Vulnerabilità Chip Qualcomm e anche gli smartphone e tablet Android sono a rischio
Attenzione aggiornare non appena arriverà la patch ! Vulnerabilità Chip Qualcomm e anche gli smartphone e tablet Android sono a rischio
I ricercatori di Check Point hanno scoperto quattro gravi vulnerabilità nei driver dei chip Qualcomm. Essendo questi processori molto diffusi, l’azienda ha stimato che oltre 900 milioni di smartphone e tablet Android sono a rischio e potrebbero quindi subire un attacco che consente di ottenere i privilegi di root. I dettagli tecnici sono stati illustrati nel corso della conferenza di sicurezza DEF CON 24 di Las Vegas.Check Point ha rilevato le vulnerabilità in molti smartphone Android, anche quelli arrivati da poco sul mercato, come i Samsung Galaxy S7 e S7 edge, OnePlus 3, LG G5 e HTC 10. Anche il BlackBerry DTEK5, considerato lo smartphone Android più sicuro, è vulnerabile. Questi modelli, così come i Nexus 5X, 6 e 6P di Google, riceveranno sicuramente una patch nei prossimi giorni. Il problema riguarda invece i numerosi dispositivi, ormai abbandonati dai rispettivi produttori, che non verranno mai aggiornati.Le quattro vulnerabilità possono essere sfruttate mediante l’installazione di un malware nascosto in un’app infetta, distribuita tramite APK e camuffata da app legittima. Un simile exploit consente di accedere ai dati personali dell’utente, tracciare gli spostamenti tramite GPS, registrare audio e video, intercettare le password digitate sulla tastiera. Qualcomm ha già rilasciato le patch, ma è necessario attendere tutti i passaggi prima di poter aggiornare lo smartphone. Google ha risolto tre vulnerabilità con gli ultimi update di sicurezza, mentre la quarta verrà risolta a settembre. Purtroppo, la frammentazione di Android complica ulteriormente la situazione. Per verificare se il proprio dispositivo è vulnerabile, Check Point ha pubblicato sul Google Play Store l’app QuadRooter Scanner. Al termine della scansione verrà mostrato l’elenco delle vulnerabilità.
Fonte: Una vita da social
Vulnerability Summary for the Week of March 7, 2016
ITA
Questo articolo è scritto per te che “non capisci di esser abbastanza cretino” e ti credi molto perspicace e intelligente, una persona che snobba gli articoli e non ha bisogno di niente e prima si iscrive alla newsletter del mio sito e poi si lamenta cancellandosi dalla newsletter.
ENG
This article is written for you that “fairly stupid” and you think you’re very perceptive and intelligent, a person who snubs the articles and did not need anything and before he enrolled at the site of my newsletter and then complains removing himself from the newsletter.
High Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
adobe — digital_editions | Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 2016-03-09 | 10.0 | CVE-2016-0954 |
adobe — acrobat | Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1009. | 2016-03-09 | 10.0 | CVE-2016-1007 |
adobe — acrobat | Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1007. | 2016-03-09 | 10.0 | CVE-2016-1009 |
adobe — acrobat | Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | 2016-03-09 | 7.2 | CVE-2016-1008 |
microsoft — .net_framework | Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 mishandles signature validation for unspecified elements of XML documents, which allows remote attackers to spoof signatures via a modified document, aka “.NET XML Validation Security Feature Bypass.” | 2016-03-09 | 10.0 | CVE-2016-0132 |
microsoft — infopath | Microsoft InfoPath 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0021 |
microsoft — windows | OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka “Windows OLE Memory Remote Code Execution Vulnerability,” a different vulnerability than CVE-2016-0091. | 2016-03-09 | 9.3 | CVE-2016-0092 |
microsoft — windows | Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media content, aka “Windows Media Parsing Remote Code Execution Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0098 |
microsoft — windows | Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka “Windows Media Parsing Remote Code Execution Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0101 |
microsoft — windows | The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka “Windows Remote Code Execution Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0117 |
microsoft — windows | The PDF library in Microsoft Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka “Windows Remote Code Execution Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0118 |
microsoft — windows | The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka “OpenType Font Parsing Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0121 |
microsoft — office | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.” | 2016-03-09 | 9.3 | CVE-2016-0134 |
microsoft — internet_explorer | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Browser Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114. | 2016-03-09 | 7.6 | CVE-2016-0102 |
microsoft — internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0102, CVE-2016-0106, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114. | 2016-03-09 | 7.6 | CVE-2016-0103 |
microsoft — internet_explorer | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability.” | 2016-03-09 | 7.6 | CVE-2016-0104 |
microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Browser Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0107, CVE-2016-0111, CVE-2016-0112, and CVE-2016-0113. | 2016-03-09 | 7.6 | CVE-2016-0105 |
microsoft — internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114. | 2016-03-09 | 7.6 | CVE-2016-0106 |
microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0105, CVE-2016-0111, CVE-2016-0112, and CVE-2016-0113. | 2016-03-09 | 7.6 | CVE-2016-0107 |
microsoft — internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0109, and CVE-2016-0114. | 2016-03-09 | 7.6 | CVE-2016-0108 |
microsoft — internet_explorer | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Browser Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, and CVE-2016-0114. | 2016-03-09 | 7.6 | CVE-2016-0109 |
microsoft — internet_explorer | Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Browser Memory Corruption Vulnerability.” | 2016-03-09 | 7.6 | CVE-2016-0110 |
microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Browser Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0105, CVE-2016-0107, CVE-2016-0112, and CVE-2016-0113. | 2016-03-09 | 7.6 | CVE-2016-0111 |
microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0105, CVE-2016-0107, CVE-2016-0111, and CVE-2016-0113. | 2016-03-09 | 7.6 | CVE-2016-0112 |
microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0105, CVE-2016-0107, CVE-2016-0111, and CVE-2016-0112. | 2016-03-09 | 7.6 | CVE-2016-0113 |
microsoft — internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, and CVE-2016-0109. | 2016-03-09 | 7.6 | CVE-2016-0114 |
microsoft — internet_explorer | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Edge Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0123, CVE-2016-0124, CVE-2016-0129, and CVE-2016-0130. | 2016-03-09 | 7.6 | CVE-2016-0116 |
microsoft — edge | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Edge Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0116, CVE-2016-0124, CVE-2016-0129, and CVE-2016-0130. | 2016-03-09 | 7.6 | CVE-2016-0123 |
microsoft — edge | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Edge Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0129, and CVE-2016-0130. | 2016-03-09 | 7.6 | CVE-2016-0124 |
microsoft — edge | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Edge Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0124, and CVE-2016-0130. | 2016-03-09 | 7.6 | CVE-2016-0129 |
microsoft — edge | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Edge Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0124, and CVE-2016-0129. | 2016-03-09 | 7.6 | CVE-2016-0130 |
microsoft — office | Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 does not properly sign an unspecified binary file, which allows local users to gain privileges via a Trojan horse file with a crafted signature, aka “Microsoft Office Security Feature Bypass Vulnerability.” | 2016-03-09 | 7.2 | CVE-2016-0057 |
microsoft — windows | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka “Win32k Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0094, CVE-2016-0095, and CVE-2016-0096. | 2016-03-09 | 7.2 | CVE-2016-0093 |
microsoft — windows | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka “Win32k Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0093, CVE-2016-0095, and CVE-2016-0096. | 2016-03-09 | 7.2 | CVE-2016-0094 |
microsoft — windows | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka “Win32k Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0093, CVE-2016-0094, and CVE-2016-0096. | 2016-03-09 | 7.2 | CVE-2016-0095 |
microsoft — windows | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka “Win32k Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0093, CVE-2016-0094, and CVE-2016-0095. | 2016-03-09 | 7.2 | CVE-2016-0096 |
microsoft — windows | The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka “Secondary Logon Elevation of Privilege Vulnerability.” | 2016-03-09 | 7.2 | CVE-2016-0099 |
microsoft — windows | The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to cause a denial of service (system hang) via a crafted OpenType font, aka “OpenType Font Parsing Vulnerability.” | 2016-03-09 | 7.1 | CVE-2016-0120 |
Medium Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
microsoft — windows | OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka “Windows OLE Memory Remote Code Execution Vulnerability,” a different vulnerability than CVE-2016-0092. | 2016-03-09 | 6.8 | CVE-2016-0091 |
Low Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
microsoft — edge | Microsoft Edge mishandles the Referer policy, which allows remote attackers to obtain sensitive browser-history and request information via a crafted HTTPS web site, aka “Microsoft Edge Information Disclosure Vulnerability.” | 2016-03-09 | 2.6 | CVE-2016-0125 |
Severity Not Yet Assigned
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-0960 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-0961 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-0962 |
Adobe — Flash Player | Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010. | 2016-03-12 | N/A | CVE-2016-0963 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-0986 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0987 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0988 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-0989 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0990 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0991 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-0992 |
Adobe — Flash Player | Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010. | 2016-03-12 | N/A | CVE-2016-0993 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0994 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0995 |
Adobe — Flash Player | Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0996 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0997 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0998 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000. | 2016-03-12 | N/A | CVE-2016-0999 |
Adobe — Flash Player | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999. | 2016-03-12 | N/A | CVE-2016-1000 |
Adobe — Flash Player | Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors. | 2016-03-12 | N/A | CVE-2016-1001 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005. | 2016-03-12 | N/A | CVE-2016-1002 |
Adobe — Flash Player | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002. | 2016-03-12 | N/A | CVE-2016-1005 |
Adobe — Flash Player | Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993. | 2016-03-12 | N/A | CVE-2016-1010 |
Android — mediaserver | The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26365349. | 2016-03-12 | N/A | CVE-2016-0815 |
Android — mediaserver | mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to decoder/ih264d_parse_islice.c and decoder/ih264d_parse_pslice.c, aka internal bug 25928803. | 2016-03-12 | N/A | CVE-2016-0816 |
Android — Conscrypt | The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to spoof servers by leveraging access to an intermediate CA to issue a certificate, aka internal bug 26232830. | 2016-03-12 | N/A | CVE-2016-0818 |
Android — Qualcomm performance | The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 25364034. | 2016-03-12 | N/A | CVE-2016-0819 |
Android — MediaTek | The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358. | 2016-03-12 | N/A | CVE-2016-0820 |
Android — Linux kernel | The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for attackers to bypass a poison-pointer protection mechanism by triggering the use of an uninitialized list entry, aka Android internal bug 26186802, a different vulnerability than CVE-2015-3636. | 2016-03-12 | N/A | CVE-2016-0821 |
Android — MediaTek | The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324. | 2016-03-12 | N/A | CVE-2016-0822 |
Android — Linux kernel | The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721. | 2016-03-12 | N/A | CVE-2016-0823 |
Android — Widevine | The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039. | 2016-03-12 | N/A | CVE-2016-0825 |
Android — mediaserver | libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted application that directly dumps, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26265403. | 2016-03-12 | N/A | CVE-2016-0826 |
Android — mediaserver | Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and EffectReverb.cpp, aka internal bug 26347509. | 2016-03-12 | N/A | CVE-2016-0827 |
Android — mediaserver | The BnGraphicBufferConsumer:: |
2016-03-12 | N/A | CVE-2016-0828 |
Android — mediaserver | The BnGraphicBufferProducer:: |
2016-03-12 | N/A | CVE-2016-0829 |
Android — DTE Energy Insight application | The REST API in the DTE Energy Insight application before 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter. | 2016-03-11 | N/A | CVE-2016-1562 |
Android — mediaserver | libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to libwebm/mkvparser.cpp and other files, aka internal bug 23452792. | 2016-03-12 | N/A | CVE-2016-1621 |
Android — libstagefright | libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via crafted Bitstream data, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25765591. | 2016-03-12 | N/A | CVE-2016-0824 |
Android — Bluetooth | btif_config.c in Bluetooth in Android 6.x before 2016-03-01 allows remote attackers to cause a denial of service (memory corruption and persistent daemon crash) by triggering a large number of configuration entries, and consequently exceeding the maximum size of a configuration file, aka internal bug 26071376. | 2016-03-12 | N/A | CVE-2016-0830 |
Android — Telephony | The getDeviceIdForPhone function in internal/telephony/ |
2016-03-12 | N/A | CVE-2016-0831 |
Android — Setup Wizard | Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25955042. | 2016-03-12 | N/A | CVE-2016-0832 |
Apple — Apple Software Update | Apple Software Update before 2.2 on Windows does not use HTTPS, which makes it easier for man-in-the-middle attackers to spoof updates by modifying the client-server data stream. | 2016-03-13 | N/A | CVE-2016-1731 |
Cisco — HTTPS inspection engine | The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of HTTPS packets, aka Bug ID CSCue76147. | 2016-03-09 | N/A | CVE-2016-1312 |
Cisco — administration interface | The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506. | 2016-03-09 | N/A | CVE-2016-1325 |
Cisco — administration interface | The administration interface on Cisco DPQ3925 devices with firmware r1 allows remote attackers to cause a denial of service (device restart) via a crafted HTTP request, aka Bug ID CSCup48105. | 2016-03-09 | N/A | CVE-2016-1326 |
Cisco — web server | Buffer overflow in the web server on Cisco DPC2203 and EPC2203 devices with firmware r1_customer_image allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCuv05935. | 2016-03-09 | N/A | CVE-2016-1327 |
Cisco — TelePresence Video Communication Server | Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026. | 2016-03-11 | N/A | CVE-2016-1338 |
Cisco — Prime LAN Management Solution | Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers’ installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390. | 2016-03-11 | N/A | CVE-2016-1360 |
Cisco — IOS XR | Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900. | 2016-03-11 | N/A | CVE-2016-1361 |
Debian — jessie | pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. NOTE: this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the –enable-pt_chown option. | 2016-03-13 | N/A | CVE-2016-2856 |
EMC — Documentum xCP | EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows remote authenticated users to obtain sensitive user-account metadata via a members/xcp_member API call. | 2016-03-09 | N/A | CVE-2016-0886 |
Google — Chrome | The ImageInputType:: |
2016-03-13 | N/A | CVE-2016-1643 |
Google — Chrome | WebKit/Source/core/layout/ |
2016-03-13 | N/A | CVE-2016-1644 |
Google — Chrome | Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data. | 2016-03-13 | N/A | CVE-2016-1645 |
IBM — Tivoli Monitoring | The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors. | 2016-03-11 | N/A | CVE-2015-7411 |
IBM — Flash System V9000 | Cross-site request forgery (CSRF) vulnerability in IBM Flash System V9000 7.4 before 7.4.1.4, 7.5 before 7.5.1.3, and 7.6 before 7.6.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 2016-03-12 | N/A | CVE-2015-7446 |
IBM — Maximo Asset Management | IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote authenticated users to bypass intended access restrictions and read arbitrary purchase-order work logs via unspecified vectors. | 2016-03-13 | N/A | CVE-2016-0222 |
IBM — Maximo Asset Management | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1.1 through 7.1.1.3, 7.5.0 before 7.5.0.9 IFIX004, and 7.6.0 before 7.6.0.3 IFIX001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 2016-03-13 | N/A | CVE-2016-0262 |
IBM — Maximo Asset Management | SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX003, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 IFIX003, 7.5.1, and 7.6.0 before 7.6.0.3 IFIX001 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 2016-03-12 | N/A | CVE-2015-7448 |
IBM — WebSphere Commerce | IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and 8.x before 8.0.0.3 allows remote attackers to cause a denial of service (order-processing outage) via unspecified vectors. | 2016-03-13 | N/A | CVE-2016-0208 |
ISC — BIND | named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c. | 2016-03-09 | N/A | CVE-2016-1285 |
ISC — BIND | named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c. | 2016-03-09 | N/A | CVE-2016-1286 |
ISC — BIND | resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option. | 2016-03-09 | N/A | CVE-2016-2088 |
ISC — DHCP | ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions. | 2016-03-09 | N/A | CVE-2016-2774 |
microsoft — internet_explorer | The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption) via a malformed Cascading Style Sheets (CSS) token sequence in conjunction with modifications to HTML elements, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-6048 and CVE-2015-6049. | 2016-03-09 | N/A | CVE-2015-6184 |
microsoft — windows | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 do not properly validate handles, which allows local users to gain privileges via a crafted application, aka “Windows Elevation of Privilege Vulnerability.” | 2016-03-09 | N/A | CVE-2016-0087 |
microsoft — windows | Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges via a crafted application, aka “Library Loading Input Validation Remote Code Execution Vulnerability.” | 2016-03-09 | N/A | CVE-2016-0100 |
microsoft — windows | The USB Mass Storage Class driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows physically proximate attackers to execute arbitrary code by inserting a crafted USB device, aka “USB Mass Storage Elevation of Privilege Vulnerability.” | 2016-03-09 | N/A | CVE-2016-0133 |
Mozilla — Firefox | Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate. | 2016-03-13 | N/A | CVE-2016-1950 |
Mozilla — Firefox | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 2016-03-13 | N/A | CVE-2016-1952 |
Mozilla — Firefox | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm. |
2016-03-13 | N/A | CVE-2016-1953 |
Mozilla — Firefox | The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file. | 2016-03-13 | N/A | CVE-2016-1954 |
Mozilla — Firefox | Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element. | 2016-03-13 | N/A | CVE-2016-1955 |
Mozilla — Firefox | Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader. | 2016-03-13 | N/A | CVE-2016-1956 |
Mozilla — Firefox | Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array. | 2016-03-13 | N/A | CVE-2016-1957 |
Mozilla — Firefox | browser/base/content/browser. |
2016-03-13 | N/A | CVE-2016-1958 |
Mozilla — Firefox | The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API. | 2016-03-13 | N/A | CVE-2016-1959 |
Mozilla — Firefox | Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545. | 2016-03-13 | N/A | CVE-2016-1960 |
Mozilla — Firefox | Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574. | 2016-03-13 | N/A | CVE-2016-1961 |
Mozilla — Firefox | Use-after-free vulnerability in the mozilla:: |
2016-03-13 | N/A | CVE-2016-1962 |
Mozilla — Firefox | The FileReader class in Mozilla Firefox before 45.0 allows local users to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation. | 2016-03-13 | N/A | CVE-2016-1963 |
Mozilla — Firefox | Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations. | 2016-03-13 | N/A | CVE-2016-1964 |
Mozilla — Firefox | Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property. | 2016-03-13 | N/A | CVE-2016-1965 |
Mozilla — Firefox | The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/ |
2016-03-13 | N/A | CVE-2016-1966 |
Mozilla — Firefox | Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls after restoring a browser session. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7207. | 2016-03-13 | N/A | CVE-2016-1967 |
Mozilla — Firefox | Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted data with brotli compression. | 2016-03-13 | N/A | CVE-2016-1968 |
Mozilla — Firefox | The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font. | 2016-03-13 | N/A | CVE-2016-1969 |
Mozilla — Firefox | Integer underflow in the srtp_unprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | 2016-03-13 | N/A | CVE-2016-1970 |
Mozilla — Firefox | The I420VideoFrame::CreateFrame function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows omits an unspecified status check, which might allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors. | 2016-03-13 | N/A | CVE-2016-1971 |
Mozilla — Firefox | Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. | 2016-03-13 | N/A | CVE-2016-1972 |
Mozilla — Firefox | Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via unspecified vectors. | 2016-03-13 | N/A | CVE-2016-1973 |
Mozilla — Firefox | The nsScannerString:: |
2016-03-13 | N/A | CVE-2016-1974 |
Mozilla — Firefox | Multiple race conditions in dom/media/systemservices/ |
2016-03-13 | N/A | CVE-2016-1975 |
Mozilla — Firefox | Use-after-free vulnerability in the DesktopDisplayDevice class in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 2016-03-13 | N/A | CVE-2016-1976 |
Mozilla — Firefox | The Machine::Code::decoder:: |
2016-03-13 | N/A | CVE-2016-1977 |
Mozilla — Firefox | Use-after-free vulnerability in the ssl3_ |
2016-03-13 | N/A | CVE-2016-1978 |
Mozilla — Firefox | Use-after-free vulnerability in the PK11_ |
2016-03-13 | N/A | CVE-2016-1979 |
Mozilla — Firefox | The graphite2::TtfUtil:: |
2016-03-13 | N/A | CVE-2016-2790 |
Mozilla — Firefox | The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. | 2016-03-13 | N/A | CVE-2016-2791 |
Mozilla — Firefox | The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800. | 2016-03-13 | N/A | CVE-2016-2792 |
Mozilla — Firefox | CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. | 2016-03-13 | N/A | CVE-2016-2793 |
Mozilla — Firefox | The graphite2::TtfUtil:: |
2016-03-13 | N/A | CVE-2016-2794 |
Mozilla — Firefox | The graphite2::FileFace::get_ |
2016-03-13 | N/A | CVE-2016-2795 |
Mozilla — Firefox | Heap-based buffer overflow in the graphite2::vm::Machine::Code:: |
2016-03-13 | N/A | CVE-2016-2796 |
Mozilla — Firefox | The graphite2::TtfUtil:: |
2016-03-13 | N/A | CVE-2016-2797 |
Mozilla — Firefox | The graphite2::GlyphCache::Loader: |
2016-03-13 | N/A | CVE-2016-2798 |
Mozilla — Firefox | Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font. | 2016-03-13 | N/A | CVE-2016-2799 |
Mozilla — Firefox | The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792. | 2016-03-13 | N/A | CVE-2016-2800 |
Mozilla — Firefox | The graphite2::TtfUtil:: |
2016-03-13 | N/A | CVE-2016-2801 |
Mozilla — Firefox | The graphite2::TtfUtil:: |
2016-03-13 | N/A | CVE-2016-2802 |
Samba — smbd | The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content. | 2016-03-13 | N/A | CVE-2015-7560 |
Samba — internal DNS server | The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record. | 2016-03-13 | N/A | CVE-2016-0771 |
Schneider — Electric Telvent Sage | Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet. | 2016-03-11 | N/A | CVE-2015-6485 |
attenzione : Vulnerabilita’ in Microsoft DirectShow, apri il video e sei fritto….
Si tratta di :Exploits
attenzione : Vulnerabilita’ in Microsoft DirectShow
****************************************************************** :: Descrizione del problema
Microsoft ha rilasciato un aggiornamento per risolvere una vulnerabilita’ di tipo heap overflow presente in Microsoft DirectShow.
La vulnerabilita’ potrebbe consentire l’esecuzione remota di codice arbitrario se l’utente apre un file AVI artefatto, anche durante la navigazione sul web.
Software interessato
Windows 2000 SP4
Windows XP SP2
Windows XP SP3
Windows XP Pro x64 Edition SP2
Windows Vista Windows Vista SP1
Windows Vista SP2
Windows Vista x64 Edition
Windows Vista x64 Edition SP1
Windows Vista x64 Edition SP2 Windows 7 (32-bit) Windows 7 (x64)
Windows Server 2003 SP2
Windows Server 2003 x64 Edition SP2
Windows Server 2003 SP2 (Itanium)
Windows Server 2008 (32-bit)
Windows Server 2008 (32-bit) SP2
Windows Server 2008 (x64)
Windows Server 2008 (x64) SP2
Windows Server 2008 (Itanium)
Windows Server 2008 (Itanium) SP2
Windows Server 2008 R2 (x64)
Windows Server 2008 R2 (Itanium)
Impatto :
Esecuzione remota di codice arbitrario
Conquista del controllo sul sistema
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft, oppure utilizzare uno degli strumenti di aggiornamento come: Aggiornamenti Automatici, Windows Update, Microsoft Update, Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin http://www.microsoft.com/technet/security/Bulletin/MS10-013.mspx
Microsoft Knowledge Base
http://support.microsoft.com/kb/977935
Microsoft Update e Aggiornamenti Automatici
http://go.microsoft.com/fwlink/?LinkID=40747
https://www.update.microsoft.com/microsoftupdate/v6/ http://support.microsoft.com/kb/306525/
TippingPoint Zero Day Initiative
http://www.zerodayinitiative.com/advisories/ZDI-10-015/
Mitre’s CVE ID http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0250 Vupen Security http://www.vupen.com/english/advisories/2010/0346
ISC SANS http://isc.sans.org/diary.html?storyid=8197
Microsoft Internet Explorer non è un browser sicuro
Il governo tedesco invita gli utenti ad utilizzare altri browser, sostenedo che Microsoft Internet Explorer non è un browser sicuro..
Un altro duro colpo per la microsoft che nei giorni scorsi è stata sbeffeggiata da una falla che era presente nei browser di Microsoft in 6, IE 7, IE8 su Windows 7, Vista, Windows XP, Server 2003, Server 2008 R2, ma anche in IE 6 Service Pack 1 su Windows 2000 Service Pack 4, tale falla era stata sfruttata da cyber criminali come vettore per condurre attacchi mirati contro il colosso Google, tale affermazione è stata confermata dalla Mcafee…
La casa dell’antivirus da tempo cerca di approntare soluzioni per mettere al riparo una serie di utenti, si segnala che in questi giorni se si diventa fans su facebook si ha diritto ad ottenere una licenza d’uso per 6 mesi del loro antivirus. Ritornando alle falle di internet explorer e al consiglio che il governo tedesco da di non utilizzare tale browser posso soltanto dire che da anni esistono browser alternativi e sopratutto basati su un codice aperto e collaborativo come l’arcinoto browser firefox di gran lunga superiore in performance e disponibile in una varià di piattaforme e sistemi operativi.
Pronta la risposta di Microsoft, che intervistata dalla Bbc, ha ammesso che in effetti esiste questa grave falla che ha reso vulnerabile il suo browser. Questa vicenda è a dir poco scandalosa, escono periodicamente patch e sempre si deve cotrrere ai ripari, questa grave falla è stata la goccia che ha fatto taboccare il vaso, una grave mancanza che si può considerare il punto debole dei recenti attacchi a Google. La Microsoft si è affrettato a chiarire che per evitare bachi “bug” e avere una sicurezza nella navigazione on-line, è necessatio impostare le opzioni di protezione del browser su “alto”, nonostante le limitazioni nei siti accessibili. Ma gli esperti delle autorità tedesche hanno detto in modo perentorio che è un accorgimento che non serve per blindare la sicurezza nella navigazione.Secondo McAfee, che sta indagando gli attacchi a Google e a 34 aziende Usa, ha scoperto che uno dei vettori della cyber-intrusione è stato proprio il browser di Microsoft. Graham Cluley, dell’antivirus Sophos, ha spiegato che le versioni più vulnerabili del browser Microsoft sono 6, 7 e 8. Dalla Microsoft, intanto, hanno fatto sapere che si sta lavorando a un “update” che risolverà il problema. Il sottoscrittto Silvio Passalacqua di www.hoax.it non si ritiene per niente meravigliato di questa scoperta, poichè nonostante escano versioni sempre più aggiornate una gran parte degli utenti resta fossilizzata su vecchie versioni di intent explore, senza consuiderare la dabennaggine di gente che produce software a livello ministeriale, che programmando in maniera “becera” obbliga l’utente finale ad il browser internet explorer. Si ricordi che in passato la microsoft è stata condannata per aver “implementato” come parte essenziale del sistema operativo sui sistemi windows….
Che dire quando tramite windows update hanno deciso di rilasciare le versioni successive del browser come “aggiornamento critico” ? un conto è cambiare versione di software cioè upgradare un conto è rilasciare patch per quel software… ma la discussione sarebbe troppo lunga…
Secondo Spiegel online, l’autorevole settimanale di Amburgo, il Bundesamt fuer Sicherheit in der Informationstechnik, BSI, (Autorità federale per la sicurezza nella tecnologia dell’informazione) ha detto a chiaramente che usare il browser più diffuso Microsofr Internet Explorer è sconsigliabile, ed è preferibile usare browser alternativi, finché il problema non verrà risolto con la solita patch!
Che dire dato che la sicurezza nel pc non è un optional usate browser alternativi :
Una lista
http://www.mozilla-europe.org/it/firefox/security/
http://www.google.com/chrome/?hl=it
http://www.opera.com/download/
http://www.apple.com/it/safari/download/
MS Windows Wormable Vulnerability, Out-of-Band Patch Released (MS08-067)
Si tratta di :Sicurezza
Threat Type: Malicious Web Site / Malicious Code
Websense® Security LabsTM has received reports of exploits circulating in the wild that take advantage of a serious Windows vulnerability. Microsoft just released an out-of-band patch to address this just hours ago (see MS08-067).
The remote code execution vulnerability is found in netapi32.dll, and carries a severity rating of “Critical” by Microsoft, affecting even fully patched Windows machines. This vulnerability (CVE-2008-4250) allows malicious hackers to write a worm (self-propagating malicious code without need for any user interaction), by crafting a special RPC request. A successful exploitation would result in the complete control of victim machine.
To date, we have seen attacks installing a Trojan (Gimmiv) upon successful exploitation. At the time of this alert, only 25% of 36 anti-virus vendors could detect this malicious code. Blocking TCP ports 139 and 445 at the firewall is only a partial solution because most desktops have file/printer sharing turned on. The out-of-band patch release by Microsoft testifies to the severity of this vulnerability and the urgency for an immediate fix.
Websense is monitoring the development of this attack, and has classified the corresponding Web sites and malicious code that the exploit downloads.
More information:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4250
http://blogs.technet.com/mmpc/archive/2008/10/23/get-protected-now.aspx
http://blogs.technet.com/swi/archive/2008/10/23/More-detail-about-MS08-067.aspx
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
Vulnerabilita’ in Microsoft Windows Kernel (954211)
Si tratta di :Sicurezza
Descrizione del problema
Questo aggiornamento di sicurezza risolve tre vulnerabilita’
relative al Microsoft Kernel.
Le vulnerabilita’ consentono ad un attaccante locale di ottenere
il controllo completo del sistema.
:: Software e Sistemi affetti
Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
Microsoft Windows XP SP3
Microsoft Windows XP Professional x64
Microsoft Windows XP Professional x64 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 x64
Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 per Itanium SP1
Microsoft Windows Server 2003 per Itanium SP2
Microsoft Windows Vista
Microsoft Windows Vista SP1
Microsoft Windows Vista x64
Microsoft Windows Vista x64 SP1
Microsoft Windows Server 2008 per sistemi 32-bit
Microsoft Windows Server 2008 per sistemi x64
Microsoft Windows Server 2008 per sistemi Itanium
:: Impatto
Esecuzione di codice arbritario con privilegi superiori
:: Soluzioni
Applicare la patch segnalata nel bollettino Microsoft MS08–061
http://www.microsoft.com/technet/security/Bulletin/MS08–061.mspx
:: Riferimenti
Microsoft Security Bulletin MS08–061
http://www.microsoft.com/technet/security/Bulletin/MS08–061.mspx
FrSirt:
http://www.frsirt.com/english/advisories/2008/2812
Secunia:
http://secunia.com/advisories/32247/
SecurityFocus:
http://www.securityfocus.com/bid/31653
CVE Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2250
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2251
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2252
Vulnerabilita’ in Microsoft Active Directory (957280)
Si tratta di :Sicurezza
Descrizione del problema
Questo aggiornamento di sicurezza risolve una vulnerabilita’
nell’implementazione di Active Directory su Microsoft Windows
2000 Server.
La vulnerabilita’ consente da remoto esecuzione di codice
arbitrario se un attaccante ottiene accesso ad una rete affetta.
Questa vulnerabilita’ interessa soltanto i server Microsoft Windows
2000 configurati come domain controller.
:: Software e Sistemi affetti
Microsoft Windows 2000 Server Service Pack 4
:: Impatto
Esecuzione di codice arbritario
:: Soluzioni
Applicare la patch segnalata nel bollettino Microsoft MS08-060
http://www.microsoft.com/technet/security/Bulletin/MS08-060.mspx
:: Riferimenti
Microsoft Security Bulletin MS08-060
http://www.microsoft.com/technet/security/Bulletin/MS08-060.mspx
FrSirt:
http://www.frsirt.com/english/advisories/2008/2821
Secunia:
http://secunia.com/advisories/32242/
SecurityFocus:
http://www.securityfocus.com/bid/31609
CVE Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4023
Aggiornamento cumulativo per Internet Explorer (956390)
Si tratta di :Sicurezza
Descrizione del problema
Questo aggiornamento di sicurezza risolve sei vulnerabilita’
relative a Microsoft Internet Explorer.
Queste vulnerabilita’ consentono l’intercettazione e la disseminazione
di informazioni oppure l’esecuzione remota di codice arbitrario dopo
aver indotto un utente a visitare siti web malevoli.
Gli account utente configurati con meno privilegi sul sistema
potrebbero essere meno affetti rispetto ad utenti con privilegi di
amministratore.
:: Software e Sistemi affetti
Software:
Microsoft Internet Explorer 5.01 su Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 su Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 su Microsoft Windows XP SP2
Microsoft Internet Explorer 6 su Microsoft Windows XP SP3
Microsoft Internet Explorer 6 su Microsoft XP Professional x64
Microsoft Internet Explorer 6 su Microsoft XP Professional x64 SP2
Microsoft Internet Explorer 6 su Microsoft Windows Server 2003 SP1
Microsoft Internet Explorer 6 su Microsoft Windows Server 2003 SP2
Microsoft Internet Explorer 6 su Microsoft Windows Server 2003 x64
Microsoft Internet Explorer 6 su Microsoft Windows Server 2003 x64 SP2
Microsoft Internet Explorer 7 su Microsoft Windows XP SP2
Microsoft Internet Explorer 7 su Microsoft Windows XP SP3
Microsoft Internet Explorer 7 si Microsoft Windows XP Professional x64
Microsoft Internet Explorer 7 su Microsoft Windows Server 2003 SP1
Microsoft Internet Explorer 7 su Microsoft Windows Server 2003 SP2
Microsoft Internet Explorer 7 su Microsoft Windows Server 2003 x64
Microsoft Internet Explorer 7 su Microsoft Windows Server 2003 x64 SP2
Microsoft Internet Explorer 7 su Microsoft Windows Vista SP0 SP1
Microsoft Internet Explorer 7 su Microsoft Windows Vista x64 SP1
Microsoft Internet Explorer 7 su Microsoft Windows Server 2008
:: Impatto
Accesso ad informazioni sensibili
Accesso al sistema
Esecuzione remota di codice arbritario
:: Soluzioni
Applicare la patch segnalata nel bollettino Microsoft MS08-058
http://www.microsoft.com/technet/security/bulletin/ms08-058.mspx
:: Riferimenti
Microsoft Security Bulletin MS08-058
http://www.microsoft.com/technet/security/bulletin/ms08-058.mspx
FrSirt:
http://www.frsirt.com/english/advisories/2008/2809
SecurityFocus:
http://www.securityfocus.com/bid/29960
CVE Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3472
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3474
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3476
Alert GCSA-08099 – MS08-059 Vulnerabilita’ in Microsoft Host
Si tratta di :Sicurezza
Descrizione del problema
Questo aggiornamento di sicurezza risolve una vulnerabilita’
relativa a Microsoft Host Integration Server.
La vulnerabilita’ consente l’esecuzione remota di codice arbitrario
se un attaccante invia su una macchina affetta richieste RPC
appositamente forgiate.
:: Software e Sistemi affetti
Microsoft Host Integration Server 2000 SP2
Microsoft Host Integration Server 2000 Administrator Client
Microsoft Host Integration Server 2004 (Server)
Microsoft Host Integration Server 2004 SP1 (Server)
Microsoft Host Integration Server 2004 (Client)
Microsoft Host Integration Server 2004 SP1 (Client)
Microsoft Host Integration Server 2006 per sistemi 32-bit
Microsoft Host Integration Server 2006 per sistemi x64
:: Impatto
Esecuzione remota di codice arbritario
:: Soluzioni
Applicare la patch segnalata nel bollettino Microsoft MS08-059
http://www.microsoft.com/technet/security/Bulletin/MS08-059.mspx
:: Riferimenti
Microsoft Security Bulletin MS08-059
http://www.microsoft.com/technet/security/Bulletin/MS08-059.mspx
FrSirt:
http://www.frsirt.com/english/advisories/2008/2810
Secunia:
http://secunia.com/advisories/32233/
SecurityFocus:
http://www.securityfocus.com/bid/31620
CVE Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3466
Vulnerabilita’ in Microsoft Excel (956416)
Si tratta di :Sicurezza
Descrizione del problema
Questo aggiornamento di sicurezza risolve tre vulnerabilita’
relative a Microsoft Office Excel.
Le vulnerabilita’ consentono l’esecuzione remota di codice arbitrario
se un attaccante apre file di Excel appositamente predisposti.
Un attaccante che sia riuscito a sfruttare queste vulnerabilita’
potrebbe ottenere il controllo completo del sistema.
:: Software e Sistemi affetti
Microsoft Office 2000 SP3
Microsoft Office XP SP3
Microsoft Office 2003 SP2
Microsoft Office 2003 SP3
2007 Microsoft Office System
2007 Microsoft Office System SP1
Microsoft Office Excel Viewer
Microsoft Office Excel Viewer 2003
Microsoft Office Excel Viewer 2003 SP3
Microsoft Office Compatibility Pack
Microsoft Office Compatibility Pack SP1
Microsoft Office SharePoint Server 2007
Microsoft Office SharePoint Server 2007 SP1
Microsoft Office SharePoint Server 2007 x64
Microsoft Office SharePoint Server 2007 x64 SP1
Microsoft Office 2004 per Mac
Microsoft Office 2008 per Mac
Open XML File Format Converter per Mac
:: Impatto
Esecuzione remota di codice arbritario
:: Soluzioni
Applicare la patch segnalata nel bollettino Microsoft MS08-057
http://www.microsoft.com/technet/security/bulletin/ms08-057.mspx
:: Riferimenti
Microsoft Security Bulletin MS08-057
http://www.microsoft.com/technet/security/bulletin/ms08-059.mspx
FrSirt:
http://www.frsirt.com/english/advisories/2008/2808
Secunia:
http://secunia.com/advisories/32211/
SecurityFocus:
http://www.securityfocus.com/bid/31705
CVE Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4019