) 7 allows remote attackers to have unspecified MLIST (link is impact via vectors involving the for statement in external) CONFIRM (link computing the pixel scaling table. is external) BID (link is external) MISC CONFIRM (link is external) CONFIRM (link is external) CONFIRM (link is external) oracle -- solaris The DCM reader in ImageMagick before 6.9.4-5 2016-12-13 7.5 CVE-2016-5691 MLIST (link is and 7.x before 7.0.1-7 allows remote attackers to external) have unspecified impact by leveraging lack of MLIST (link is validation of (1) pixel.red, (2) pixel.green, and (3) external) CONFIRM (link pixel.blue. is external) BID (link is external) MISC CONFIRM (link is external) CONFIRM (link is external) CONFIRM (link is external) oracle -- solaris Integer overflow in MagickCore/profile.c in 2016-12-13 7.5 CVE-2016-5841 MLIST (link is ImageMagick before 7.0.2-1 allows remote external) attackers to cause a denial of service MLIST (link is external) (segmentation fault) or possibly execute CONFIRM (link is external) arbitrary code via vectors involving the offset BID (link is variable. external) CONFIRM (link is external) CONFIRM (link is external) pcre -- pcre Heap-based buffer overflow in PCRE 8.34 2016-12-13 7.5 CVE-2015-3210 MLIST (link is through 8.37 and PCRE2 10.10 allows remote external) attackers to execute arbitrary code via a crafted MLIST (link is regular expression, as demonstrated by /^(?P=B) external) BID (link is ((?P=B)(?J:(?Pc)(?Pa(? external) P=B)))>WGXCREDITS)/, a different vulnerability CONFIRM than CVE-2015-8384. phpmyadmin -- An issue was discovered in phpMyAdmin. Some 2016-12-10 7.5 CVE-2016-6620 CONFIRM (link phpmyadmin data is passed to the PHP unserialize() function is external) without verification that it's valid serialized data. The unserialization can result in code execution because of the interaction with object instantiation and autoloading. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. phpmyadmin -- An issue was discovered in phpMyAdmin 2016-12-10 10.0 CVE-2016-6629 BID (link is phpmyadmin involving the $cfg['ArbitraryServerRegexp'] external) configuration directive. An attacker could reuse CONFIRM (link certain cookie values in a way of bypassing the is external) servers defined by ArbitraryServerRegexp. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. phpmyadmin -- An issue was discovered in phpMyAdmin. A user 2016-12-10 8.5 CVE-2016-6631 BID (link is phpmyadmin can execute a remote code execution attack external) against a server when phpMyAdmin is being run CONFIRM (link as a CGI application. Under certain server is external) configurations, a user can pass a query string which is executed as a command-line argument by the file generator_plugin.sh. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. phpmyadmin -- An issue was discovered in phpMyAdmin. It is 2016-12-10 7.5 CVE-2016-9849 CONFIRM (link phpmyadmin possible to bypass AllowRoot restriction is external) ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected. phpmyadmin -- An issue was discovered in phpMyAdmin. Due to 2016-12-10 7.5 CVE-2016-9865 CONFIRM (link phpmyadmin a bug in serialized string parsing, it was possible is external) to bypass the protection offered by PMA_safeUnserialize() function. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected. redhat -- XRegion in TigerVNC allows remote VNC servers 2016-12-14 7.5 CVE-2014-8241 MLIST enterprise_linux_server to cause a denial of service (NULL pointer MLIST dereference) by leveraging failure to check a BID (link is malloc return value, a similar issue to CVE-2014- external) CONFIRM (link 6052. is external) REDHAT (link is external) samsung -- Lack of appropriate exception handling in some 2016-12-16 10.0 CVE-2016-9965 CONFIRM (link samsung_mobile receivers of the Telecom application on is external) Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7119. samsung -- Lack of appropriate exception handling in some 2016-12-16 10.0 CVE-2016-9966 CONFIRM (link samsung_mobile receivers of the Telecom application on is external) Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7120. samsung -- Lack of appropriate exception handling in some 2016-12-16 10.0 CVE-2016-9967 CONFIRM (link samsung_mobile receivers of the Telecom application on is external) Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121.

Medium Severity Vulnerabilities The Primary Description Date Published CVSS The CVE Vendor --- Product Score Identity adobe -- Adobe Experience Manager Forms versions 6.2 and 2016-12-15 4.3 CVE-2016-6933 BID (link is experience_manage earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an external) r input validation issue in the AACComponent that CONFIRM (link could be used in cross-site scripting attacks. is external) adobe -- livecycle Adobe Experience Manager Forms versions 6.2 and 2016-12-15 4.3 CVE-2016-6934 BID (link is earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an external) input validation issue in the PMAdmin module that CONFIRM (link could be used in cross-site scripting attacks. is external) adobe -- Adobe Experience Manager versions 6.2 and earlier 2016-12-15 4.3 CVE-2016-7882 BID (link is experience_manage have an input validation issue in the WCMDebug external) r filter that could be used in cross-site scripting CONFIRM (link attacks. is external) adobe -- Adobe Experience Manager version 6.2 has an input 2016-12-15 4.3 CVE-2016-7883 BID (link is experience_manage validation issue in create Launch wizard that could external) r be used in cross-site scripting attacks. CONFIRM (link is external) adobe -- Adobe Experience Manager versions 6.1 and earlier 2016-12-15 4.3 CVE-2016-7884 BID (link is experience_manage have an input validation issue in the DAM create external) r assets that could be used in cross-site scripting CONFIRM (link attacks. is external) adobe -- Adobe Experience Manager versions 6.2 and earlier 2016-12-15 6.8 CVE-2016-7885 BID (link is experience_manage have a vulnerability that could be used in Cross-Site external) r Request Forgery attacks. CONFIRM (link is external) adobe -- Adobe ColdFusion Builder versions 2016 update 2 2016-12-15 5.0 CVE-2016-7887 BID (link is coldfusion_builder and earlier, 3.0.3 and earlier have an important external) vulnerability that could lead to information CONFIRM (link disclosure. is external) adobe -- versions 4.5.2 and earlier has 2016-12-15 5.0 CVE-2016-7888 BID (link is digital_editions an important vulnerability that could lead to external) memory address leak. CONFIRM (link is external) adobe -- Adobe Digital Editions versions 4.5.2 and earlier has 2016-12-15 5.0 CVE-2016-7889 BID (link is digital_editions an issue with parsing crafted XML entries that could external) lead to information disclosure. CONFIRM (link is external) adobe -- robohelp Adobe RoboHelp version 2015.0.3 and earlier, 2016-12-15 4.3 CVE-2016-7891 BID (link is RoboHelp 11 and earlier have an input validation external) issue that could be used in cross-site scripting CONFIRM (link attacks. is external) apache -- tika Apache Tika server (aka tika-server) in Apache Tika 2016-12-15 5.0 CVE-2015-3271 MLIST (link is 1.9 might allow remote attackers to read arbitrary external) files via the HTTP fileUrl header. MLIST bottlepy -- redirect() in bottle.py in bottle 0.12.10 doesn't filter 2016-12-16 4.3 CVE-2016-9964 CONFIRM (link a "\r\n" sequence, which leads to a CRLF attack, as is external) demonstrated by a redirect("233\r\nSet-Cookie: CONFIRM (link name=salt") call. is external) cisco -- A vulnerability in the update functionality of Cisco 2016-12-13 4.3 CVE-2016-1411 BID (link is web_security_appli AsyncOS Software for Cisco Email Security external) ance Appliance (ESA), Cisco Web Security Appliance CONFIRM (link (WSA), and Cisco Content Management Security is external) Appliance (SMA) could allow an unauthenticated, remote attacker to impersonate the update server. More Information: CSCul88715, CSCul94617, CSCul94627. Known Affected Releases: 7.5.2-201 7.6.3-025 8.0.1-023 8.5.0-000 8.5.0-ER1-198 7.5.2- HP2-303 7.7.0-608 7.7.5-835 8.5.1-021 8.8.0-000 7.9.1-102 8.0.0-404 8.1.1-013 8.2.0-222. Known Fixed Releases: 8.0.2-069 8.0.2-074 8.5.7-042 9.1.0- 032 8.5.2-027 9.6.1-019. cisco -- A vulnerability in the system management of 2016-12-13 4.6 CVE-2016-6449 BID (link is fireamp_connector_ certain FireAMP system processes in Cisco FireAMP external) endpoint_software Connector Endpoint software could allow an CONFIRM (link authenticated, local attacker to stop certain is external) protected FireAMP processes without requiring a password. Stopping certain critical processes could cause a denial of service (DoS) condition, and certain security features could no longer be available. More Information: CSCvb40597. Known Affected Releases: 1. cisco -- A vulnerability in the web management interface of 2016-12-13 5.0 CVE-2016-6464 BID (link is unified_communica the Cisco Unified Communications Manager IM and external) tions_manager_im_ Presence Service could allow an unauthenticated, CONFIRM (link and_presence_servi remote attacker to view information on web pages is external) ce that should be restricted. More Information: CSCva49629. Known Affected Releases: 11.5(1). Known Fixed Releases: 11.5(1.12000.2) 12.0(0.98000.181). cisco -- A vulnerability in the content filtering functionality 2016-12-13 4.3 CVE-2016-6465 BID (link is email_security_appl of Cisco AsyncOS Software for Cisco Email Security external) iance Appliances and Cisco Web Security Appliances CONFIRM (link could allow an unauthenticated, remote attacker to is external) bypass user filters that are configured for an affected device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for both virtual and hardware versions of the following Cisco products: Cisco Email Security Appliances (ESAs) that are configured to use message or content filters that scan incoming email attachments; Cisco Web Security Appliances (WSAs) that are configured to use services that scan accessed web content. More Information: CSCva90076, CSCvb06764. Known Affected Releases: 10.0.0-125 8.5.7-042 9.7.2-047. cisco -- A vulnerability in IPv6 packet fragment reassembly 2016-12-13 5.0 CVE-2016-6467 BID (link is asr_5000_series_sof of StarOS for Cisco Aggregation Services Router tware (ASR) 5000 Series Switch could allow an external) CONFIRM (link unauthenticated, remote attacker to cause an is external) unexpected reload of the Network Processing Unit (NPU) process. More Information: CSCva84552. Known Affected Releases: 20.0.0 21.0.0 21.0.M0.64702. Known Fixed Releases: 21.0.0 21.0.0.65256 21.0.M0.64970 21.0.V0.65150 21.1.A0.64973 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.VC0.65203.

Low Severity Vulnerabilities The Primary Description Date Published CVSS The CVE Vendor --- Product Score Identity mariadb -- mariadb The C software implementation of AES Encryption 2016-12-13 2.1 CVE-2016-7440 CONFIRM (link and Decryption in wolfSSL (formerly CyaSSL) before is external) 3.9.10 makes it easier for local users to discover AES BID (link is keys by leveraging cache-bank timing differences. external) CONFIRM (link is external) CONFIRM (link is external)

• Sources: http://nvd.nist.gov (For more information visit the National Vulnerabilities Database (NVD) which contains a database of every vulnerability that has ever been published).

Uganda Communications Commission – UGCERT Email: [email protected] Tel + 256 414 302 100/150 Toll Free: 0800 133 911 www.ug-cert.ug Face book / Twitter: UGCERT