The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Debian Jessie

vulnerability CVE-2016-9830

GraphicsMagick: denial of service via identify jng

Synthesis of the vulnerability

An attacker can generate a fatal error via identify jng of GraphicsMagick, in order to trigger a denial of service.
Impacted products: Debian, openSUSE Leap.
Severity: 1/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 22/12/2016.
Identifiers: CVE-2016-9830, DSA-3746-1, openSUSE-SU-2016:3238-1, VIGILANCE-VUL-21460.

Description of the vulnerability

An attacker can generate a fatal error via identify jng of GraphicsMagick, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-9933

gd: denial of service via gdImageFillToBorder

Synthesis of the vulnerability

An attacker can generate a fatal error via gdImageFillToBorder() of gd, in order to trigger a denial of service.
Impacted products: Mac OS X, Debian, FortiAnalyzer, FortiAnalyzer Virtual Appliance, FortiGate, FortiGate Virtual Appliance, FortiOS, openSUSE, openSUSE Leap, RHEL, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 22/12/2016.
Identifiers: CERTFR-2017-AVI-237, CVE-2016-9933, DLA-758-1, DSA-3751-1, FG-IR-17-051, HT207483, openSUSE-SU-2016:3228-1, openSUSE-SU-2017:0006-1, openSUSE-SU-2017:0061-1, openSUSE-SU-2017:0081-1, openSUSE-SU-2017:0598-1, RHSA-2018:1296-01, USN-3213-1, VIGILANCE-VUL-21458.

Description of the vulnerability

An attacker can generate a fatal error via gdImageFillToBorder() of gd, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-1000338 CVE-2016-1000339 CVE-2016-1000340

Bouncy Castle: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Bouncy Castle.
Impacted products: Bouncy Castle JCE, Debian, Juniper SBR, openSUSE Leap, Ubuntu.
Severity: 3/4.
Consequences: data reading, data creation/edition.
Provenance: document.
Number of vulnerabilities in this bulletin: 8.
Creation date: 22/12/2016.
Identifiers: CERTFR-2019-AVI-325, CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340, CVE-2016-1000341, CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000344, CVE-2016-1000345, CVE-2016-1000346, CVE-2016-1000352, DLA-1418-1, JSA10939, openSUSE-SU-2018:1689-1, RHSA-2018:2669-01, USN-3727-1, VIGILANCE-VUL-21455.

Description of the vulnerability

Several vulnerabilities were announced in Bouncy Castle.

An attacker can tamper with DSA/ECDSA signed data, without failure of the signature check. [severity:3/4; CVE-2016-1000338, CVE-2016-1000342]

A local attacker can measure the AES implementation speed, in order to get information about the secret key. [severity:1/4; CVE-2016-1000339]

The ECDH implementation of arithmetic for large integers includes carry propagation bugs. [severity:1/4; CVE-2016-1000340]

An attacker can time a DSA signature in order to get information about the private key. [severity:1/4; CVE-2016-1000341]

The default size of DSA keys is too small. [severity:1/4; CVE-2016-1000343]

The ECIES and DHIES algorithm accept the ECB mode. [severity:1/4; CVE-2016-1000344, CVE-2016-1000352]

An attacker can time decryption of blindly modified ciphertext, in order to get information about the corresponding plain text. [severity:1/4; CVE-2016-1000345]

An attacker can make use invalid DH public keys, in order to get information about the related private keys. [severity:1/4; CVE-2016-1000346]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-0736 CVE-2016-2161 CVE-2016-8743

Apache httpd: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Apache httpd.
Impacted products: Apache httpd, Mac OS X, Debian, BIG-IP Hardware, TMOS, Fedora, HP-UX, Junos Space, openSUSE Leap, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, TrendMicro ServerProtect, Ubuntu.
Severity: 3/4.
Consequences: data reading, data creation/edition, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 21/12/2016.
Revision date: 22/12/2016.
Identifiers: 1117414, APPLE-SA-2017-09-25-1, CVE-2016-0736, CVE-2016-2161, CVE-2016-8743, DLA-841-1, DLA-841-2, DSA-3796-1, DSA-3796-2, FEDORA-2016-8d9b62c784, FEDORA-2016-d22f50d985, HPESBUX03725, HT207615, HT208144, HT208221, JSA10838, K00373024, openSUSE-SU-2017:0897-1, openSUSE-SU-2017:0903-1, openSUSE-SU-2018:2856-1, RHSA-2017:0906-01, RHSA-2017:1721-01, SSA:2016-358-01, SUSE-SU-2018:2554-1, SUSE-SU-2018:2815-1, USN-3279-1, USN-3373-1, VIGILANCE-VUL-21434.

Description of the vulnerability

Several vulnerabilities were announced in Apache httpd.

An attacker can tamper with encrypted session data, in order to get knowledge of the plain text value. [severity:1/4; CVE-2016-0736]

An attacker can trigger a fatal error in case of use of shared memory, in order to trigger a denial of service. [severity:2/4; CVE-2016-2161]

An attacker can make profit of syntax error recovery to tamper with HTTP responses headers and bodies. [severity:3/4; CVE-2016-8743]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-9878

Spring Framework: directory traversal via ResourceServlet

Synthesis of the vulnerability

An attacker can traverse directories via ResourceServlet of Spring Framework, in order to read a file outside the service root path.
Impacted products: Debian, Fedora, QRadar SIEM, MariaDB ~ precise, MySQL Community, MySQL Enterprise, Percona Server, Spring Framework, SAS Add-in for Microsoft Office, SAS Analytics Pro, Base SAS Software, SAS Enterprise BI Server, SAS Enterprise Guide, SAS Grid Computing, SAS Management Console, SAS OLAP Server, SAS SAS/ACCESS, SAS SAS/AF, SAS SAS/CONNECT, SAS SAS/EIS, SAS SAS/ETS, SAS SAS/FSP, SAS SAS/GRAPH, SAS SAS/IML, SAS SAS/INSIGHT, SAS SAS/OR, SAS SAS/STAT, SAS SAS/Web Report Studio.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 22/12/2016.
Identifiers: 1996375, 2015813, CST-7122, CST-7123, CST-7124, CST-7125, CST-7126, CST-7127, CST-7128, CST-7129, CST-7130, CST-7131, CVE-2016-9878, DLA-1853-1, FEDORA-2016-f341d71730, RHSA-2017:3115-01, VIGILANCE-VUL-21453.

Description of the vulnerability

The Spring Framework product offers a web service.

However, user's data are directly inserted in an access path. Sequences such as "/.." can thus be used to go in the upper directory.

An attacker can therefore traverse directories via ResourceServlet of Spring Framework, in order to read a file outside the service root path.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-8866

ImageMagick: memory corruption via AcquireMagickMemory

Synthesis of the vulnerability

An attacker can generate a memory corruption via AcquireMagickMemory of ImageMagick, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 22/12/2016.
Identifiers: CVE-2016-8866, DLA-756-1, openSUSE-SU-2016:3233-1, openSUSE-SU-2016:3238-1, openSUSE-SU-2017:0023-1, SUSE-SU-2016:3258-1, VIGILANCE-VUL-21445.

Description of the vulnerability

An attacker can generate a memory corruption via AcquireMagickMemory of ImageMagick, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2016-10024

Xen: denial of service via X86 PV Mask Interrupt

Synthesis of the vulnerability

An attacker, inside a guest system, can generate a fatal error via X86 PV Mask Interrupt of Xen, in order to trigger a denial of service on the host system.
Impacted products: XenServer, Debian, Fedora, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: privileged shell.
Creation date: 21/12/2016.
Identifiers: CERTFR-2016-AVI-428, CTX219378, CVE-2016-10024, DLA-783-1, DSA-3847-1, FEDORA-2016-92e3ea2d1b, FEDORA-2016-bc02bff7f5, openSUSE-SU-2017:0005-1, openSUSE-SU-2017:0007-1, openSUSE-SU-2017:0008-1, SUSE-SU-2016:3207-1, SUSE-SU-2016:3208-1, SUSE-SU-2016:3221-1, SUSE-SU-2016:3241-1, SUSE-SU-2017:0718-1, VIGILANCE-VUL-21441, XSA-202.

Description of the vulnerability

An attacker, inside a guest system, can generate a fatal error via X86 PV Mask Interrupt of Xen, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-9586 CVE-2016-9952 CVE-2016-9953

cURL: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of cURL.
Impacted products: SDS, SES, SNS, OpenOffice, Mac OS X, curl, Debian, Unisphere EMC, Fedora, Juniper EX-Series, Junos OS, SRX-Series, openSUSE Leap, Solaris, RHEL, Ubuntu.
Severity: 2/4.
Consequences: client access/rights, data reading.
Provenance: internet server.
Number of vulnerabilities in this bulletin: 3.
Creation date: 21/12/2016.
Identifiers: APPLE-SA-2017-07-19-2, cpuoct2018, CVE-2016-9586, CVE-2016-9952, CVE-2016-9953, DLA-1568-1, DLA-767-1, DSA-2019-114, FEDORA-2016-86d2b5aefb, FEDORA-2016-edbb33ab2e, HT207615, HT207922, JSA10874, openSUSE-SU-2017:1105-1, RHSA-2018:3558-01, STORM-2019-002, USN-3441-1, USN-3441-2, VIGILANCE-VUL-21435.

Description of the vulnerability

Several vulnerabilities were announced in cURL.

An attacker can generate a buffer overflow via float numbers, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-9586]

On WinCE platforms, an attacker can tamper with X.501 names in the X.509 certificate validation process, in order to spoof a server. [severity:2/4; CVE-2016-9952]

On WinCE platforms, an attacker can raise a read only buffer overflow in the X.509 certificate validation process, in order to read the server process memory or crash it. [severity:2/4; CVE-2016-9953]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-9964

python-bottle: HTTP request corruption

Synthesis of the vulnerability

An attacker can call python-bottle with multiline HTTP header value, in order to inject headers in the processing of redirection.
Impacted products: Debian, Fedora.
Severity: 1/4.
Consequences: data creation/edition.
Provenance: user shell.
Creation date: 21/12/2016.
Identifiers: CVE-2016-9964, DLA-761-1, DLA-761-2, DSA-3743-1, DSA-3743-2, FEDORA-2018-6cb474b8ff, FEDORA-2018-909707fc68, VIGILANCE-VUL-21433.

Description of the vulnerability

An attacker can call python-bottle with multiline HTTP header value, in order to inject headers in the processing of redirection. See also VIGILANCE-VUL-19925.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2016-9956

flightgear: file overwrite via Nasal scripts

Synthesis of the vulnerability

A local attacker can overwrite user files via Nasal scripts for Flight Gear.
Impacted products: Debian, Fedora.
Severity: 2/4.
Consequences: data creation/edition.
Provenance: document.
Creation date: 21/12/2016.
Identifiers: CVE-2016-9956, DSA-3742-1, FEDORA-2016-01eba63bcc, FEDORA-2016-a1f774c3d7, VIGILANCE-VUL-21432.

Description of the vulnerability

A local attacker can overwrite user files via Nasal scripts for Flight Gear.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Jessie: