2016-02-06

 
RSS for product
CVE-2015-7914
 
Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote attackers to bypass authentication by leveraging knowledge of a password hash without knowledge of the associated password.

 
RSS for product
CVE-2015-7915
 
Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.

 
RSS for product
CVE-2015-7916
 
Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query.

 
RSS for product
CVE-2016-1306
 
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Fog Director 1.0(0) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux80466.

 
RSS for product
CVE-2016-1310
 
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033.

 
RSS for product
CVE-2016-1311
 
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Jabber Guest Server 10.6(8) allows remote attackers to inject arbitrary web script or HTML via the host tag parameter, aka Bug ID CSCuy08224.

 
RSS for product
CVE-2016-0801
 
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.

 
RSS for product
CVE-2016-0802
 
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181.

 
RSS for product
CVE-2016-0803
 
libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a large memory allocation in the (1) SoftMPEG4Encoder or (2) SoftVPXEncoder component, aka internal bug 25812794.

 
RSS for product
CVE-2016-0804
 
The NuPlayer::GenericSource::notifyPreparedAndCleanup function in media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 improperly manages mDrmManagerClient objects, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25070434.

 
RSS for product
CVE-2016-0805
 
The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204.

 
RSS for product
CVE-2016-0806
 
The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25344453.

 
RSS for product
CVE-2016-0807
 
The get_build_id function in elf_utils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394.

 
RSS for product
CVE-2016-0808
 
Integer overflow in the getCoverageFormat12 function in CmapCoverage.cpp in the Minikin library in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 allows attackers to cause a denial of service (continuous rebooting) via an application that triggers loading of a crafted TTF font, aka internal bug 25645298.

 
RSS for product
CVE-2016-0809
 
Use-after-free vulnerability in the wifi_cleanup function in bcmdhd/wifi_hal/wifi_hal.cpp in Wi-Fi in Android 6.x before 2016-02-01 allows attackers to gain privileges by leveraging access to the local physical environment during execution of a crafted application, aka internal bug 25753768.

 
RSS for product
CVE-2016-0810
 
media/libmedia/SoundPool.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 mishandles locking requirements, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25781119.

 
RSS for product
CVE-2016-0811
 
Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in libmediaplayerservice in Android 6.x before 2016-02-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an improper size calculation, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25800375.

 
RSS for product
CVE-2016-0812
 
The interceptKeyBeforeDispatching function in policy/src/com/android/internal/policy/impl/PhoneWindowManager.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.0 before 2016-02-01 does not properly check for setup completion, which allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25229538.

 
RSS for product
CVE-2016-0813
 
packages/SystemUI/src/com/android/systemui/recents/AlternateRecentsComponent.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.x before 2016-02-01 does not properly check for device provisioning, which allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25476219.
2016-02-05

 
RSS for product
CVE-2016-0861
 
General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors.

 
RSS for product
CVE-2016-0862
 
General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to obtain sensitive cleartext account information via unspecified vectors.
2016-02-04

 
RSS for product
CVE-2015-8269
 
The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive information or modify data by leveraging presence in an 802.11 network's coverage area and entering an account number.

 
RSS for product
CVE-2016-1284
 
rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before 9.9.8-S5, when nxdomain-redirect is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via crafted flag values in a query.
2016-02-03

 
RSS for product
CVE-2016-2213
 
The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service (out-of-bounds array read access) via crafted JPEG 2000 data.

 
RSS for product
CVE-2015-5344
 
The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.

 
RSS for product
CVE-2015-7536
 
Cross-site scripting (XSS) vulnerability in CloudBees Jenkins before 1.640 and LTS before 1.625.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to workspaces and archived artifacts.

 
RSS for product
CVE-2015-7537
 
Cross-site request forgery (CSRF) vulnerability in CloudBees Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method.

 
RSS for product
CVE-2015-7538
 
CloudBees Jenkins before 1.640 and LTS before 1.625.2 allow remote attackers to bypass the CSRF protection mechanism via unspecified vectors.

 
RSS for product
CVE-2015-7539
 
The Plugins Manager in CloudBees Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin.

 
RSS for product
CVE-2015-7546
 
The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-keystoneclient) before 1.5.4 (Kilo) and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers, which allows remote authenticated users to bypass intended access restrictions and gain access to cloud resources by manipulating byte fields within a revoked token.

 


Copyright 2016, cxsecurity.com