1/02週のCVE ... medium vulnerabilities

Medium Vulnerabilities

	・・・中略・・・
f5 -- big-ip_advanced_firewall_manager	Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic. 　↑ 「Updates are available. Please see the references or vendor advisory for more information.」との事。 パッチ適用すれば良い	2017-01-03	4.3	CVE-2016-5024 BID SECTRACK CONFIRM
forgerock -- openam	XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM - Access Management 10.1.0 allows remote attackers to read arbitrary files via the SAMLRequest parameter.	2017-01-02	5.0	CVE-2016-10097 MISC BID
hybris -- hybris	Cross-site scripting (XSS) vulnerability in the Inbox Search feature in Hybris Management Console (HMC) in SAP Hybris before 6.0 allows remote attackers to inject arbitrary web script or HTML via the itemsperpage parameter.	2016-12-31	4.3	CVE-2016-6856 BID MISC
libgd -- libgd	Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.	2017-01-04	5.0	CVE-2016-9933 SUSE SUSE SUSE MLIST CONFIRM CONFIRM BID CONFIRM CONFIRM CONFIRM CONFIRM
	・・・中略・・・
netgear -- srx5308_firmware	Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, and SRX5308 devices with firmware before 4.3.3-8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the thispage parameter, as demonstrated by reading the /etc/shadow file.	2017-01-03	4.0	CVE-2016-10106 CONFIRM BID
openbsd -- openssh	sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.	2017-01-04	6.9	CVE-2016-10010 MISC MLIST BID SECTRACK CONFIRM MISC CONFIRM EXPLOIT-DB CONFIRM
	・・・中略・・・
sap -- hybris	Hybris Management Console (HMC) in SAP Hybris before 6.0 allows remote attackers to obtain sensitive information by triggering an error and then reading a Java stack trace.	2016-12-31	4.0	CVE-2016-6859 BID MISC
torproject -- tor	Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote attackers to cause a denial of service (client, hidden service, relay, or authority crash) via crafted data.	2017-01-04	5.0	CVE-2016-8860 MLIST BID CONFIRM CONFIRM CONFIRM
wordpress -- wordpress	Cross-site scripting (XSS) vulnerability in the media_handle_upload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename.	2017-01-04	4.3	CVE-2016-7168 MLIST MLIST BID CONFIRM CONFIRM MISC CONFIRM
wordpress -- wordpress	Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter.	2017-01-04	6.5	CVE-2016-7169 BID CONFIRM CONFIRM CONFIRM

Back to top