The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Micro Focus openSUSE

vulnerability bulletin CVE-2016-10013

Xen: privilege escalation via SYSCALL

Synthesis of the vulnerability

An attacker can trigger a debug trap on a SYSCALL instruction in a guest system managed by Xen, in order to get guest operating system privileges on non Linux systems.
Impacted products: Debian, Fedora, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 2/4.
Creation date: 20/12/2016.
Identifiers: CERTFR-2016-AVI-424, CVE-2016-10013, DLA-783-1, FEDORA-2016-92e3ea2d1b, FEDORA-2016-bc02bff7f5, openSUSE-SU-2017:0005-1, openSUSE-SU-2017:0007-1, openSUSE-SU-2017:0008-1, SUSE-SU-2016:3207-1, SUSE-SU-2016:3208-1, SUSE-SU-2016:3221-1, SUSE-SU-2016:3241-1, VIGILANCE-VUL-21423, XSA-204.

Description of the vulnerability

Processing the interrupts, exceptions and traps is part of the job of the hypervisor Xen.

A user program like a debugger in a guest system can define the conditions that trigger debug traps. However, Xen wrongly handles one of these traps when it applies to a SYSCALL instruction, which triggers a privilege transition as part of the processing of system calls.

An attacker can therefore trigger a debug trap on a SYSCALL instruction in a guest system managed by Xen, in order to get guest operating system privileges on non Linux systems.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability alert CVE-2016-9932

Xen: information disclosure via CMPXCHG8B

Synthesis of the vulnerability

A local attacker, inside a guest system, can use an instruction CMPXCHG8B, in order to fetch some bytes of Xen' stack, on the host system.
Impacted products: XenServer, Fedora, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 1/4.
Creation date: 14/12/2016.
Identifiers: CERTFR-2016-AVI-418, CERTFR-2016-AVI-428, CTX219378, CVE-2016-9932, FEDORA-2016-1b868c23a9, FEDORA-2016-bcbae0781f, openSUSE-SU-2017:0005-1, openSUSE-SU-2017:0007-1, openSUSE-SU-2017:0008-1, SUSE-SU-2016:3207-1, SUSE-SU-2016:3208-1, SUSE-SU-2016:3221-1, SUSE-SU-2016:3241-1, VIGILANCE-VUL-21386, XSA-200.

Description of the vulnerability

The Xen product can emulate x86 instructions.

Some instructions may be modified with an operand size prefix that states the length of the memory access. Thus prefix should not be taken into account for the instruction CMPXCHG8B. However, some parts of the hypervisor do use it.

A local attacker, inside a guest system, can therefore use an instruction CMPXCHG8B, in order to fetch some bytes of Xen' stack, on the host system.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2016-9572 CVE-2016-9573

OpenJPEG: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of OpenJPEG.
Impacted products: Debian, Fedora, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Creation date: 12/12/2016.
Identifiers: CVE-2016-9572, CVE-2016-9573, DSA-3678-1, FEDORA-2016-0b80dcfe5a, FEDORA-2016-52a1b18397, FEDORA-2016-89ee54c661, FEDORA-2016-fc8577bf00, openSUSE-SU-2017:0155-1, openSUSE-SU-2017:0185-1, openSUSE-SU-2017:0207-1, SUSE-SU-2016:3270-1, VIGILANCE-VUL-21351.

Description of the vulnerability

Several vulnerabilities were announced in OpenJPEG.

An unknown vulnerability was announced. [severity:2/4; CVE-2016-9572]

An unknown vulnerability was announced. [severity:2/4; CVE-2016-9573]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2016-9935 CVE-2016-9936

PHP: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of PHP.
Impacted products: Debian, openSUSE, openSUSE Leap, PHP, Slackware, Ubuntu.
Severity: 2/4.
Creation date: 08/12/2016.
Identifiers: 61183, 71494, 72978, 73087, 73392, 73631, CVE-2016-9935, CVE-2016-9936, DLA-818-1, DSA-3737-1, openSUSE-SU-2016:3239-1, openSUSE-SU-2017:0061-1, openSUSE-SU-2017:0081-1, SSA:2016-347-03, USN-3196-1, VIGILANCE-VUL-21327.

Description of the vulnerability

Several vulnerabilities were announced in PHP.

An attacker can create a memory leak via Spl Hash, in order to trigger a denial of service. [severity:1/4]

An attacker can generate an integer overflow via Calendar, in order to trigger a denial of service, and possibly to run code. [severity:2/4]

An attacker can force the usage of a freed memory area via Zend Allocator Management, in order to trigger a denial of service, and possibly to run code. [severity:2/4; 73392]

An attacker can generate a memory corruption via PDO_Firebird bindParam, in order to trigger a denial of service, and possibly to run code. [severity:2/4; 61183, 71494, 73087]

An attacker can create a memory leak via wddx, in order to trigger a denial of service. [severity:1/4; 73631, CVE-2016-9935]

An unknown vulnerability was announced via wddx. [severity:2/4; 73631, CVE-2016-9935]

An attacker can force the usage of a freed memory area via unserialize(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; 72978, CVE-2016-9936]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability announce CVE-2016-9840 CVE-2016-9841 CVE-2016-9842

zlib: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of zlib.
Impacted products: openSUSE, openSUSE Leap, zlib.
Severity: 2/4.
Creation date: 05/12/2016.
Identifiers: CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, openSUSE-SU-2016:3202-1, openSUSE-SU-2017:0077-1, openSUSE-SU-2017:0080-1, VIGILANCE-VUL-21262.

Description of the vulnerability

Several vulnerabilities were announced in zlib.

An attacker can generate a memory corruption via Deflate External Linkage, in order to trigger a denial of service, and possibly to run code. [severity:2/4]

A pointer error may have a consequence. [severity:1/4]

An attacker can force a read at an invalid address via inftrees.c, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-9840, CVE-2016-9841]

A negative number shift is undefined. [severity:1/4; CVE-2016-9842]

An attacker can force a read at an invalid address via Big-endian Pointer, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-9843]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability alert CVE-2016-4412 CVE-2016-9847 CVE-2016-9848

phpMyAdmin: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of phpMyAdmin.
Impacted products: Debian, Fedora, openSUSE, openSUSE Leap, phpMyAdmin, Synology DSM, Synology DS***, Synology RS***.
Severity: 2/4.
Creation date: 25/11/2016.
Identifiers: CERTFR-2016-AVI-390, CVE-2016-4412, CVE-2016-9847, CVE-2016-9848, CVE-2016-9849, CVE-2016-9850, CVE-2016-9851, CVE-2016-9852, CVE-2016-9853, CVE-2016-9854, CVE-2016-9855, CVE-2016-9856, CVE-2016-9857, CVE-2016-9858, CVE-2016-9859, CVE-2016-9860, CVE-2016-9861, CVE-2016-9862, CVE-2016-9863, CVE-2016-9864, CVE-2016-9865, CVE-2016-9866, DLA-757-1, FEDORA-2016-2424eeca35, FEDORA-2016-6576a8536b, FEDORA-2016-7fc142da66, openSUSE-SU-2016:3007-1, PMASA-2016-57, PMASA-2016-58, PMASA-2016-59, PMASA-2016-60, PMASA-2016-61, PMASA-2016-62, PMASA-2016-63, PMASA-2016-64, PMASA-2016-65, PMASA-2016-66, PMASA-2016-67, PMASA-2016-68, PMASA-2016-69, PMASA-2016-70, PMASA-2016-71, VIGILANCE-VUL-21206.

Description of the vulnerability

Several vulnerabilities were announced in phpMyAdmin.

An attacker can deceive the user, in order to redirect him to a malicious site. [severity:1/4; CVE-2016-4412, PMASA-2016-57]

An attacker can bypass security features via blowfish_secret, in order to obtain sensitive information. [severity:2/4; CVE-2016-9847, PMASA-2016-58]

An attacker can bypass security features via HttpOnly Cookies, in order to obtain sensitive information. [severity:1/4; CVE-2016-9848, PMASA-2016-59]

An attacker can bypass security features via Null Byte, in order to escalate his privileges. [severity:2/4; CVE-2016-9849, PMASA-2016-60]

An attacker can bypass security features via Allow/deny Rules, in order to escalate his privileges. [severity:2/4; CVE-2016-9850, PMASA-2016-61]

An attacker can bypass security features via Logout Timeout, in order to escalate his privileges. [severity:1/4; CVE-2016-9851, PMASA-2016-62]

An attacker can bypass security features via Full Path Disclosure, in order to obtain sensitive information. [severity:1/4; CVE-2016-9852, CVE-2016-9853, CVE-2016-9854, CVE-2016-9855, PMASA-2016-63]

An attacker can trigger a Cross Site Scripting, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2016-9856, CVE-2016-9857, PMASA-2016-64]

An attacker can trigger a fatal error, in order to trigger a denial of service. [severity:2/4; CVE-2016-9858, CVE-2016-9859, CVE-2016-9860, PMASA-2016-65]

An attacker can deceive the user, in order to redirect him to a malicious site. [severity:1/4; CVE-2016-9861, PMASA-2016-66]

An attacker can use a vulnerability via BBCode, in order to run code. [severity:2/4; CVE-2016-9862, PMASA-2016-67]

An attacker can trigger a fatal error via Table Partitioning, in order to trigger a denial of service. [severity:2/4; CVE-2016-9863, PMASA-2016-68]

An attacker can use a SQL injection, in order to read or alter data. [severity:2/4; CVE-2016-9864, PMASA-2016-69]

An attacker can use a vulnerability via PMA_safeUnserialize, in order to run code. [severity:2/4; CVE-2016-9865, PMASA-2016-70]

An attacker can trigger a Cross Site Request Forgery, in order to force the victim to perform operations. [severity:2/4; CVE-2016-9866, PMASA-2016-71]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability bulletin CVE-2016-7067

Monit: Cross Site Request Forgery

Synthesis of the vulnerability

An attacker can trigger a Cross Site Request Forgery of Monit, in order to force the victim to perform operations.
Impacted products: Debian, openSUSE, openSUSE Leap.
Severity: 2/4.
Creation date: 23/11/2016.
Identifiers: CVE-2016-7067, DLA-732-1, DLA-732-2, DLA-732-3, openSUSE-SU-2016:2877-1, VIGILANCE-VUL-21193.

Description of the vulnerability

The Monit product offers a web service.

However, the origin of queries is not checked. They can for example originate from an image included in an HTML document.

An attacker can therefore trigger a Cross Site Request Forgery of Monit, in order to force the victim to perform operations.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2016-9445 CVE-2016-9446 CVE-2016-9447

GStreamer Plugin: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of GStreamer Plugin.
Impacted products: Debian, Fedora, openSUSE, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 16/11/2016.
Revision date: 21/11/2016.
Identifiers: CVE-2016-9445, CVE-2016-9446, CVE-2016-9447, DLA-712-1, DSA-3713-1, DSA-3717-1, FEDORA-2016-a3bc78de2b, FEDORA-2016-a82e35272c, FEDORA-2016-c4004fe99e, FEDORA-2016-fdedfc86d0, openSUSE-SU-2016:3147-1, openSUSE-SU-2016:3158-1, openSUSE-SU-2017:0072-1, openSUSE-SU-2017:0075-1, RHSA-2016:2974-01, SUSE-SU-2016:3297-1, USN-3135-1, USN-3135-2, VIGILANCE-VUL-21129.

Description of the vulnerability

Several vulnerabilities were announced in GStreamer Plugin.

An attacker can generate an integer overflow via vmnc_handle_wmvi_rectangle, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-9445]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-9446]

An attacker can generate a memory corruption via NES Sound Format, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-9447]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2016-7478 CVE-2016-9933 CVE-2016-9934

PHP: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of PHP.
Impacted products: Mac OS X, Debian, openSUSE, openSUSE Leap, PHP, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 10/11/2016.
Identifiers: 72482, 72696, 73093, 73213, 73279, 73280, 73331, 73418, CVE-2016-7478, CVE-2016-9933, CVE-2016-9934, DLA-818-1, DSA-3732-1, DSA-3732-2, HT207483, openSUSE-SU-2016:3239-1, openSUSE-SU-2017:0061-1, openSUSE-SU-2017:0081-1, SSA:2016-347-03, SUSE-SU-2017:0534-1, USN-3196-1, VIGILANCE-VUL-21091.

Description of the vulnerability

Several vulnerabilities were announced in PHP.

An attacker can generate an integer overflow via imageline(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; 73213]

An attacker can generate an integer overflow via gdImageScaleBilinearPalette(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; 73279]

An attacker can generate a buffer overflow via dynamicGetbuf(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; 73280]

An attacker can generate a memory corruption via gdImageAALine(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; 72482]

An attacker can generate a buffer overflow via imagefilltoborder(), in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-21458). [severity:2/4; 72696, CVE-2016-9933]

An attacker can generate an integer overflow via _php_imap_mail(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; 73418]

An attacker can force a NULL pointer to be dereferenced via WDDX Packet Deserialization, in order to trigger a denial of service. [severity:1/4; 73331, CVE-2016-9934]

An attacker can generate an infinite loop via Unserialize Exception, in order to trigger a denial of service. [severity:2/4; 73093, CVE-2016-7478]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2016-9273

LibTIFF: buffer overflow via TIFFNumberOfStrips

Synthesis of the vulnerability

An attacker can generate a buffer overflow via TIFFNumberOfStrips of LibTIFF, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, LibTIFF, openSUSE, openSUSE Leap.
Severity: 2/4.
Creation date: 10/11/2016.
Identifiers: 2587, CVE-2016-9273, DLA-716-1, DSA-3762-1, openSUSE-SU-2016:3035-1, openSUSE-SU-2017:0074-1, VIGILANCE-VUL-21088.

Description of the vulnerability

The LibTIFF product offers a web service.

However, if the size of data is greater than the size of the storage array, an overflow occurs.

An attacker can therefore generate a buffer overflow via TIFFNumberOfStrips of LibTIFF, in order to trigger a denial of service, and possibly to run code.
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Micro Focus openSUSE: