The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:

weakness announce 18656

WordPress WP Symposium Pro Social Network: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of WordPress WP Symposium Pro Social Network.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 08/01/2016.
Identifiers: VIGILANCE-VUL-18656.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in WordPress WP Symposium Pro Social Network.

An attacker can trigger a Cross Site Scripting in wps_usermeta_shortcodes.php, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can trigger a Cross Site Request Forgery in edit-profile, in order to force the victim to perform operations. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

cybersecurity weakness 18655

WordPress Relevant Related Posts by BestWebSoft: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of WordPress Relevant Related Posts by BestWebSoft, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 07/01/2016.
Identifiers: VIGILANCE-VUL-18655.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Relevant Related Posts by BestWebSoft plugin can be installed on WordPress.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of WordPress Relevant Related Posts by BestWebSoft, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

cybersecurity announce CVE-2015-8557

Pygments: code execution via FontManager._get_nix_font_path

Synthesis of the vulnerability

An attacker can use a vulnerability in FontManager._get_nix_font_path of Pygments, in order to run code.
Severity: 2/4.
Creation date: 07/01/2016.
Identifiers: CVE-2015-8557, DSA-3445-1, USN-2862-1, VIGILANCE-VUL-18654.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use a vulnerability in FontManager._get_nix_font_path of Pygments, in order to run code.
Full Vigil@nce bulletin... (Free trial)

computer threat alert CVE-2016-1903 CVE-2016-1904 CVE-2016-5114

PHP: six vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of PHP.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 7.
Creation date: 07/01/2016.
Identifiers: 70661, 70728, 70741, 70755, 70976, 71270, CERTFR-2016-AVI-023, CVE-2016-1903, CVE-2016-1904, CVE-2016-5114, DLA-628-1, FEDORA-2016-5207e0c1a1, FEDORA-2016-558167a417, openSUSE-SU-2016:0251-1, openSUSE-SU-2016:0366-1, openSUSE-SU-2016:1553-1, RHSA-2016:2750-01, SSA:2016-034-04, SUSE-SU-2016:1581-1, USN-2952-1, USN-2952-2, USN-3045-1, VIGILANCE-VUL-18653.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in PHP.

An attacker can generate a memory corruption in PHP_to_XMLRPC_worker, in order to trigger a denial of service, and possibly to run code. [severity:2/4; 70728]

An attacker can generate a memory corruption in WDDX Packet Deserialization, in order to trigger a denial of service, and possibly to run code. [severity:3/4; 70741]

An attacker can force the usage of a freed memory area in WDDX Packet Deserialization, in order to trigger a denial of service, and possibly to run code. [severity:3/4; 70661]

An attacker can read a memory fragment via gdImageRotateInterpolated(), in order to obtain sensitive information. [severity:1/4; 70976, CVE-2016-1903]

An attacker can create a memory leak in fpm_log.c, in order to trigger a denial of service. [severity:2/4; 70755, CVE-2016-5114]

An attacker can generate a buffer overflow in fpm_log.c, in order to trigger a denial of service, and possibly to run code. [severity:3/4; 70755, CVE-2016-5114]

An attacker can generate a buffer overflow in escapeshell(), in order to trigger a denial of service, and possibly to run code. [severity:3/4; 71270, CVE-2016-1904]
Full Vigil@nce bulletin... (Free trial)

cybersecurity bulletin CVE-2015-8098

F5 BIG-IP APM: memory corruption via Citrix Remote Desktop

Synthesis of the vulnerability

An attacker can generate a memory corruption via Citrix Remote Desktop in F5 BIG-IP APM, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 07/01/2016.
Identifiers: CVE-2015-8098, SOL43552605, VIGILANCE-VUL-18652.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The F5 BIG-IP APM (Access Policy Manager) product manages Citrix Remote Desktop sessions.

However, malformed Citrix Remote Desktop data corrupt the BIG-IP APM memory.

An attacker can therefore generate a memory corruption via Citrix Remote Desktop in F5 BIG-IP APM, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

security bulletin CVE-2016-1564

WordPress Core: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of WordPress Core, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 07/01/2016.
Identifiers: CERTFR-2016-AVI-007, CVE-2016-1564, DSA-3444-1, FEDORA-2016-21f5261525, FEDORA-2016-4c8956da04, VIGILANCE-VUL-18651.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Core plugin can be installed on WordPress.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of WordPress Core, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2016-1565

Drupal Field Group: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in Field Group of Drupal, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 07/01/2016.
Identifiers: CVE-2016-1565, SA-CONTRIB-2016-001, VIGILANCE-VUL-18649.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Drupal product offers a Field Group module, to group field on entity forms and entity displays.

However, when a user adds an element in HTML format, this one can contain JavaScript data, which are not filtered before being inserted in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in Field Group of Drupal, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer weakness note 18648

TLS: obtaining data size via HTTPS Bicycle

Synthesis of the vulnerability

An attacker can analyze TLS sessions using the GCM mode, in order to guess the size of confidential data sent.
Severity: 2/4.
Creation date: 06/01/2016.
Identifiers: VIGILANCE-VUL-18648.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The TLS protocol supports several "ciphers". For example:
 - ECDHE-ECDSA-AES256-GCM-SHA384
 - ECDHE-RSA-AES256-GCM-SHA384
 - ECDHE-ECDSA-AES256-SHA384
 - ECDHE-RSA-AES256-SHA384

Those containing "GCM", use the Galois/Counter Mode, which is a stream cipher (and not a block cipher). The size of the encrypted message is thus the same as the size of the clear message. This property (weakness) is known since several years. Note: RC4 is also a stream cipher, but its usage is now not recommended.

However, if the attacker captures TLS packets, and knows a part of the clear message, he can deduce the length of unknown data. For example, the attacker can go to the authentication page of a web service with the same browser than the victim, in order to know the length of HTTP headers which are usually sent in the TLS session. Then, if he captures the victim's TLS session, he can obtain the size of data sent in the authentication form, and thus guess the size of his password.

An attacker can therefore analyze TLS sessions using the GCM mode, in order to guess the size of confidential data sent.
Full Vigil@nce bulletin... (Free trial)

computer threat 18647

Node.js jshamcrest: denial of service via Regular Expression

Synthesis of the vulnerability

An attacker can send malicious data to Node.js jshamcrest, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 06/01/2016.
Identifiers: VIGILANCE-VUL-18647.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The jshamcrest module can be installed on Node.js.

However, some specific data trigger an overload during the Regular Expression computation.

An attacker can therefore send malicious data to Node.js jshamcrest, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note 18646

Node.js jadedown: denial of service via Regular Expression

Synthesis of the vulnerability

An attacker can send malicious data to Node.js jadedown, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 06/01/2016.
Identifiers: VIGILANCE-VUL-18646.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The jadedown module can be installed on Node.js.

However, some specific data trigger an overload during the Regular Expression computation.

An attacker can therefore send malicious data to Node.js jadedown, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1141 1161 1181 1201 1221 1241 1261 1281 1301 1321 1341 1361 1381 1401 1421 1441 1461 1481 1501 1521 1541 1561 1581 1601 1621 1641 1661 1681 1701 1721 1741 1751 1752 1753 1754 1755 1756 1757 1758 1759 1761 1763 1764 1765 1766 1767 1768 1769 1770 1771 1781 1801 1821 1841 1861 1881 1901 1921 1941 1961 1981 2001 2021 2041 2061 2081 2101 2121 2141 2161 2181 2201 2221 2241 2261 2281 2301 2321 2341 2361 2381 2401 2421 2441 2461 2481 2501 2521 2541 2561 2581 2601 2621 2641 2661 2681 2701 2721 2741 2761 2781 2801 2821 2841 2861 2881 2901 2921 2927