Vulnerability Summary for the Week of February 6, 2017 Please Note: • The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low. • The !" indentity number is the #ublicly $nown %& given to that #articular vulnerability. Therefore you can search the status of that #articular vulnerability using that %&. • The CVSS (Common Vulnerability Scoring 'ystem) score is a standard scoring system used to determine the severity of the vulnerability. High Severity Vulnerabilities The Primary Vendor --- Description Date CVSS The CVE Product Published Score Identity dotnetnu$e ** dotnetnu$e The installation wizard in DotNetNu$e (DNN) 2017-02-06 7.5 CVE-2015-2794 CONFIRM (link before +.4.- allows remote attac$ers to reinstall is external) the a##lication and gain 'u#er.ser access via a CONFIRM (link direct re/uest to %nstall/%nstallWizard.as#2. is external) CONFIRM (link is external) EXPLOIT-DB (link is external) e2#onentcms ** Multi#le 'QL in5ection vulnerabilities in 2017-02-07 7.5 CVE-2016-7400 MLIST (link is e2#onent3cms "2#onent M' before 6.4.0 allow remote external) attac$ers to e2ecute arbitrary 'QL commands via MLIST (link is the (-) id #arameter in an activate3address external) BID (link is address controller action, (6) title #arameter in a external) show blog controller action, or (8) content3id CONFIRM (link #arameter in a showComments e2# omment is external) controller action. CONFIRM (link is external) e2#onentcms ** 9n issue was discovered in "2#onent M' 6.4.1. 2017-02-06 7.5 CVE-2017-5879 BID (link is e2#onent3cms This is a blind '4L in5ection that can be e2#loited external) by un*authenticated users via an HTTP :"T MISC (link is re/uest and which can be used to dum# external) database data out to a malicious server, using an out*of*band techni/ue, such as select3loadfile(). The vulnerability affects source3selector.#h# and the following #arameter: src. google ** android ;ace condition in the i#,3datagram3release3cb 2017-02-07 7.2 CVE-2014-9914 CONFIRM function in net0i#v40datagram.c in the Linu2 CONFIRM (link $ernel before 8.1<.6 allows local users to gain is external) #rivileges or cause a denial of service (use*after* CONFIRM BID (link is free) by leveraging incorrect e2#ectations about external) loc$ing during multithreaded access to internal CONFIRM (link data structures for %Pv4 .DP soc$ets. is external) google ** android The aio_mount function in fs0aio.c in the Linu2 2017-02-07 7.2 CVE-2016- 10044 $ernel before ,.7.7 does not #roperly restrict CONFIRM e2ecute access, which ma$es it easier for local CONFIRM (link users to bypass intended '"Linu2 1=> #olicy is external) CONFIRM restrictions, and conse/uently gain #rivileges, BID (link is via an io_setu# system call. external) CONFIRM (link is external) google ** android 9 remote code e2ecution vulnerability in the 2017-02-08 10.0 CVE-2016-8418 BID (link is 4ualcomm crypto driver could enable a remote external) attac$er to e2ecute arbitrary code within the CONFIRM (link conte2t of the $ernel. This issue is rated as is external) ritical due to the #ossibility of remote code e2ecution in the conte2t of the $ernel. Product: 9ndroid. !ersions: N09. 9ndroid %D: 9*86?<6@A,. ;eferences: 4 * ;B-7++,<+. google ** android 9 remote code e2ecution vulnerability in 2017-02-08 9.3 CVE-2017-0405 BID (link is 'urfaceflinger could enable an attac$er using a external) s#ecially crafted file to cause memory corru#tion CONFIRM (link during media file and data #rocessing. This issue is external) is rated as ritical due to the #ossibility of remote code e2ecution within the conte2t of the 'urfaceflinger #rocess. Product: 9ndroid. !ersions: +.0, +.1.1. 9ndroid %D: 9*8-A?78<A. google ** android 9 remote code e2ecution vulnerability in 2017-02-08 9.3 CVE-2017-0406 BID (link is Mediaserver could enable an attac$er using a external) s#ecially crafted file to cause memory corru#tion CONFIRM (link during media file and data #rocessing. This issue is external) is rated as ritical due to the #ossibility of remote code e2ecution within the conte2t of the Mediaserver #rocess. This affects the libhevc library. Product: 9ndroid. !ersions: ?.0, ?.0.1, +.0, +.-.1. 9ndroid %D: 9*86A-<@+-. google ** android 9 remote code e2ecution vulnerability in 2017-02-08 9.3 CVE-2017-0407 BID (link is Mediaserver could enable an attac$er using a external) s#ecially crafted file to cause memory corru#tion CONFIRM (link during media file and data #rocessing. This issue is external) is rated as ritical due to the #ossibility of remote code e2ecution within the conte2t of the Mediaserver #rocess. This affects the libhevc library. Product: 9ndroid. !ersions: ?.0, ?.0.1, +.0, +.-.1. 9ndroid %D: 9*86@+88+<. google ** android 9n elevation of #rivilege vulnerability in the 2017-02-08 9.3 CVE-2017-0410 BID (link is Cramewor$ 9P%s could enable a local malicious external) a##lication to e2ecute arbitrary code within the CONFIRM (link conte2t of a #rivileged #rocess. This issue is is external) rated as High because it could be used to gain local access to elevated ca#abilities, which are not normally accessible to a third-#arty a##lication. Product: 9ndroid. !ersions: <.0.2, <.-.1, ?.0, ?.0.1, +.0, +.1.1. 9ndroid %D: 9* 8-A6A+?<. google ** android 9n elevation of #rivilege vulnerability in the 2017-02-08 9.3 CVE-2017-0411 BID (link is Cramewor$ 9P%s could enable a local malicious external) a##lication to e2ecute arbitrary code within the CONFIRM (link conte2t of a #rivileged #rocess. This issue is is external) rated as High because it could be used to gain local access to elevated ca#abilities, which are not normally accessible to a third-#arty a##lication. Product: 9ndroid. !ersions: +.0, +.-.1. 9ndroid %D: 9*887,6?A7. google ** android 9n elevation of #rivilege vulnerability in the 2017-02-08 9.3 CVE-2017-0412 BID (link is Cramewor$ 9P%s could enable a local malicious external) a##lication to e2ecute arbitrary code within the CONFIRM (link conte2t of a #rivileged #rocess. This issue is is external) rated as High because it could be used to gain local access to elevated ca#abilities, which are not normally accessible to a third-#arty a##lication. Product: 9ndroid. !ersions: +.0, +.-.1. 9ndroid %D: 9*8878AA6?. google ** android 9n elevation of #rivilege vulnerability in 2017-02-08 9.3 CVE-2017-0415 BID (link is Mediaserver could enable a local malicious external) a##lication to e2ecute arbitrary code within the CONFIRM (link conte2t of a #rivileged #rocess. This issue is is external) rated as High because it could be used to gain local access to elevated ca#abilities, which are not normally accessible to a third-#arty a##lication. Product: 9ndroid. !ersions: ?.0, ?.7.1, +.0, +.1.1. 9ndroid %D: 9*86+7?767. google ** android 9n elevation of #rivilege vulnerability in 2017-02-08 9.3 CVE-2017-0416 BID (link is 9udioserver could enable a local malicious external) a##lication to e2ecute arbitrary code within the CONFIRM (link conte2t of a #rivileged #rocess. This issue is is external) rated as High because it could be used to gain local access to elevated ca#abilities, which are not normally accessible to a third-#arty a##lication. Product: 9ndroid. !ersions: ,.4.4, <.7.2, <.1.1, ?.0, ?.0.1, +.0, +.1.-. 9ndroid %D: 9* 86@@??7A. google ** android 9n elevation of #rivilege vulnerability in 2017-02-08 9.3 CVE-2017-0417 BID (link is 9udioserver could enable a local malicious external) a##lication to e2ecute arbitrary code within the CONFIRM (link conte2t of a #rivileged #rocess. This issue is is external) rated as High because it could be used to gain local access to elevated ca#abilities, which are not normally accessible to a third-#arty a##lication. Product: 9ndroid. !ersions: ,.4.4, <.7.2, <.1.1, ?.0, ?.0.1, +.0, +.1.-. 9ndroid %D: 9* 86+7<,8@. google ** android 9n elevation of #rivilege vulnerability in 2017-02-08 9.3 CVE-2017-0418 BID (link is 9udioserver could enable a local malicious external) a##lication to e2ecute arbitrary code within the CONFIRM (link conte2t of a #rivileged #rocess. This issue is is external) rated as High because it could be used to gain local access to elevated ca#abilities, which are not normally accessible to a third-#arty a##lication. Product: 9ndroid. !ersions: ,.4.4, <.7.2, <.1.1, ?.0, ?.0.1, +.0, +.1.-. 9ndroid %D: 9* 86+78A<A. google ** android 9n elevation of #rivilege vulnerability in 2017-02-08 9.3 CVE-2017-0419 BID (link is 9udioserver could enable a local malicious external) a##lication to e2ecute arbitrary code within the CONFIRM (link conte2t of a #rivileged #rocess. This issue is is external) rated as High because it could be used to gain local access to elevated ca#abilities, which are not normally accessible to a third-#arty a##lication. Product: 9ndroid. !ersions: ,.4.4, <.7.2, <.1.1, ?.0, ?.0.1, +.0, +.1.-. 9ndroid %D: 9* 86667+?A. google ** android 9 denial of service vulnerability in Dionic &NS 2017-02-08 7.8 CVE-2017-0422 BID (link is could enable a remote attac$er to use a s#ecially external) crafted networ$ #ac$et to cause a device hang or CONFIRM (link reboot. This issue is rated as High due to the is external) #ossibility of remote denial of service. Product: 9ndroid. !ersions: ,.4.4, <.7.2, <.1.-, ?.0, ?.0.1, +.7, +.1.1. 9ndroid %D: 9*868667@@. google ** android 9n elevation of #rivilege vulnerability in the 2017-02-08 7.6 CVE-2017-0434 BID (link is 'yna#tics touchscreen driver could enable a external) local malicious a##lication to e2ecute arbitrary CONFIRM (link code within the conte2t of the touchscreen is external) chi#set.