11/21の週のCVE

High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info ge -- bently_nevada_3500/22m_serial_firmware General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors. 2016-11-24 10.0 CVE-2016-5788 MISC google -- android An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30904789. References: NVIDIA N-CVE-2016-6730. 2016-11-25 9.3 CVE-2016-6730 CONFIRM     : 　同様件、多数、中略 ibm -- rational_team_concert IBM Rational Collaborative Lifecycle Management ..（注、の複数バージョンで）..allow remote authenticated users to execute arbitrary OS commands via a crafted request. 2016-11-24 7.5 CVE-2016-0325 CONFIRM ibm -- security_access_manager IBM Security Access Manager for Web 7.0 before IF2 and 8.0 before 8.0.1.4 IF3 and Security Access Manager 9.0 before 9.0.1.0 IF5 allow remote authenticated users to execute arbitrary commands by leveraging LMI admin access. 2016-11-24 9.0 CVE-2016-3028 AIXAPAR AIXAPAR AIXAPAR CONFIRM libtiff -- libtiff tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka "PixarLog horizontalDifference heap-buffer-overflow." 2016-11-22 7.5 CVE-2016-9533 CONFIRM     : 　中略 paloaltonetworks -- pan-os Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows remote attackers to execute arbitrary code via unspecified vectors. 2016-11-19 10.0 CVE-2016-9150 CONFIRM Back to top Medium Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info cisco -- adaptive_security_appliance_software A vulnerability in the HTTP web-based management interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to inject arbitrary XML commands on the affected system. More Information: CSCva38556. Known Affected Releases: 9.1(6.10). Known Fixed Releases: 100.11(0.75) 100.15(0.137) 100.8(40.129) 96.2(0.95) 97.1(0.55) 97.1(12.7) 97.1(6.30). 2016-11-18 4.3 CVE-2016-6461 CONFIRM : 中略 cisco -- email_security_appliance_firmware A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass content filters configured on an affected device. Email that should have been filtered could instead be forwarded by the device. This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to use a content filter for email attachments that are protected or encrypted. More Information: CSCva52546. Known Affected Releases: 10.0.0-125 9.7.1-066. 2016-11-18 5.0 CVE-2016-6458 CONFIRM : 中略 google -- android An elevation of privilege vulnerability in the Qualcomm bus driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30311977. References: Qualcomm QC-CR#1050455. 2016-11-25 6.8 CVE-2016-3904 CONFIRM google -- android An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30445973. References: Qualcomm QC-CR#1054344. 2016-11-25 4.3 CVE-2016-3906 CONFIRM ・・・略・・・ hdfgroup -- hdf5 In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution. 2016-11-18 6.9 CVE-2016-4330 MISC hdfgroup -- hdf5 When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution. 2016-11-18 6.9 CVE-2016-4331 MISC hdfgroup -- hdf5 The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library. 2016-11-18 6.9 CVE-2016-4332 MISC ・・・略・・・ ibm -- security_access_manager IBM Security Access Manager for Mobile 8.x before 8.0.1.4 IF3 and Security Access Manager 9.x before 9.0.1.0 IF5 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. 2016-11-24 5.0 CVE-2016-3025 AIXAPAR AIXAPAR CONFIRM ・・・略・・・ ibm -- tivoli_storage_manager_for_virtual_environments IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.4.x before 6.4.3.4 and 7.1.x before 7.1.6 allows remote authenticated users to bypass a TSM credential requirement and obtain administrative access by leveraging multiple simultaneous logins. 2016-11-24 4.6 CVE-2016-2988 CONFIRM ibm -- websphere_application_server IBM WebSphere Application Server (WAS) Liberty before 16.0.0.3, when the installation lacks a default error page, allows remote attackers to obtain sensitive information by triggering an exception. 2016-11-24 4.3 CVE-2016-0378 AIXAPAR CONFIRM paloaltonetworks -- pan-os The Addresses Object parser in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 mishandles single quote characters, which allows remote authenticated users to conduct XPath injection attacks via a crafted string. 2016-11-19 4.0 CVE-2016-9149 CONFIRM ・・・略・・・ samsung -- samsung_mobile The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a conversation. The Samsung ID is SVE-2016-6343. 2016-11-23 4.3 CVE-2016-9567 CONFIRM sap -- netweaver SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to thesap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835. 2016-11-22 5.0 CVE-2016-9562 MISC sap -- netweaver BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via thesap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909. 2016-11-22 6.0 CVE-2016-9563 MISC siemens -- ccid1445-dn18_firmware The following SIEMENS branded IP Camera .. (複数Models、複数バージョンで) .. could allow an attacker with network access to the web server to obtain administrative credentials under certain circumstances. 2016-11-22 5.0 CVE-2016-9155 CONFIRM ・・・略・・・ Back to top