The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of IBM Notes

vulnerability announce CVE-2016-9840 CVE-2016-9841 CVE-2016-9842

zlib: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of zlib.
Impacted products: iOS by Apple, iPhone, Mac OS X, Debian, Fedora, AIX, DB2 UDB, Domino, MQSeries, Notes, Security Directory Server, SPSS Statistics, Kubernetes, MariaDB ~ precise, MySQL Community, MySQL Enterprise, Java OpenJDK, openSUSE, openSUSE Leap, Java Oracle, Oracle OIT, Solaris, Percona Server, Python, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Nessus, zlib.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 05/12/2016.
Identifiers: 1997877, 2001520, 2003212, 2004735, 2005160, 2005255, 2006014, 2006017, 2007242, 2010282, 2011648, 2014202, APPLE-SA-2017-09-19-1, APPLE-SA-2017-09-25-1, APPLE-SA-2017-09-25-4, bulletinapr2017, bulletinoct2018, CERTFR-2018-AVI-288, cpujul2018, cpuoct2017, cpuoct2018, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, DLA-1725-1, FEDORA-2018-242f6c1a41, FEDORA-2018-55b875c1ac, HT208144, ibm10718843, openSUSE-SU-2016:3202-1, openSUSE-SU-2017:0077-1, openSUSE-SU-2017:0080-1, openSUSE-SU-2017:2998-1, openSUSE-SU-2018:0042-1, openSUSE-SU-2018:3478-1, openSUSE-SU-2019:0327-1, RHSA-2017:1220-01, RHSA-2017:1221-01, RHSA-2017:1222-01, RHSA-2017:2999-01, RHSA-2017:3046-01, RHSA-2017:3047-01, SSA:2018-309-01, SUSE-SU-2017:1384-1, SUSE-SU-2017:1386-1, SUSE-SU-2017:1387-1, SUSE-SU-2017:1444-1, SUSE-SU-2017:2989-1, SUSE-SU-2017:3369-1, SUSE-SU-2017:3411-1, SUSE-SU-2017:3440-1, SUSE-SU-2017:3455-1, SUSE-SU-2018:0005-1, SUSE-SU-2018:3542-1, SUSE-SU-2018:3972-1, SUSE-SU-2018:4211-1, SUSE-SU-2019:0119-1, SUSE-SU-2019:0555-1, SUSE-SU-2019:2048-1, TNS-2018-08, VIGILANCE-VUL-21262.

Description of the vulnerability

Several vulnerabilities were announced in zlib.

An attacker can generate a memory corruption via Deflate External Linkage, in order to trigger a denial of service, and possibly to run code. [severity:2/4]

A pointer error may have a consequence. [severity:1/4]

An attacker can force a read at an invalid address via inftrees.c, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-9840, CVE-2016-9841]

A negative number shift is undefined. [severity:1/4; CVE-2016-9842]

An attacker can force a read at an invalid address via Big-endian Pointer, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-9843]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2016-5542 CVE-2016-5554 CVE-2016-5556

Oracle Java: vulnerabilities of October 2016

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Oracle Java.
Impacted products: Debian, Avamar, Fedora, AIX, Domino, Notes, IRAD, QRadar SIEM, Tivoli Storage Manager, Tivoli System Automation, WebSphere AS Traditional, IBM WebSphere ESB, WebSphere MQ, Junos Space, SnapManager, Java OpenJDK, openSUSE, openSUSE Leap, Java Oracle, JavaFX, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, data deletion, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 7.
Creation date: 19/10/2016.
Identifiers: 1993440, 1994049, 1994123, 1994478, 1997764, 1999054, 1999395, 1999474, 1999478, 1999479, 1999488, 1999532, 2000212, 2000544, 2000904, 2000988, 2000990, 2001608, 2002331, 2002479, 2002537, 2003145, 2004036, 491108, CERTFR-2016-AVI-349, CERTFR-2017-AVI-012, cpuoct2016, CVE-2016-5542, CVE-2016-5554, CVE-2016-5556, CVE-2016-5568, CVE-2016-5573, CVE-2016-5582, CVE-2016-5597, DLA-704-1, DSA-3707-1, ESA-2016-137, FEDORA-2016-73054cfeeb, JSA10770, NTAP-20161019-0001, openSUSE-SU-2016:2862-1, openSUSE-SU-2016:2900-1, openSUSE-SU-2016:2985-1, openSUSE-SU-2016:2990-1, openSUSE-SU-2016:3088-1, RHSA-2016:2079-01, RHSA-2016:2088-01, RHSA-2016:2089-01, RHSA-2016:2090-01, RHSA-2016:2136-01, RHSA-2016:2137-01, RHSA-2016:2138-01, RHSA-2016:2658-01, RHSA-2016:2659-01, RHSA-2017:0061-01, SUSE-SU-2016:2887-1, SUSE-SU-2016:3010-1, SUSE-SU-2016:3040-1, SUSE-SU-2016:3041-1, SUSE-SU-2016:3043-1, SUSE-SU-2016:3068-1, SUSE-SU-2016:3078-1, USN-3121-1, USN-3130-1, USN-3154-1, VIGILANCE-VUL-20906, ZDI-16-571.

Description of the vulnerability

Several vulnerabilities were announced in Oracle Java.

An attacker can use a vulnerability via 2D, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-5556]

An attacker can use a vulnerability via AWT, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-5568, ZDI-16-571]

An attacker can use a vulnerability via Hotspot, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-5582]

An attacker can use a vulnerability via Hotspot, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-5573]

An attacker can use a vulnerability via Networking, in order to obtain information. [severity:2/4; CVE-2016-5597]

An attacker can use a vulnerability via JMX, in order to alter information. [severity:2/4; CVE-2016-5554]

An attacker can use a vulnerability via Libraries, in order to alter information. [severity:1/4; CVE-2016-5542]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-2052

HarfBuzz: memory corruption

Synthesis of the vulnerability

An attacker can generate a memory corruption of HarfBuzz, in order to trigger a denial of service, and possibly to run code.
Impacted products: Notes, openSUSE, openSUSE Leap, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 16/08/2016.
Identifiers: 1983969, 1984073, 1987066, 1990410, CVE-2016-2052, openSUSE-SU-2016:2082-1, openSUSE-SU-2017:2488-1, USN-3067-1, VIGILANCE-VUL-20398.

Description of the vulnerability

An attacker can generate a memory corruption of HarfBuzz, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2015-8947

HarfBuzz: out-of-bounds memory reading via hb-ot-layout-gpos-table.hh

Synthesis of the vulnerability

An attacker can force a read at an invalid address via hb-ot-layout-gpos-table.hh of HarfBuzz, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Notes, openSUSE, openSUSE Leap, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 16/08/2016.
Identifiers: 1983969, 1984073, 1987066, 1990410, CVE-2015-8947, openSUSE-SU-2016:2082-1, openSUSE-SU-2017:2488-1, USN-3067-1, VIGILANCE-VUL-20397.

Description of the vulnerability

An attacker can force a read at an invalid address via hb-ot-layout-gpos-table.hh of HarfBuzz, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-3458 CVE-2016-3485 CVE-2016-3498

Oracle Java: vulnerabilities of July 2016

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Oracle Java.
Impacted products: Debian, VNX Operating Environment, VNX Series, BIG-IP Hardware, TMOS, Fedora, AIX, Domino, Notes, IRAD, SPSS Statistics, Tivoli Storage Manager, Tivoli System Automation, WebSphere AS Traditional, IBM WebSphere ESB, WebSphere MQ, JAXP, ePO, Java OpenJDK, openSUSE, openSUSE Leap, Java Oracle, JavaFX, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading, data creation/edition, data deletion, denial of service on service, denial of service on client.
Provenance: user account.
Number of vulnerabilities in this bulletin: 13.
Creation date: 20/07/2016.
Identifiers: 1988339, 1988894, 1988978, 1989049, 1989337, 1990031, 1990448, 1991383, 1991909, 1991910, 1991911, 1991913, 1991997, 1995792, 1995799, 2001630, 2007242, 486953, CERTFR-2016-AVI-243, cpujul2016, CVE-2016-3458, CVE-2016-3485, CVE-2016-3498, CVE-2016-3500, CVE-2016-3503, CVE-2016-3508, CVE-2016-3511, CVE-2016-3550, CVE-2016-3552, CVE-2016-3587, CVE-2016-3598, CVE-2016-3606, CVE-2016-3610, DLA-579-1, DSA-3641-1, ESA-2016-099, FEDORA-2016-588e386aaa, FEDORA-2016-c07d18b2a5, FEDORA-2016-c60d35c46c, openSUSE-SU-2016:2050-1, openSUSE-SU-2016:2051-1, openSUSE-SU-2016:2052-1, openSUSE-SU-2016:2058-1, RHSA-2016:1458-01, RHSA-2016:1475-01, RHSA-2016:1476-01, RHSA-2016:1477-01, RHSA-2016:1504-01, RHSA-2016:1587-01, RHSA-2016:1588-01, RHSA-2016:1589-01, RHSA-2016:1776-01, SB10166, SOL05016441, SOL25075696, SUSE-SU-2016:1997-1, SUSE-SU-2016:2012-1, SUSE-SU-2016:2261-1, SUSE-SU-2016:2286-1, SUSE-SU-2016:2347-1, SUSE-SU-2016:2348-1, SUSE-SU-2016:2726-1, USN-3043-1, USN-3062-1, USN-3077-1, VIGILANCE-VUL-20169, ZDI-16-445, ZDI-16-446, ZDI-16-447, ZDI-16-448.

Description of the vulnerability

Several vulnerabilities were announced in Oracle Communications.

An attacker can use a vulnerability via Hotspot, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-3587, ZDI-16-448]

An attacker can use a vulnerability via Hotspot, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-3606, ZDI-16-447]

An attacker can use a vulnerability via Libraries, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-3598, ZDI-16-446]

An attacker can use a vulnerability via Libraries, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-3610, ZDI-16-445]

An attacker can use a vulnerability via Install, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-3552]

An attacker can use a vulnerability via Deployment, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-3511]

An attacker can use a vulnerability via Install, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-3503]

An attacker can use a vulnerability via JavaFX, in order to trigger a denial of service. [severity:2/4; CVE-2016-3498]

An attacker can use a vulnerability via JAXP, in order to trigger a denial of service. [severity:2/4; CVE-2016-3500]

An attacker can use a vulnerability via JAXP, in order to trigger a denial of service. [severity:2/4; CVE-2016-3508]

An attacker can use a vulnerability via CORBA, in order to alter information. [severity:2/4; CVE-2016-3458]

An attacker can use a vulnerability via Hotspot, in order to alter information, or to trigger a denial of service. [severity:2/4; CVE-2016-3550]

An attacker can use a vulnerability via Networking, in order to alter information. [severity:1/4; CVE-2016-3485]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-2542

Flexera InstallShield, JRSoft Inno Setup: code execution via DLL-planting

Synthesis of the vulnerability

An attacker can create a malicious DLL for Flexera InstallShield or JRSoft Inno Setup, in order to run code with administrator privileges.
Impacted products: NetWorker, FortiClient, DB2 UDB, Notes, Tivoli Storage Manager, WebSphere MQ, Notepad++, PuTTY, X2GoClient.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: document.
Creation date: 09/05/2016.
Revisions dates: 02/06/2016, 06/07/2016.
Identifiers: 1610582, 1978168, 1978363, 1979808, 1980839, 1982467, 1982741, 1982809, 1983796, 1983797, 1983813, 1983814, 1983815, 1984184, 1984743, 1984863, 494999, CVE-2016-2542, ESA-2017-008, FG-IR-16-046, VIGILANCE-VUL-19558.

Description of the vulnerability

The products Flexera InstallShield and JRSoft Inno Setup are used to create installation program for software packages.

In some cases, the generated programs load extension modules the name and possible locations depend on the considered package. However, in some cases, the installer looks for these extension DLL in folders which are writeable by unprivileged users, while the installation program that loads and run this DLL is expected to be run by an administrator. A typical case of this is the download folder of a browser. One should note that these installers are expected to be run only a few times, so possibilities of exploit attempts are rare.

This bug has also been reported for other products in the bulletin VIGILANCE-VUL-18671.

An attacker can therefore create a malicious DLL for Flexera InstallShield or JRSoft Inno Setup, in order to run code with administrator privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2016-4463

Apache Xerces-C: denial of service via a deeply nested DTD

Synthesis of the vulnerability

An attacker can submit an XML document including a deeply nested DTD to Apache Xerces-C, in order to trigger a denial of service.
Impacted products: Xerces-C++, Debian, BIG-IP Hardware, TMOS, Fedora, Notes, McAfee Web Gateway, openSUSE, openSUSE Leap, Oracle Communications, RHEL, Shibboleth SP, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 30/06/2016.
Identifiers: 1983969, 1984073, 1987066, 1990410, cpujul2018, CVE-2016-4463, DLA-535-1, DSA-3610-1, FEDORA-2016-0a061f6dd9, FEDORA-2016-7615febbd6, FEDORA-2016-84373c5f4f, FEDORA-2016-87e8468465, FEDORA-2016-9284772686, FEDORA-2016-d2d6890690, FEDORA-2018-51ce232320, openSUSE-SU-2016:1808-1, openSUSE-SU-2016:2232-1, RHSA-2018:3335-01, RHSA-2018:3506-01, RHSA-2018:3514-01, SB10276, SOL70191975, SUSE-SU-2018:3277-1, VIGILANCE-VUL-20001.

Description of the vulnerability

The Apache Xerces-C XML parser handles Document Type Definition, including the internal part in an XML document.

DTDs are recursively parsed. However, Xerces does not limit the depth of the element definitions in the DTD. So a very deeply nested DTD can make the parser stack grow until its limit. This overflow kills the application process.

An attacker can therefore submit an XML document including a deeply nested DTD to Apache Xerces-C, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2016-4472

expat: denial of service via a CHM file

Synthesis of the vulnerability

An attacker can raise a fatal error in pointer arithmetic in expat, while processing a CHM file, in order to make expat crash.
Impacted products: Fedora, Notes, WebSphere AS Traditional, Python, Slackware, Nessus, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 20/06/2016.
Identifiers: 1988026, 1990421, 1990658, CERTFR-2018-AVI-288, CVE-2016-4472, FEDORA-2016-0fd6ca526a, FEDORA-2016-60889583ab, FEDORA-2016-7c6e7a9265, SSA:2016-359-01, SSA:2017-266-02, SSA:2018-124-01, TNS-2018-08, USN-3013-1, VIGILANCE-VUL-19932.

Description of the vulnerability

An attacker can raise a fatal error in pointer arithmetic in expat, while processing a CHM file, in order to make expat crash.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2012-6702

expat: unsuitable use of pseudo random number generator

Synthesis of the vulnerability

The change that aimed fix VIGILANCE-VUL-11420.introduced a wrong initialisation of the pseudo random number generator.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, Android OS, Notes, openSUSE Leap, Slackware, Nessus, Ubuntu.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 08/06/2016.
Identifiers: 1990421, 1990658, CERTFR-2018-AVI-288, CVE-2012-6702, DLA-508-1, DSA-3597-1, FEDORA-2016-0fd6ca526a, FEDORA-2016-60889583ab, FEDORA-2016-7c6e7a9265, K65460334, openSUSE-SU-2017:0483-1, SSA:2016-359-01, TNS-2018-08, USN-3010-1, USN-3013-1, VIGILANCE-VUL-19837.

Description of the vulnerability

The change that aimed fix VIGILANCE-VUL-11420.introduced a wrong initialisation of the pseudo random number generator
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2016-5300

expat: denial of service via hash collision

Synthesis of the vulnerability

An attacker can trigger collisions in hash tables, in order to reduce performances of applications using expat.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, Android OS, Notes, openSUSE Leap, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle Internet Directory, Tuxedo, WebLogic, Python, Slackware, Nessus, Ubuntu.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 08/06/2016.
Identifiers: 1990421, 1990658, CERTFR-2018-AVI-288, cpujul2018, CVE-2016-5300, DLA-508-1, DSA-3597-1, FEDORA-2016-0fd6ca526a, FEDORA-2016-60889583ab, FEDORA-2016-7c6e7a9265, K70938105, openSUSE-SU-2017:0483-1, SOL70938105, SSA:2016-359-01, SSA:2018-124-01, TNS-2018-08, USN-3010-1, USN-3013-1, VIGILANCE-VUL-19836.

Description of the vulnerability

An attacker can trigger collisions in hash tables, in order to reduce performances of applications using expat. The origin vulnerability is described in VIGILANCE-VUL-11420.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about IBM Notes: