Vulnerability Summary for the Week of October 31, 2016 Please Note: • The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low. • The !" indentity number is the #ublicly $nown %& given to that #articular vulnerability. Therefore you can search the status of that #articular vulnerability using that %&. • The !'S (Common !ulnerability 'coring System) score is a standard scoring system used to determine the severity of the vulnerability. High Severity Vulnerabilities The Primary Vendor --- Description Date CVSS The CVE Product Published Score Identity adobe ** flash+#layer ,se*after*free vulnerability in -dobe .lash Player 2016-11-01 10.0 CVE-2016-7855 MS (link is before /0.0.0./12 on 3indows and 4' 5 and external) before 66.2.21/.680 on Linu9 allows remote CONFIRM (link attac$ers to e9ecute arbitrary code via is external) MISC (link is uns#ecified vectors, as e9#loited in the wild in external) October /167. alienvault ** PHP ob:ect in:ection vulnerabilities e9ist in 2016-10-28 7.5 CVE-2016-8580 CONFIRM (link open+source+security_inf multi#le widget files in -lien!ault 4''%M and is external) ormation ,'M before 2.0.2. These vulnerabilities allow +and_event+managemen arbitrary PHP code e9ecution via magic methods t in included classes. alienvault ** - vulnerability e9ists in gauge.ph# of -lien!ault 2016-10-28 7.5 CVE-2016-8582 CONFIRM (link open+source+security_inf 4''%M and ,'M before 2.3.2 that allows an is external) ormation attac$er to e9ecute an arbitrary 'QL <uery and +and_event+managemen retrieve database information or read local t system files via MyS;L=s L4-&+.%LE. artife9 ** mu:s - use*after*free vulnerability was observed in 2016-10-28 7.5 CVE-2016-7504 CONFIRM (link >#+toString function of -rtife9 'oftware, %nc. is external) Mu?' before 2c00@af8b0dfA1cfB7@e8fBf7a/62//deA8b0B/a. - successful e9#loitation of this issue can lead to code e9ecution or denial of service condition. artife9 ** mu:s - buffer overflow vulnerability was observed in 2016-10-28 7.5 CVE-2016-7505 CONFIRM (link divby function of -rtife9 'oftware, %nc. Mu?' is external) before AcA12b8eb6Bcf/af7ABcA71b@@e7666d/ee80Bd5. - successful e9#loitation of this issue can lead to code e9ecution or denial of service condition. brocade ** netiron+os - memory corru#tion in the %Psec code #ath of 2016-10-31 7.8 CVE-2016-8203 CONFIRM (link Crocade Net%ron 4' on Crocade ML5s 2.8.01 is external) through 2.8.01e, 2.9.01 through 2.9.01bd, 7.0.01, and 7.0.01a images could allow attac$ers to cause a denial of service (line card reset) via certain constructed %Psec control #ac$ets. cisco ** ios+9e - vulnerability in the Transaction Language 6 2016-11-03 10.0 CVE-2016-6441 CONFIRM (link (TL6) code of isco -'> B11 'eries routers could is external) allow an unauthenticated, remote attac$er to cause a reload of, or remotely e9ecute code on, the affected system. This vulnerability affects isco -'> B11 'eries -ggregation 'ervices >outers (-'>B1/, -'>B10, and -'>B1@) that are running the following releases of isco %4' 5" 'oftware: [email protected]' [email protected]' [email protected]' 0.1A.0' 0.1A.1'. More %nformation: ' uy126@2. Dnown -ffected >eleases: 62.6(6)' 62.6(/)'. Dnown .i9ed >eleases: 62.6(6)'/.1/ 62.6(6.1@)'1.46 62.6(6.1@)'P 62.6(/)'P 67.4(1.1A0) 67.5(1.11). cisco ** meeting+a## - vulnerability in isco Meeting 'erver and 2016-11-03 7.5 CVE-2016-6447 CONFIRM (link Meeting -## could allow an unauthenticated, is external) remote attac$er to e9ecute arbitrary code on an affected system. This vulnerability affects the following #roducts: isco Meeting 'erver releases #rior to /.0.1, -cano 'erver releases #rior to 6.8.17 and #rior to 6.9.0, isco Meeting -## releases #rior to 6.9.8, -cano Meeting -##s releases #rior to 6.8.32. More %nformation: ' va@2B8/ ' vb7@A@A. Dnown -ffected >eleases: 6.86.9/.0. cisco ** meeting+server - vulnerability in the 'ession Descri#tion 2016-11-03 7.5 CVE-2016-6448 CONFIRM (link Protocol ('&P) #arser of isco Meeting 'erver is external) could allow an unauthenticated, remote attac$er to e9ecute arbitrary code on an affected system. This vulnerability affects the following #roducts: isco Meeting 'erver releases #rior to >elease /.0.3, -cano 'erver releases 6.B.x #rior to >elease 6.9.5, -cano 'erver releases 6.A.x #rior to >elease 6.8.1@. More %nformation: ' va@7118. Dnown -ffected >eleases: 6.8.x 6.9/.0. cisco ** #rime+home - vulnerability in the web*based gra#hical user 2016-11-03 10.0 CVE-2016-6452 CONFIRM (link interface (E,%) of isco Prime Home could allow is external) an unauthenticated, remote attac$er to bypass authentication. The attac$er could be granted full administrator #rivileges. isco Prime Home versions 2.1.1.6 and earlier and 2.2./.2 and earlier have been confirmed to be vulnerable. isco Prime Home versions 7.0 and later are not vulnerable. More %nformation: ' vb@6@0/. Dnown -ffected >eleases: 2.0 2.0(6) 2.0(6.1) 2.0(6.2) 2.0(/) 2.62.1(1) 2.1(6) 2.1(6.3) 2.1(6.4) 2.1(6.5) 2.1(6.6) 2.1(/) 2.1(/.1) 2.1(/.3) 2./2.2(1.1) 2.2(6.0) 2.2(6.2) 2.2(/.0) 2.2(/.1) 2.2(/.2). e9#onentcms ** "9#onent M' before /.0.9 is vulnerable to an 2016-11-03 7.5 CVE-2016-7095 CONFIRM e9#onent+cms attac$er u#loading a malicious scri#t file using redirection to #lace the scri#t in an un#rotected folder, one allowing scri#t e9ecution. e9#onentcms ** The Pi9idou %mage Editor in "9#onent M' #rior 2016-11-03 7.5 CVE-2016-7453 CONFIRM (link e9#onent+cms to v2.3.9 #atch / could be used to #erform an fid is external) 'QL %n:ection. google ** android On 'amsung Eala9y '8 through '@ devices, 2016-10-31 7.8 CVE-2016-7988 CONFIRM (link absence of #ermissions on the is external) Croadcast>eceiver res#onsible for handling the com.['amsungG.android.intent.action.SET+3%.% intent leads to unsolicited configuration messages being handled by wifi*service.jar within the -ndroid .ramewor$, a subset of '!"* /167*728/. google ** android On 'amsung Eala9y '8 through '@ devices, a 2016-10-31 7.8 CVE-2016-7989 CONFIRM (link malformed OT- 3-P P,'H 'M' containing an is external) OM- P message sent remotely triggers an unhandled -rrayInde9OutOfCounds"9ce#tion in 'amsung=s im#lementation of the 3ifi'ervice%m#l class within wifi*service.jar. This causes the -ndroid runtime to continually crash, rendering the device unusable until a factory reset is #erformed, a subset of '!"*/167*728/. google ** android On 'amsung Eala9y '8 through '@ devices, an 2016-10-31 10.0 CVE-2016-7990 CONFIRM (link integer overflow condition e9ists within is external) libomac#.so when #arsing OM- P messages (within 3-P Push 'M' messages) leading to a hea# corru#tion that can result in Denial of 'ervice and #otentially remote code e9ecution, a subset of '!"*/167*728/. google ** android On 'amsung Eala9y '8 through '@ devices, the 2016-10-31 7.8 CVE-2016-7991 CONFIRM (link Homac#H a## ignores security information is external) embedded in the OM- P messages resulting in remote unsolicited 3-P Push 'M' messages being acce#ted, #arsed, and handled by the device, leading to unauthorized configuration changes, a subset of '!"*/167*728/. h# ** HP" 'ystem Management Home#age before 2016-10-28 7.8 CVE-2016-4395 miscellaneous system+management+ho v7.6 allows remote attac$ers to have an (link is external) me#age uns#ecified im#act via un$nown vectors, related CONFIRM (link to a HCuffer Overflow" issue. is external) miscellaneous (link is external) h# ** HP" 'ystem Management Home#age before 2016-10-28 7.8 CVE-2016-4396 miscellaneous system+management+ho v7.6 allows remote attac$ers to have an (link is external) me#age uns#ecified im#act via un$nown vectors, related CONFIRM (link to a HCuffer Overflow" issue. is external) miscellaneous (link is external) libcs#+#roject ** libcs# Cuffer overflow in the cs#+can+#rocess+frame in 2016-10-28 7.5 CVE-2016-8596 MISC (link is cs#+if+can.c in the libcs# library v6.4 and earlier external) allows hostile com#onents connected to the canbus to e9ecute arbitrary code via a long cs# #ac$et. libcs#+#roject ** libcs# Cuffer overflow in the cs#+sf#+recv_f# in 2016-10-28 7.5 CVE-2016-8597 MISC (link is cs#+sf#.c in the libcs# library v1.4 and earlier external) allows hostile com#onents with networ$ access to the '.P underlying networ$ layers to e9ecute arbitrary code via s#ecially crafted '.P #ac$ets. libcs#+#roject ** libcs# Cuffer overflow in the zm< interface in 2016-10-28 7.5 CVE-2016-8598 MISC (link is cs#+if+zm<hub.c in the libcs# library v1.4 and external) earlier allows hostile com#uters connected via a zm< interface to e9ecute arbitrary code via a long #ac$et. microfocus ** rumba 'tac$ buffer overflow in the send.e9e and 2016-11-03 7.5 CVE-2016-9176 MISC (link is receive.e9e com#onents of Micro .ocus >umba external) B.4 and earlier could be used by local attac$ers or attac$ers able to in:ect arguments to these binaries to e9ecute code.