Vulnerability Summary for the Week of March 7, 2016
ITA
Questo articolo è scritto per te che “non capisci di esser abbastanza cretino” e ti credi molto perspicace e intelligente, una persona che snobba gli articoli e non ha bisogno di niente e prima si iscrive alla newsletter del mio sito e poi si lamenta cancellandosi dalla newsletter.
ENG
This article is written for you that “fairly stupid” and you think you’re very perceptive and intelligent, a person who snubs the articles and did not need anything and before he enrolled at the site of my newsletter and then complains removing himself from the newsletter.
High Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
adobe — digital_editions | Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 2016-03-09 | 10.0 | CVE-2016-0954 |
adobe — acrobat | Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1009. | 2016-03-09 | 10.0 | CVE-2016-1007 |
adobe — acrobat | Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1007. | 2016-03-09 | 10.0 | CVE-2016-1009 |
adobe — acrobat | Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | 2016-03-09 | 7.2 | CVE-2016-1008 |
microsoft — .net_framework | Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 mishandles signature validation for unspecified elements of XML documents, which allows remote attackers to spoof signatures via a modified document, aka “.NET XML Validation Security Feature Bypass.” | 2016-03-09 | 10.0 | CVE-2016-0132 |
microsoft — infopath | Microsoft InfoPath 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0021 |
microsoft — windows | OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka “Windows OLE Memory Remote Code Execution Vulnerability,” a different vulnerability than CVE-2016-0091. | 2016-03-09 | 9.3 | CVE-2016-0092 |
microsoft — windows | Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media content, aka “Windows Media Parsing Remote Code Execution Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0098 |
microsoft — windows | Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka “Windows Media Parsing Remote Code Execution Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0101 |
microsoft — windows | The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka “Windows Remote Code Execution Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0117 |
microsoft — windows | The PDF library in Microsoft Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka “Windows Remote Code Execution Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0118 |
microsoft — windows | The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka “OpenType Font Parsing Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0121 |
microsoft — office | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0134 |
microsoft — internet_explorer | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Browser Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114. | 2016-03-09 | 7.6 | CVE-2016-0102 |
microsoft — internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0102, CVE-2016-0106, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114. | 2016-03-09 | 7.6 | CVE-2016-0103 |
microsoft — internet_explorer | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability.” | 2016-03-09 | 7.6 | CVE-2016-0104 |
microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Browser Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0107, CVE-2016-0111, CVE-2016-0112, and CVE-2016-0113. | 2016-03-09 | 7.6 | CVE-2016-0105 |
microsoft — internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114. | 2016-03-09 | 7.6 | CVE-2016-0106 |
microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0105, CVE-2016-0111, CVE-2016-0112, and CVE-2016-0113. | 2016-03-09 | 7.6 | CVE-2016-0107 |
microsoft — internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0109, and CVE-2016-0114. | 2016-03-09 | 7.6 | CVE-2016-0108 |
microsoft — internet_explorer | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Browser Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, and CVE-2016-0114. | 2016-03-09 | 7.6 | CVE-2016-0109 |
microsoft — internet_explorer | Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Browser Memory Corruption Vulnerability.” | 2016-03-09 | 7.6 | CVE-2016-0110 |
microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Browser Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0105, CVE-2016-0107, CVE-2016-0112, and CVE-2016-0113. | 2016-03-09 | 7.6 | CVE-2016-0111 |
microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0105, CVE-2016-0107, CVE-2016-0111, and CVE-2016-0113. | 2016-03-09 | 7.6 | CVE-2016-0112 |
microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0105, CVE-2016-0107, CVE-2016-0111, and CVE-2016-0112. | 2016-03-09 | 7.6 | CVE-2016-0113 |
microsoft — internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, and CVE-2016-0109. | 2016-03-09 | 7.6 | CVE-2016-0114 |
microsoft — internet_explorer | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Edge Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0123, CVE-2016-0124, CVE-2016-0129, and CVE-2016-0130. | 2016-03-09 | 7.6 | CVE-2016-0116 |
microsoft — edge | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Edge Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0116, CVE-2016-0124, CVE-2016-0129, and CVE-2016-0130. | 2016-03-09 | 7.6 | CVE-2016-0123 |
microsoft — edge | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Edge Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0129, and CVE-2016-0130. | 2016-03-09 | 7.6 | CVE-2016-0124 |
microsoft — edge | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Edge Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0124, and CVE-2016-0130. | 2016-03-09 | 7.6 | CVE-2016-0129 |
microsoft — edge | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Edge Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0124, and CVE-2016-0129. | 2016-03-09 | 7.6 | CVE-2016-0130 |
microsoft — office | Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 does not properly sign an unspecified binary file, which allows local users to gain privileges via a Trojan horse file with a crafted signature, aka “Microsoft Office Security Feature Bypass Vulnerability.” | 2016-03-09 | 7.2 | CVE-2016-0057 |
microsoft — windows | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka “Win32k Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0094, CVE-2016-0095, and CVE-2016-0096. | 2016-03-09 | 7.2 | CVE-2016-0093 |
microsoft — windows | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka “Win32k Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0093, CVE-2016-0095, and CVE-2016-0096. | 2016-03-09 | 7.2 | CVE-2016-0094 |
microsoft — windows | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka “Win32k Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0093, CVE-2016-0094, and CVE-2016-0096. | 2016-03-09 | 7.2 | CVE-2016-0095 |
microsoft — windows | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka “Win32k Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0093, CVE-2016-0094, and CVE-2016-0095. | 2016-03-09 | 7.2 | CVE-2016-0096 |
microsoft — windows | The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka “Secondary Logon Elevation of Privilege Vulnerability.” | 2016-03-09 | 7.2 | CVE-2016-0099 |
microsoft — windows | The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to cause a denial of service (system hang) via a crafted OpenType font, aka “OpenType Font Parsing Vulnerability.” | 2016-03-09 | 7.1 | CVE-2016-0120 |
Medium Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
microsoft — windows | OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka “Windows OLE Memory Remote Code Execution Vulnerability,” a different vulnerability than CVE-2016-0092. | 2016-03-09 | 6.8 | CVE-2016-0091 |
Low Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
microsoft — edge | Microsoft Edge mishandles the Referer policy, which allows remote attackers to obtain sensitive browser-history and request information via a crafted HTTPS web site, aka “Microsoft Edge Information Disclosure Vulnerability.” | 2016-03-09 | 2.6 | CVE-2016-0125 |
Severity Not Yet Assigned
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-0960 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-0961 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-0962 |
Adobe — Flash Player | Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010. | 2016-03-12 | N/A | CVE-2016-0963 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-0986 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0987 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0988 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-0989 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0990 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0991 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-0992 |
Adobe — Flash Player | Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010. | 2016-03-12 | N/A | CVE-2016-0993 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0994 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0995 |
Adobe — Flash Player | Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0996 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0997 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0998 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0999 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999. | 2016-03-12 | N/A | CVE-2016-1000 |
Adobe — Flash Player | Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors. | 2016-03-12 | N/A | CVE-2016-1001 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-1002 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002. | 2016-03-12 | N/A | CVE-2016-1005 |
Adobe — Flash Player | Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993. | 2016-03-12 | N/A | CVE-2016-1010 |
Android — mediaserver | The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26365349. | 2016-03-12 | N/A | CVE-2016-0815 |
Android — mediaserver | mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to decoder/ih264d_parse_islice.c and decoder/ih264d_parse_pslice.c, aka internal bug 25928803. | 2016-03-12 | N/A | CVE-2016-0816 |
Android — Conscrypt | The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to spoof servers by leveraging access to an intermediate CA to issue a certificate, aka internal bug 26232830. | 2016-03-12 | N/A | CVE-2016-0818 |
Android — Qualcomm performance | The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 25364034. | 2016-03-12 | N/A | CVE-2016-0819 |
Android — MediaTek | The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358. | 2016-03-12 | N/A | CVE-2016-0820 |
Android — Linux kernel | The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for attackers to bypass a poison-pointer protection mechanism by triggering the use of an uninitialized list entry, aka Android internal bug 26186802, a different vulnerability than CVE-2015-3636. | 2016-03-12 | N/A | CVE-2016-0821 |
Android — MediaTek | The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324. | 2016-03-12 | N/A | CVE-2016-0822 |
Android — Linux kernel | The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721. | 2016-03-12 | N/A | CVE-2016-0823 |
Android — Widevine | The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039. | 2016-03-12 | N/A | CVE-2016-0825 |
Android — mediaserver | libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted application that directly dumps, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26265403. | 2016-03-12 | N/A | CVE-2016-0826 |
Android — mediaserver | Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and EffectReverb.cpp, aka internal bug 26347509. | 2016-03-12 | N/A | CVE-2016-0827 |
Android — mediaserver | The BnGraphicBufferConsumer:: |
2016-03-12 | N/A | CVE-2016-0828 |
Android — mediaserver | The BnGraphicBufferProducer:: |
2016-03-12 | N/A | CVE-2016-0829 |
Android — DTE Energy Insight application | The REST API in the DTE Energy Insight application before 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter. | 2016-03-11 | N/A | CVE-2016-1562 |
Android — mediaserver | libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to libwebm/mkvparser.cpp and other files, aka internal bug 23452792. | 2016-03-12 | N/A | CVE-2016-1621 |
Android — libstagefright | libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via crafted Bitstream data, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25765591. | 2016-03-12 | N/A | CVE-2016-0824 |
Android — Bluetooth | btif_config.c in Bluetooth in Android 6.x before 2016-03-01 allows remote attackers to cause a denial of service (memory corruption and persistent daemon crash) by triggering a large number of configuration entries, and consequently exceeding the maximum size of a configuration file, aka internal bug 26071376. | 2016-03-12 | N/A | CVE-2016-0830 |
Android — Telephony | The getDeviceIdForPhone function in internal/telephony/ |
2016-03-12 | N/A | CVE-2016-0831 |
Android — Setup Wizard | Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25955042. | 2016-03-12 | N/A | CVE-2016-0832 |
Apple — Apple Software Update | Apple Software Update before 2.2 on Windows does not use HTTPS, which makes it easier for man-in-the-middle attackers to spoof updates by modifying the client-server data stream. | 2016-03-13 | N/A | CVE-2016-1731 |
Cisco — HTTPS inspection engine | The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of HTTPS packets, aka Bug ID CSCue76147. | 2016-03-09 | N/A | CVE-2016-1312 |
Cisco — administration interface | The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506. | 2016-03-09 | N/A | CVE-2016-1325 |
Cisco — administration interface | The administration interface on Cisco DPQ3925 devices with firmware r1 allows remote attackers to cause a denial of service (device restart) via a crafted HTTP request, aka Bug ID CSCup48105. | 2016-03-09 | N/A | CVE-2016-1326 |
Cisco — web server | Buffer overflow in the web server on Cisco DPC2203 and EPC2203 devices with firmware r1_customer_image allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCuv05935. | 2016-03-09 | N/A | CVE-2016-1327 |
Cisco — TelePresence Video Communication Server | Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026. | 2016-03-11 | N/A | CVE-2016-1338 |
Cisco — Prime LAN Management Solution | Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers’ installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390. | 2016-03-11 | N/A | CVE-2016-1360 |
Cisco — IOS XR | Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900. | 2016-03-11 | N/A | CVE-2016-1361 |
Debian — jessie | pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. NOTE: this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the –enable-pt_chown option. | 2016-03-13 | N/A | CVE-2016-2856 |
EMC — Documentum xCP | EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows remote authenticated users to obtain sensitive user-account metadata via a members/xcp_member API call. | 2016-03-09 | N/A | CVE-2016-0886 |
Google — Chrome | The ImageInputType:: |
2016-03-13 | N/A | CVE-2016-1643 |
Google — Chrome | WebKit/Source/core/layout/ |
2016-03-13 | N/A | CVE-2016-1644 |
Google — Chrome | Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data. | 2016-03-13 | N/A | CVE-2016-1645 |
IBM — Tivoli Monitoring | The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors. | 2016-03-11 | N/A | CVE-2015-7411 |
IBM — Flash System V9000 | Cross-site request forgery (CSRF) vulnerability in IBM Flash System V9000 7.4 before 7.4.1.4, 7.5 before 7.5.1.3, and 7.6 before 7.6.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 2016-03-12 | N/A | CVE-2015-7446 |
IBM — Maximo Asset Management | IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote authenticated users to bypass intended access restrictions and read arbitrary purchase-order work logs via unspecified vectors. | 2016-03-13 | N/A | CVE-2016-0222 |
IBM — Maximo Asset Management | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1.1 through 7.1.1.3, 7.5.0 before 7.5.0.9 IFIX004, and 7.6.0 before 7.6.0.3 IFIX001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 2016-03-13 | N/A | CVE-2016-0262 |
IBM — Maximo Asset Management | SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX003, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 IFIX003, 7.5.1, and 7.6.0 before 7.6.0.3 IFIX001 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 2016-03-12 | N/A | CVE-2015-7448 |
IBM — WebSphere Commerce | IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and 8.x before 8.0.0.3 allows remote attackers to cause a denial of service (order-processing outage) via unspecified vectors. | 2016-03-13 | N/A | CVE-2016-0208 |
ISC — BIND | named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c. | 2016-03-09 | N/A | CVE-2016-1285 |
ISC — BIND | named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c. | 2016-03-09 | N/A | CVE-2016-1286 |
ISC — BIND | resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option. | 2016-03-09 | N/A | CVE-2016-2088 |
ISC — DHCP | ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions. | 2016-03-09 | N/A | CVE-2016-2774 |
microsoft — internet_explorer | The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption) via a malformed Cascading Style Sheets (CSS) token sequence in conjunction with modifications to HTML elements, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-6048 and CVE-2015-6049. | 2016-03-09 | N/A | CVE-2015-6184 |
microsoft — windows | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 do not properly validate handles, which allows local users to gain privileges via a crafted application, aka “Windows Elevation of Privilege Vulnerability.” | 2016-03-09 | N/A | CVE-2016-0087 |
microsoft — windows | Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges via a crafted application, aka “Library Loading Input Validation Remote Code Execution Vulnerability.” | 2016-03-09 | N/A | CVE-2016-0100 |
microsoft — windows | The USB Mass Storage Class driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows physically proximate attackers to execute arbitrary code by inserting a crafted USB device, aka “USB Mass Storage Elevation of Privilege Vulnerability.” | 2016-03-09 | N/A | CVE-2016-0133 |
Mozilla — Firefox | Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate. | 2016-03-13 | N/A | CVE-2016-1950 |
Mozilla — Firefox | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 2016-03-13 | N/A | CVE-2016-1952 |
Mozilla — Firefox | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm. |
2016-03-13 | N/A | CVE-2016-1953 |
Mozilla — Firefox | The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file. | 2016-03-13 | N/A | CVE-2016-1954 |
Mozilla — Firefox | Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element. | 2016-03-13 | N/A | CVE-2016-1955 |
Mozilla — Firefox | Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader. | 2016-03-13 | N/A | CVE-2016-1956 |
Mozilla — Firefox | Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array. | 2016-03-13 | N/A | CVE-2016-1957 |
Mozilla — Firefox | browser/base/content/browser. |
2016-03-13 | N/A | CVE-2016-1958 |
Mozilla — Firefox | The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API. | 2016-03-13 | N/A | CVE-2016-1959 |
Mozilla — Firefox | Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545. | 2016-03-13 | N/A | CVE-2016-1960 |
Mozilla — Firefox | Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574. | 2016-03-13 | N/A | CVE-2016-1961 |
Mozilla — Firefox | Use-after-free vulnerability in the mozilla:: |
2016-03-13 | N/A | CVE-2016-1962 |
Mozilla — Firefox | The FileReader class in Mozilla Firefox before 45.0 allows local users to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation. | 2016-03-13 | N/A | CVE-2016-1963 |
Mozilla — Firefox | Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations. | 2016-03-13 | N/A | CVE-2016-1964 |
Mozilla — Firefox | Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property. | 2016-03-13 | N/A | CVE-2016-1965 |
Mozilla — Firefox | The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/ |
2016-03-13 | N/A | CVE-2016-1966 |
Mozilla — Firefox | Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls after restoring a browser session. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7207. | 2016-03-13 | N/A | CVE-2016-1967 |
Mozilla — Firefox | Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted data with brotli compression. | 2016-03-13 | N/A | CVE-2016-1968 |
Mozilla — Firefox | The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font. | 2016-03-13 | N/A | CVE-2016-1969 |
Mozilla — Firefox | Integer underflow in the srtp_unprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | 2016-03-13 | N/A | CVE-2016-1970 |
Mozilla — Firefox | The I420VideoFrame::CreateFrame function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows omits an unspecified status check, which might allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors. | 2016-03-13 | N/A | CVE-2016-1971 |
Mozilla — Firefox | Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. | 2016-03-13 | N/A | CVE-2016-1972 |
Mozilla — Firefox | Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via unspecified vectors. | 2016-03-13 | N/A | CVE-2016-1973 |
Mozilla — Firefox | The nsScannerString:: |
2016-03-13 | N/A | CVE-2016-1974 |
Mozilla — Firefox | Multiple race conditions in dom/media/systemservices/ |
2016-03-13 | N/A | CVE-2016-1975 |
Mozilla — Firefox | Use-after-free vulnerability in the DesktopDisplayDevice class in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 2016-03-13 | N/A | CVE-2016-1976 |
Mozilla — Firefox | The Machine::Code::decoder:: |
2016-03-13 | N/A | CVE-2016-1977 |
Mozilla — Firefox | Use-after-free vulnerability in the ssl3_ |
2016-03-13 | N/A | CVE-2016-1978 |
Mozilla — Firefox | Use-after-free vulnerability in the PK11_ |
2016-03-13 | N/A | CVE-2016-1979 |
Mozilla — Firefox | The graphite2::TtfUtil:: |
2016-03-13 | N/A | CVE-2016-2790 |
Mozilla — Firefox | The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. | 2016-03-13 | N/A | CVE-2016-2791 |
Mozilla — Firefox | The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800. | 2016-03-13 | N/A | CVE-2016-2792 |
Mozilla — Firefox | CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. | 2016-03-13 | N/A | CVE-2016-2793 |
Mozilla — Firefox | The graphite2::TtfUtil:: |
2016-03-13 | N/A | CVE-2016-2794 |
Mozilla — Firefox | The graphite2::FileFace::get_ |
2016-03-13 | N/A | CVE-2016-2795 |
Mozilla — Firefox | Heap-based buffer overflow in the graphite2::vm::Machine::Code:: |
2016-03-13 | N/A | CVE-2016-2796 |
Mozilla — Firefox | The graphite2::TtfUtil:: |
2016-03-13 | N/A | CVE-2016-2797 |
Mozilla — Firefox | The graphite2::GlyphCache::Loader: |
2016-03-13 | N/A | CVE-2016-2798 |
Mozilla — Firefox | Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font. | 2016-03-13 | N/A | CVE-2016-2799 |
Mozilla — Firefox | The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792. | 2016-03-13 | N/A | CVE-2016-2800 |
Mozilla — Firefox | The graphite2::TtfUtil:: |
2016-03-13 | N/A | CVE-2016-2801 |
Mozilla — Firefox | The graphite2::TtfUtil:: |
2016-03-13 | N/A | CVE-2016-2802 |
Samba — smbd | The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content. | 2016-03-13 | N/A | CVE-2015-7560 |
Samba — internal DNS server | The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record. | 2016-03-13 | N/A | CVE-2016-0771 |
Schneider — Electric Telvent Sage | Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet. | 2016-03-11 | N/A | CVE-2015-6485 |
Vulnerabilita’ multiple in Mozilla Firefox
:: Descrizione del problema
Sono state riscontrate varie vulnerabilità in Mozilla Firefox per
mezzo delle quali un utente remoto puo’: causare l’esecuzione di codice
arbitrario, causare condizioni di denial of service, modificare file
nel sistema vittima, scavalcare le restrizioni same-origin, mascherare
le URL nella barra degli indirizzi.
Per una descrizione completa delle vulnerabilita’ consultare le
segnalazioni ufficiali.
:: Piattaforme e Software interessati
Mozilla Firefox e Firefox ESR versioni precedenti la 45 e 38.6.1
su Linux, Unix e Windows
:: Impatto
Accesso alle informazioni utente
Accesso alle informazioni di sistema
Esecuzione remota di codice arbitrario
Denial of service
:: Soluzione
Aggiornare Mozilla Firefox alle versioni:
Firefox 45
Firefox ESR 38.6.1
:: Riferimenti
Mozilla Foundation Security Advisories
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
https://www.mozilla.org/en-US/
Security Tracker
http://securitytracker.com/id/
Redhat
http://rhn.redhat.com/errata/
Oracle
http://linux.oracle.com/
Ubuntu
http://www.ubuntu.com/usn/usn-
I riferimenti CVE sono disponibili
nelle segnalazioni originali.
Fonte Garr
13 bollettini di sicurezza relativi a vulnerabilita’ Microsoft
Microsoft ha rilasciato 13 bollettini di sicurezza relativi
a vulnerabilita’ presenti nei sistemi operativi Windows
e in altre applicazioni
MS13-067 Vulnerabilita’ in Microsoft SharePoint Server
MS13-068 Vulnerabilita’ in Microsoft Outlook
MS13-069 Aggiornamento cumulativo Internet Explorer
MS13-070 Vulnerabilita’ in OLE
MS13-071 Vulnerabilita’ nel file dei temi di Windows
MS13-072 Vulnerabilita’ in Microsoft Office
MS13-073 Vulnerabilita’ di Microsoft Excel
MS13-074 Vulnerabilita’ in Microsoft Access
MS13-075 Vulnerabilita’ in Microsoft Office IME (cinese)
MS13-076 Vulnerabilita’ nei driver in modalita’ kernel
MS13-077 Vulnerabilita’ nella Gestione controllo servizi di Windows
MS13-078 Vulnerabilita’ in FrontPage
MS13-079 Vulnerabilita’ in Active Directory
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione “Riferimenti”.
:: Software interessato
Microsoft Windows (Internet Explorer)
Microsoft Outlook
Microsoft Office
Microsoft SharePoint Server
Microsoft FrontPage
Microsoft Active Directory
:: Impatto
Esecuzione di codice in modalita’ remota
Acquisizione di privilegi piu’ elevati
Denial of Service
Rivelazione e intercettazione di dati sensibili
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza – Settembre 2013
http://technet.microsoft.com/
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
Microsoft Knowledge Base
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
Microsoft Update
http://windowsupdate.
https://www.update.microsoft.
http://support.microsoft.com/
ISC SANS
http://isc.sans.edu/diary.
Mitre CVE
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
http://www.cve.mitre.org/cgi-
5 bollettini di sicurezza relativi a vulnerabilita’ presenti nei sistemi operativi Windows
Si tratta di :Sicurezza
: Descrizione del problema
Microsoft ha rilasciato 5 bollettini di sicurezza relativi
a vulnerabilita’ presenti nei sistemi operativi Windows
e in altre applicazioni:
MS13-047 Aggiornamento cumulativo per la protezione di Internet Explorer (2838727)
MS13-048 Vulnerabilita’ in Windows Kernel (2839229)
MS13-049 Vulnerabilita’ nel Driver Kernel-Mode (2845690)
MS13-050 Vulnerabilita’ nei Componenti Print Spooler di Windows (2839894)
MS13-051 Vulnerabilita’ in Microsoft Office (2839571)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione “Riferimenti”.
:: Software interessato
Microsoft Windows
Microsoft Internet Explorer
Microsoft Office
:: Impatto
Esposizione di informazioni sensibili
Attacco di tipo Denial of Service
Acquisizione di privilegi piu’ elevati
Esecuzione di codice in modalita’ remota
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza – Giugno 2013
http://technet.microsoft.com/
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
http://technet.microsoft.com/
Microsoft Knowledge Base
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
http://support.microsoft.com/
Microsoft Update
http://windowsupdate.
https://www.update.microsoft.
http://support.microsoft.com/
Mitre CVE
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
http://cve.mitre.org/cgi-bin/
SANS ISC Diary
http://isc.sans.edu/diary.
Vulnerabilita’ in OpenSSL
Si tratta di :Sicurezza
Sono state rilasciate nuove versioni di OpenSSL che risolvono 6 vulnerabila’ presenti nel software:
DTLS Plaintext Recovery Attack (CVE-2011-4108)
Double-free in Policy Checks (CVE-2011-4109)
Uninitialized SSL 3.0 Padding (CVE-2011-4576)
Malformed RFC 3779 Data Can Cause Assertion Failures (CVE-2011-4577)
SGC Restart DoS Attack (CVE-2011-4619)
Invalid GOST parameters DoS Attack (CVE-2012-0027)
:: Software interessato
OpenSSL versioni precedenti alla 0.9.8s
OpenSSL versioni precedenti alla 1.0.0f
:: Impatto
Denial of Service
Esecuzione remota di codice arbitrario
Rivelazione di informazioni sensibili
:: Soluzioni
Aggiornare OpenSSL
alla versione 0.9.8s o alla versione 1.0.0f
http://openssl.org/source/
Mac Osx una mela brucata nella tempesta tsunami tra malware, trojan backdoor e SEO poisoning attack
Si tratta di :Sicurezza
Il sistema operativo Mac si è dimostratio negli anni, un esempio commerciale della potenza mediatica delle corporation,
avrete certamente letto le dichiarazioni di Richard Stallman di Linux e della Community legata a Linux e allo sviluppo del software in modalità open source linux based.
Cosa significa per i linuxiani il mondo mac ? che impatto ha la mela nelle loro vite ? nulla, meno di zero ! il sistema osx è come una mela ovvero una palla tonda che rotola
rotole e avvolge tutti inconsapevolmente in una realtà fatta di gabbie dorate.
I ricercatori eset e quelli di sophos nella loro attività volta al monitoraggio della rete e dei fenomeni che la circondano hanno scovato la presenza di una backdoor che deriva da
Una vecchia backdoor di Linux, trasportata su Mac OS attraverso un porting, tale tecnica è stata rielaborata per creare un nuovo trojan chiamato OSX/Tsunami-A.
Questo malware sfrutta una variante di Troj/Kaiten, un trojan per Linux progettato per inserirsi in un computer e rimanere collegato a un canale IRC in attesa di istruzioni.
che impatto potrebbe avere ? semplice avere a portata di mano intere reti di computer per lanciare attacchi su larga scala. Chi potrebbe avere interesse a diffondere tale virus nei sitemi mac ?
Probabilmente pirati informatici che hanno la necessità di creare un esercito di computer necessario a lanciare ciber attacchi ad obbiettivi sensibili.
“Tipicamente del codice come questo è usato per radunare i computer compromessi in un attacco DDoS (Distributed Denial of Service) contro un sito web” scrive infatti Graham Clueley sul blog Naked Security di Sophos. Questo tipo di attacco può essere una dimostrazione fine a sé stessa, oppure lo strumento per penetrare delle difese di un certo sito per poi compiere altre azioni, che vanno dal defacing al furto d’informazioni. OSX/Tsunami tuttavia è più complesso, perché può eseguire diverse istruzioni oltre al citato attacco DDoS, tra cui l’accesso diretto ai contenuti del computer infetto.
Non è chiaro tuttavia in che modo Tsunami possa finire su un sistema Mac OS. È certamente possibile nel caso di un accesso fisico al computer, ma non è detto che una buona operazione di social engineering non riesca convincere gli utenti meno smaliziati a installare software pericoloso. Che significa ? si potrebbe tentare di indurre l’utente ad installare questo malware in diversi modi, primo fra tutti si potrebbe utilizzare la tecnica del SEO poisoning attack ( sfruttare siti ben piazzati nei motori di ricerca per diffondere il malware su larga scala).
Ma questo è già avvenuto nel mondo mac ricorderete Macdefender che nel maggio 2011 mutò il nome in Mac Guard per infiltrare la sua payload nel sistema target….
ma come avveniva ? il file avSetup.pkg scaricato inconsapevolmente veniva eseguito, questo falso antivirus, non chiede la password di amministratore, viene installato nella cartella Applicazioni. un downloader chiamato avRunner, che si avvia automaticamente. Allo stesso tempo, il pacchetto di installazione si cancella non lasciando alcuna traccia del programma di installazione originale.
il finto antivirus veniva scaricato con l’applicazione avRunner da un indirizzo IP (nascosto con tecniche steganografiche), Sullo schermo dell utente colpito cominceranno ad apparire pop-up pornografici e di un software per la rimozione delle infezioni in versione premium da acquistare tramite carta di credito, in modo da spingere l’utente a fornire i dati da sottrarre.
Ma tornando a Tsunami per il momento non rappresenta un pericolo per gli utenti Mac, anche perché dev’essere ancora analizzato a fondo.
Che dire del trojan persistente Flashback.c propoposto come finto aggiornamento di sicurezza che è in grado di installarsi in modo eprsistente su osx ??
Il consiglio che potrei dare è quello di non affidarsi ciecamente alle “prodezze” e agli spot commerciali.. poichè non è poi così difficile ottenere l’accesso delle credenziali di accesso tramite script dell’ultima versione di osx specialmente se upgradato… 🙂
Quindi Tsunami è senza dubbio una ragione d’interesse per tutti gli esperti di sicurezza e di sistemi operativi, perché è il primo malware per Mac OS X che sfrutta una falla derivata dai sistemi *nix (Mac OS è infatti basato su Unix).
Rilasciato l’Apple Security Update 2011-001
Si tratta di :News
si consiglia di installare il security update per correggere varie vulnerabilta’ che affliggono il sistema operativo Mac OS X
eseguire l’update su:
Apple Mac OS X versione 10.5.8 e precedenti
Apple Mac OS X versioni dalla 10.6 alla 10.6.6
Apple Mac OS X Server versione 10.5.8 e precedenti
Apple Mac OS X Server versioni dalla 10.6 alla 10.6.6
cosa viene corretto aggiornando il proprio os ?
problemi relativi a: Security Bypass, Cross Site Scripting,
Spoofing, Privilege escalation, Denial of Service, Accesso al sistema,
Esposizione dei dati del sistema, Esposizione di informazioni sensibili
aggiornare via software update oppure clicca qui per scaricare
Vulnerabilita’ in Adobe Flash Player 10.1.82.76
Si tratta di :Exploits
:: Descrizione del problema
E’ stata identificata una vulnerabilita’ in Adobe Flash Player.
Questa vulnerabilita’ puo’ consentire il crash del sistema
e potenzialmente permettere ad un aggressore di prenderne
il controllo.
Vi sono report secondo i quali questa vulnerabilita’ e’
attualmente sfruttata su internet ai danni di sistemi Windows.
Questa vulnerabilita’ (CVE-2010-2884) affligge anche Adobe Reader e
Adobe Acrobat, ma Adobe non e’ a conoscenza di alcun attacco
che attualmente sfrutti tale vulnerabilita’ contro questi prodotti.
Esiste pero’ un altro bug (CVE-2010-2883), relativo solo a
Reader e Acrobat e scoperto in data 8 settembre, che risulta
in corso di sfruttamento per mezzo di documenti PDF artefatti.
:: Software interessato
Adobe Flash Player 10.1.82.76 e precedenti per Windows, Macintosh, Linux e Solaris
Adobe Flash Player 10.1.92.10 per Android
Adobe Reader 9.3.4 e versioni precedenti per Windows, Macintosh e UNIX
Adobe Acrobat 9.3.4 e precedenti per Windows e Macintosh
Per verificare la versione di Flash Player installata
accedere alla seguente pagina
http://www.adobe.com/products/flash/about/
Se utilizzate piu’ browser effettuare il controllo
da ognuno di essi.
:: Impatto
Esecuzione remota di codice arbitrario
Conquista del controllo sul sistema
Denial of service
:: Soluzioni
Aggiornare a Flash Player 10.1.85.3 .
Per gli utenti di Flash Player 10.1.92.10 per Android aggiornare a
Flash Player 10.1.95.1
http://get.adobe.com/flashplayer/
oppure utilizzare la funzione auto-update presente nel prodotto
quando viene proposta.
Per gli utenti che non possono passare a Flash Player 10.1.85.3,
Adobe ha sviluppato una versione corretta di Flash Player 9,
Flash Player 9.0.283, che puo’ essere scaricata al seguente link:
http://kb2.adobe.com/cps/406/kb406791.html
Per Adobe Reader 9.3.4 e Acrobat 9.3.4 non e’ ancora disponibile
alcun aggiornamento. Nella settimana del 4 ottobre 2010 verra’
pubblicata la nuova versione che risolvera’ entrambi i bug
citati.
:: Riferimenti
Abobe Security Advisory e Bulletin
http://www.adobe.com/support/security/bulletins/apsb10-22.html
http://www.adobe.com/support/security/advisories/apsa10-03.html
http://www.adobe.com/support/security/advisories/apsa10-02.html
Mitre’s CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2883
Vupen Security
http://www.vupen.com/english/advisories/2010/2349
http://www.vupen.com/english/advisories/2010/2348
http://www.vupen.com/english/advisories/2010/2331
http://www.vupen.com/english/Reference-CVE-2010-2884.php
http://www.vupen.com/blog/
ISC SANS
http://isc.sans.org/diary.html?storyid=9544
http://isc.sans.edu/diary.html?storyid=9538
http://isc.sans.edu/diary.html?storyid=9541
http://isc.sans.edu/diary.html?storyid=9523
Microsoft TechNet Blog
http://blogs.technet.com/b/srd/archive/2010/09/10/use-emet-2-0-to-block-the-adobe-0-day-exploit.aspx
Secunia
http://secunia.com/advisories/41340
Securityfocus Bugtraq ID
http://www.securityfocus.com/bid/43057
http://www.securityfocus.com/bid/43205
Vulnerabilita’ in Microsoft Windows Shell (2286198)
Si tratta di :Exploits
: Descrizione del problema
Microsoft ha rilasciato un aggiornamento per risolvere
una vulnerabilita’ presente nelle funzionalita’
Windows Shell.
La vulnerabilita’ potrebbe consentire l’esecuzione di codice
arbitrario da remoto, se l’utente visualizza una icona di un
collegamento malevolo appositamente predisposto.
Un attaccante che riesta a sfruttare questa vulnerabilita’ puo’
ottenere gli stessi privilegi dell’utente locale. Se gli utenti sono
configurati per avere non tutti i privilegi sul sistema, la
vulnerabilita’ puo’ avere minor impatto che se l’utente operasse con i
privilegi di amministratore.
:: Software interessato
Windows XP SP3
Windows XP Pro x64 Edition SP2
Windows Server 2003 SP2
Windows Server 2003 x64 Edition SP2
Windows Server 2003 con SP2 per sistemi Itanium
Windows Vista SP1
Windows Vista SP2
Windows Vista x64 SP1
Windows Vista x64 SP2
Windows Server 2008 32bit
Windows Server 2008 32bit SP2
Windows Server 2008 x64
Windows Server 2008 x64 SP2
Windows Server 2008 per Itanium
Windows Server 2008 per Itanium SP2
Windows 7 32bit
Windows 7 x64
Windows Server 2008 R2 x64
Windows Server 2008 R2 per Itanium
:: Impatto
Esecuzione remota di codice arbitrario
Conquista del controllo sul sistema
Denial of service
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/bulletin/ms10-046.mspx
Microsoft Knowledge Base
http://support.microsoft.com/kb/2286198
Mitre’s CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2568
Apple Security Update 2008-007
Si tratta di :Sicurezza
Descrizione del problema
Apple ha rilasciato il Security Update 2008-007 per correggere
varie vulnerabilta’ che affliggono il sistema operativo Mac OS X
ed alcune applicazioni distribuite insieme al sistema stesso.
:: Software interessato
Apple Mac OS X
:: Impatto
Security Bypass
Cross Site Scripting
Spoofing
Manipolazione di dati
Esposizione di dati sensibili
Esposizione di informazioni sul sistema
Privilege escalation
Denial of Service
System access
:: Soluzione
Applicare il Security Update 2008-007:
http://www.apple.com/support/downloads/
:: Riferimenti
Apple – About Security Update 2008-007:
http://support.apple.com/kb/HT3216
Secunia:
http://secunia.com/advisories/32222/
Mitre’s CVE ID:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4850
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0227
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3912
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3913
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3914
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3645
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3646
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4211
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4212
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4214
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4215