The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:

security vulnerability CVE-2016-3213 CVE-2016-3236 CVE-2016-3299

Microsoft Windows: trafic hijacking via the WPAD protocol

Synthesis of the vulnerability

An attacker can spoof answers to WPAD request from Microsoft Windows, in order to hijack Web traffic.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 15/06/2016.
Identifiers: 3165191, CERTFR-2016-AVI-206, CVE-2016-3213, CVE-2016-3236, CVE-2016-3299, MS16-077, VIGILANCE-VUL-19890.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Microsoft Windows product include a mechanism for Web proxy discovery.

Proxy search is done via NetBIOS requests. However, an attacker can spoof the official proxy in order to make browsers use a proxy that is controlled by the attacker.

This vulnerability is related to the one described in VIGILANCE-VUL-19886.

An attacker can therefore spoof answers to WPAD request from Microsoft Windows, in order to hijack Web traffic.
Full Vigil@nce bulletin... (Free trial)

threat alert CVE-2016-3228

Microsoft Windows: memory corruption via Netlogon

Synthesis of the vulnerability

An authenticated attacker can generate a memory corruption via Netlogon of Microsoft Windows, in order to trigger a denial of service, and possibly to run code with the privileges of another user.
Severity: 3/4.
Creation date: 15/06/2016.
Identifiers: 3167691, CERTFR-2016-AVI-206, CVE-2016-3228, MS16-076, VIGILANCE-VUL-19889.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Microsoft Windows product allows to run commands on remote hosts.

An authentication is required. However, an attacker can send a specially crafted authentication request to make the server run code with the privileges of another user.

An authenticated attacker can therefore generate a memory corruption via Netlogon of Microsoft Windows, in order to trigger a denial of service, and possibly to run code with the privileges of another user.
Full Vigil@nce bulletin... (Free trial)

weakness announce CVE-2016-3225

Microsoft Windows: privilege escalation via the SMB server

Synthesis of the vulnerability

An attacker can tamper with authentication requests to Microsoft Windows, in order to escalate his privileges.
Severity: 3/4.
Creation date: 15/06/2016.
Identifiers: 3164038, CERTFR-2016-AVI-206, CVE-2016-3225, MS16-075, VIGILANCE-VUL-19888.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Microsoft Windows product includes a SMB/CIFS server.

This protocol is used for user and service authentication. However, an attacker can tamper with an authentication request in order to make the server run some code with its own privileges.

An attacker can therefore tamper with authentication requests to Microsoft Windows, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

cybersecurity weakness CVE-2016-3216 CVE-2016-3219 CVE-2016-3220

Microsoft Windows: three vulnerabilities via Graphics Component

Synthesis of the vulnerability

An attacker can use several vulnerabilities via Graphics Component of Microsoft Windows.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 15/06/2016.
Revisions dates: 21/06/2016, 15/02/2017.
Identifiers: 3164036, 779, 785, 992, CERTFR-2016-AVI-206, CVE-2016-3216, CVE-2016-3219, CVE-2016-3220, MS16-074, VIGILANCE-VUL-19887.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Microsoft Windows.

An attacker can get nformation useful to bypass ASLR. [severity:3/4; CVE-2016-3216]

An attacker can corrupt an object in memory, in order to get kernel privileges. [severity:3/4; 779, CVE-2016-3219]

An attacker can bypass security features via ATMFD.dll, in order to escalate his privileges. [severity:3/4; 785, CVE-2016-3220]
Full Vigil@nce bulletin... (Free trial)

cybersecurity announce CVE-2016-0199 CVE-2016-0200 CVE-2016-3202

Microsoft Internet Explorer: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft Internet Explorer.
Severity: 4/4.
Number of vulnerabilities in this bulletin: 10.
Creation date: 15/06/2016.
Revisions dates: 15/06/2016, 17/06/2016, 20/06/2016, 23/06/2016.
Identifiers: 3163649, CERTFR-2016-AVI-203, CVE-2016-0199, CVE-2016-0200, CVE-2016-3202, CVE-2016-3205, CVE-2016-3206, CVE-2016-3207, CVE-2016-3210, CVE-2016-3211, CVE-2016-3212, CVE-2016-3213, MS16-063, VIGILANCE-VUL-19886, ZDI-16-365, ZDI-16-366.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Microsoft Internet Explorer.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-0199]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-0200, ZDI-16-365]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-3202]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-3205]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-3206]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-3207]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-3210]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-3211, ZDI-16-366]

An attacker can generate a memory corruption via XSS filter, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-3212]

An attacker can bypass security features via the Web Proxy Auto Discovery protocol, in order to escalate his privileges. [severity:3/4; CVE-2016-3213]
Full Vigil@nce bulletin... (Free trial)

computer threat alert 19885

Joomla Affiliate Tracker: SQL injection via user_id

Synthesis of the vulnerability

An attacker can use a SQL injection via the request parameter user_id of Joomla Affiliate Tracker, in order to read or alter data.
Severity: 2/4.
Creation date: 14/06/2016.
Identifiers: VIGILANCE-VUL-19885.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Joomla Affiliate Tracker product uses a database.

However, user's data are directly inserted in a SQL query.

An attacker can therefore use a SQL injection via the request parameter user_id of Joomla Affiliate Tracker, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

cybersecurity bulletin 19884

WordPress WP to Twitter: Cross Site Request Forgery via _wpnonce

Synthesis of the vulnerability

An attacker can trigger a Cross Site Request Forgery via _wpnonce of WordPress WP to Twitter, in order to force the victim to perform operations.
Severity: 2/4.
Creation date: 14/06/2016.
Identifiers: VIGILANCE-VUL-19884.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The WP to Twitter plugin can be installed on WordPress.

However, the origin of queries is not checked. They can for example originate from an image included in an HTML document.

An attacker can therefore trigger a Cross Site Request Forgery via the POST parameter _wpnonce of WordPress WP to Twitter, in order to force the victim to perform operations.
Full Vigil@nce bulletin... (Free trial)

security bulletin CVE-2016-3687

F5 BIG-IP: privilege escalation via SSO

Synthesis of the vulnerability

An attacker can tamper with the SSO service of F5 BIG-IP APM, in order to escalate his privileges.
Severity: 2/4.
Creation date: 14/06/2016.
Identifiers: CVE-2016-3687, K26738102, SOL26738102, VIGILANCE-VUL-19883.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The F5 BIG-IP product offers a web service for a Single Sign On functionality.

However, the SSO server does not fully check some URLs, and an attacker can tamper with them, likely to get the access rights of another user.

An attacker can therefore tamper with the SSO service of F5 BIG-IP APM, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert 19882

Dell OpenManage: external XML entity injection via Server Administrator

Synthesis of the vulnerability

An attacker can transmit malicious XML data via Server Administrator to Dell OpenManage, in order to read a file, scan sites, or trigger a denial of service.
Severity: 2/4.
Creation date: 14/06/2016.
Identifiers: VIGILANCE-VUL-19882.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

XML data can contain external entities (DTD):
  <!ENTITY name SYSTEM "file">
  <!ENTITY name SYSTEM "http://server/file">
A program which reads these XML data can replace these entities by data coming from the indicated file. When the program uses XML data coming from an untrusted source, this behavior leads to:
 - content disclosure from files of the server
 - private web site scan
 - a denial of service by opening a blocking file
This feature must be disabled to process XML data coming from an untrusted source.

However, the Dell OpenManage parser allows external entities.

An attacker can therefore transmit malicious XML data via Server Administrator to Dell OpenManage, in order to read a file, scan sites, or trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 19881

Joomla com_payplans: SQL injection via group_id

Synthesis of the vulnerability

An attacker can use a SQL injection via group_id of Joomla com_payplans, in order to read or alter data.
Severity: 2/4.
Creation date: 14/06/2016.
Identifiers: VIGILANCE-VUL-19881.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Joomla com_payplans product uses a database.

However, data from the request parameter group_id are directly inserted in a SQL query.

An attacker can therefore use a SQL injection via group_id of Joomla com_payplans, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1141 1161 1181 1201 1221 1241 1261 1281 1301 1321 1341 1361 1381 1401 1421 1441 1461 1481 1501 1521 1541 1561 1581 1601 1621 1641 1661 1681 1701 1721 1741 1761 1781 1801 1821 1841 1861 1871 1872 1873 1874 1875 1876 1877 1878 1879 1881 1883 1884 1885 1886 1887 1888 1889 1890 1891 1901 1921 1941 1961 1981 2001 2021 2041 2061 2081 2101 2121 2141 2161 2181 2201 2221 2241 2261 2281 2301 2321 2341 2361 2381 2401 2421 2441 2461 2481 2501 2521 2541 2561 2581 2601 2621 2641 2661 2681 2701 2721 2741 2761 2781 2801 2821 2841 2861 2881 2901 2921 2924