The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of MicroFocus openSUSE Leap

computer vulnerability CVE-2016-9756

Linux kernel: information disclosure via KVM em_x_far

Synthesis of the vulnerability

A local attacker can read a memory fragment via KVM em_jmp_far()/em_ret_far() on the Linux kernel, in order to obtain sensitive information.
Impacted products: Debian, Fedora, Linux, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Creation date: 01/12/2016.
Identifiers: CERTFR-2017-AVI-034, CERTFR-2017-AVI-042, CERTFR-2017-AVI-044, CERTFR-2017-AVI-050, CERTFR-2017-AVI-053, CERTFR-2017-AVI-054, CERTFR-2017-AVI-131, CVE-2016-9756, DLA-772-1, FEDORA-2016-5ec2475e3f, FEDORA-2016-9c17cb9648, FEDORA-2016-bbe98c341c, openSUSE-SU-2017:0002-1, SUSE-SU-2017:0333-1, SUSE-SU-2017:0407-1, SUSE-SU-2017:0437-1, SUSE-SU-2017:0464-1, SUSE-SU-2017:0471-1, SUSE-SU-2017:0494-1, SUSE-SU-2017:1102-1, USN-3167-1, USN-3167-2, USN-3168-1, USN-3168-2, VIGILANCE-VUL-21245.

Description of the vulnerability

A local attacker can read a memory fragment via KVM em_jmp_far()/em_ret_far() on the Linux kernel, in order to obtain sensitive information.

A detailed analysis was not performed for this bulletin.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability alert CVE-2016-8734

Subversion: external XML entity injection

Synthesis of the vulnerability

An attacker can transmit malicious XML data to Subversion, in order to read a file, scan sites, or trigger a denial of service.
Impacted products: Subversion, Debian, Fedora, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 29/11/2016.
Identifiers: CVE-2016-8734, DSA-3932-1, FEDORA-2017-c629f16f6c, openSUSE-SU-2016:3073-1, SUSE-SU-2017:2163-1, SUSE-SU-2017:2200-1, USN-3388-1, VIGILANCE-VUL-21236.

Description of the vulnerability

XML data can contain external entities (DTD):
  <!ENTITY name SYSTEM "file">
  <!ENTITY name SYSTEM "http://server/file">
A program which reads these XML data can replace these entities by data coming from the indicated file. When the program uses XML data coming from an untrusted source, this behavior leads to:
 - content disclosure from files of the server
 - private web site scan
 - a denial of service by opening a blocking file
This feature must be disabled to process XML data coming from an untrusted source.

However, the Subversion parser allows external entities.

An attacker can therefore transmit malicious XML data to Subversion, in order to read a file, scan sites, or trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability alert CVE-2016-4412 CVE-2016-9847 CVE-2016-9848

phpMyAdmin: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of phpMyAdmin.
Impacted products: Debian, Fedora, openSUSE, openSUSE Leap, phpMyAdmin, Synology DSM, Synology DS***, Synology RS***.
Severity: 2/4.
Creation date: 25/11/2016.
Identifiers: CERTFR-2016-AVI-390, CVE-2016-4412, CVE-2016-9847, CVE-2016-9848, CVE-2016-9849, CVE-2016-9850, CVE-2016-9851, CVE-2016-9852, CVE-2016-9853, CVE-2016-9854, CVE-2016-9855, CVE-2016-9856, CVE-2016-9857, CVE-2016-9858, CVE-2016-9859, CVE-2016-9860, CVE-2016-9861, CVE-2016-9862, CVE-2016-9863, CVE-2016-9864, CVE-2016-9865, CVE-2016-9866, DLA-757-1, DLA-834-1, FEDORA-2016-2424eeca35, FEDORA-2016-6576a8536b, FEDORA-2016-7fc142da66, openSUSE-SU-2016:3007-1, PMASA-2016-57, PMASA-2016-58, PMASA-2016-59, PMASA-2016-60, PMASA-2016-61, PMASA-2016-62, PMASA-2016-63, PMASA-2016-64, PMASA-2016-65, PMASA-2016-66, PMASA-2016-67, PMASA-2016-68, PMASA-2016-69, PMASA-2016-70, PMASA-2016-71, VIGILANCE-VUL-21206.

Description of the vulnerability

Several vulnerabilities were announced in phpMyAdmin.

An attacker can deceive the user, in order to redirect him to a malicious site. [severity:1/4; CVE-2016-4412, PMASA-2016-57]

An attacker can bypass security features via blowfish_secret, in order to obtain sensitive information. [severity:2/4; CVE-2016-9847, PMASA-2016-58]

An attacker can bypass security features via HttpOnly Cookies, in order to obtain sensitive information. [severity:1/4; CVE-2016-9848, PMASA-2016-59]

An attacker can bypass security features via Null Byte, in order to escalate his privileges. [severity:2/4; CVE-2016-9849, PMASA-2016-60]

An attacker can bypass security features via Allow/deny Rules, in order to escalate his privileges. [severity:2/4; CVE-2016-9850, PMASA-2016-61]

An attacker can bypass security features via Logout Timeout, in order to escalate his privileges. [severity:1/4; CVE-2016-9851, PMASA-2016-62]

An attacker can bypass security features via Full Path Disclosure, in order to obtain sensitive information. [severity:1/4; CVE-2016-9852, CVE-2016-9853, CVE-2016-9854, CVE-2016-9855, PMASA-2016-63]

An attacker can trigger a Cross Site Scripting, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2016-9856, CVE-2016-9857, PMASA-2016-64]

An attacker can trigger a fatal error, in order to trigger a denial of service. [severity:2/4; CVE-2016-9858, CVE-2016-9859, CVE-2016-9860, PMASA-2016-65]

An attacker can deceive the user, in order to redirect him to a malicious site. [severity:1/4; CVE-2016-9861, PMASA-2016-66]

An attacker can use a vulnerability via BBCode, in order to run code. [severity:2/4; CVE-2016-9862, PMASA-2016-67]

An attacker can trigger a fatal error via Table Partitioning, in order to trigger a denial of service. [severity:2/4; CVE-2016-9863, PMASA-2016-68]

An attacker can use a SQL injection, in order to read or alter data. [severity:2/4; CVE-2016-9864, PMASA-2016-69]

An attacker can use a vulnerability via PMA_safeUnserialize, in order to run code. [severity:2/4; CVE-2016-9865, PMASA-2016-70]

An attacker can trigger a Cross Site Request Forgery, in order to force the victim to perform operations. [severity:2/4; CVE-2016-9866, PMASA-2016-71]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability bulletin CVE-2016-7067

Monit: Cross Site Request Forgery

Synthesis of the vulnerability

An attacker can trigger a Cross Site Request Forgery of Monit, in order to force the victim to perform operations.
Impacted products: Debian, Fedora, openSUSE, openSUSE Leap.
Severity: 2/4.
Creation date: 23/11/2016.
Identifiers: CVE-2016-7067, DLA-732-1, DLA-732-2, DLA-732-3, FEDORA-2017-2d4c9a6e37, FEDORA-2017-d75a88f263, openSUSE-SU-2016:2877-1, VIGILANCE-VUL-21193.

Description of the vulnerability

The Monit product offers a web service.

However, the origin of queries is not checked. They can for example originate from an image included in an HTML document.

An attacker can therefore trigger a Cross Site Request Forgery of Monit, in order to force the victim to perform operations.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2016-7426 CVE-2016-7427 CVE-2016-7428

NTP.org: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of NTP.org.
Impacted products: Blue Coat CAS, Cisco ASR, Cisco Catalyst, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Nexus by Cisco, NX-OS, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Prime LMS, Cisco Router, Secure ACS, Cisco CUCM, Cisco Unified CCX, Cisco MeetingPlace, Cisco Unity ~ precise, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP-UX, AIX, Security Directory Server, Juniper J-Series, JUNOS, Junos Space, Meinberg NTP Server, Data ONTAP, NTP.org, openSUSE Leap, Solaris, pfSense, RHEL, Slackware, Spectracom SecureSync, Synology DSM, Synology DS***, Synology RS***, Ubuntu.
Severity: 2/4.
Creation date: 21/11/2016.
Identifiers: 2009389, bulletinoct2016, CERTFR-2017-AVI-090, cisco-sa-20161123-ntpd, CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-7429, CVE-2016-7431, CVE-2016-7433, CVE-2016-7434, CVE-2016-9310, CVE-2016-9311, CVE-2016-9312, FEDORA-2016-7209ab4e02, FEDORA-2016-c198d15316, FEDORA-2016-e8a8561ee7, FreeBSD-SA-16:39.ntp, HPESBUX03706, JSA10776, JSA10796, K51444934, K55405388, K87922456, MBGSA-1605, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2016:3280-1, pfSense-SA-17_03.webgui, RHSA-2017:0252-01, SA139, SSA:2016-326-01, TALOS-2016-0130, TALOS-2016-0131, TALOS-2016-0203, TALOS-2016-0204, USN-3349-1, VIGILANCE-VUL-21170, VU#633847.

Description of the vulnerability

Several vulnerabilities were announced in NTP.org.

An attacker can force an assertion error, in order to trigger a denial of service. [severity:2/4; CVE-2016-9311, TALOS-2016-0204]

An attacker can bypass security features via Mode 6, in order to obtain sensitive information. [severity:2/4; CVE-2016-9310, TALOS-2016-0203]

An attacker can trigger a fatal error via Broadcast Mode Replay, in order to trigger a denial of service. [severity:2/4; CVE-2016-7427, TALOS-2016-0131]

An attacker can trigger a fatal error via Broadcast Mode Poll Interval, in order to trigger a denial of service. [severity:2/4; CVE-2016-7428, TALOS-2016-0130]

An attacker can send malicious UDP packets, in order to trigger a denial of service on Windows. [severity:2/4; CVE-2016-9312]

An unknown vulnerability was announced via Zero Origin Timestamp. [severity:2/4; CVE-2016-7431]

An attacker can force a NULL pointer to be dereferenced via _IO_str_init_static_internal(), in order to trigger a denial of service. [severity:2/4; CVE-2016-7434]

An unknown vulnerability was announced via Interface selection. [severity:2/4; CVE-2016-7429]

An attacker can trigger a fatal error via Client Rate Limiting, in order to trigger a denial of service. [severity:2/4; CVE-2016-7426]

An unknown vulnerability was announced via Reboot Sync. [severity:2/4; CVE-2016-7433]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2016-9445 CVE-2016-9446 CVE-2016-9447

GStreamer Plugin: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of GStreamer Plugin.
Impacted products: Debian, Fedora, openSUSE, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 16/11/2016.
Revision date: 21/11/2016.
Identifiers: CVE-2016-9445, CVE-2016-9446, CVE-2016-9447, DLA-712-1, DSA-3713-1, DSA-3717-1, FEDORA-2016-a3bc78de2b, FEDORA-2016-a82e35272c, FEDORA-2016-c4004fe99e, FEDORA-2016-fdedfc86d0, openSUSE-SU-2016:3147-1, openSUSE-SU-2016:3158-1, openSUSE-SU-2017:0072-1, openSUSE-SU-2017:0075-1, RHSA-2016:2974-01, RHSA-2017:2060-01, SUSE-SU-2016:3297-1, USN-3135-1, USN-3135-2, VIGILANCE-VUL-21129.

Description of the vulnerability

Several vulnerabilities were announced in GStreamer Plugin.

An attacker can generate an integer overflow via vmnc_handle_wmvi_rectangle, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-9445]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-9446]

An attacker can generate a memory corruption via NES Sound Format, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-9447]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability bulletin CVE-2016-9372 CVE-2016-9373 CVE-2016-9374

Wireshark: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Wireshark.
Impacted products: Debian, openSUSE Leap, Solaris, Wireshark.
Severity: 2/4.
Creation date: 17/11/2016.
Identifiers: bulletinjan2017, CERTFR-2016-AVI-381, CVE-2016-9372, CVE-2016-9373, CVE-2016-9374, CVE-2016-9375, CVE-2016-9376, DLA-714-1, DSA-3719-1, openSUSE-SU-2016:2923-1, VIGILANCE-VUL-21143, wnpa-sec-2016-58, wnpa-sec-2016-59, wnpa-sec-2016-60, wnpa-sec-2016-61, wnpa-sec-2016-62.

Description of the vulnerability

Several vulnerabilities were announced in Wireshark.

An attacker can generate an infinite loop via Profinet I/O, in order to trigger a denial of service. [severity:1/4; CVE-2016-9372, wnpa-sec-2016-58]

An attacker can send malicious AllJoyn packets, in order to trigger a denial of service. [severity:2/4; CVE-2016-9374, wnpa-sec-2016-59]

An attacker can send malicious OpenFlow packets, in order to trigger a denial of service. [severity:2/4; CVE-2016-9376, wnpa-sec-2016-60]

An attacker can send malicious DCERPC packets, in order to trigger a denial of service. [severity:2/4; CVE-2016-9373, wnpa-sec-2016-61]

An attacker can generate an infinite loop via DTN, in order to trigger a denial of service. [severity:1/4; CVE-2016-9375, wnpa-sec-2016-62]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability note CVE-2016-9318

libxml2: external XML entity injection via xmlNewEntityInputStream

Synthesis of the vulnerability

An attacker can transmit malicious XML data to libxml2, in order to read a file, scan sites, or trigger a denial of service.
Impacted products: Fedora, libxml, openSUSE Leap, Slackware.
Severity: 2/4.
Creation date: 16/11/2016.
Identifiers: 772726, CVE-2016-9318, FEDORA-2017-a3a47973eb, FEDORA-2017-be8574d593, openSUSE-SU-2017:0446-1, SSA:2017-266-01, VIGILANCE-VUL-21134.

Description of the vulnerability

XML data can contain external entities (DTD):
  <!ENTITY name SYSTEM "file">
  <!ENTITY name SYSTEM "http://server/file">
A program which reads these XML data can replace these entities by data coming from the indicated file. When the program uses XML data coming from an untrusted source, this behavior leads to:
 - content disclosure from files of the server
 - private web site scan
 - a denial of service by opening a blocking file
This feature must be disabled to process XML data coming from an untrusted source.

However, the libxml2 parser allows external entities.

An attacker can therefore transmit malicious XML data to libxml2, in order to read a file, scan sites, or trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2016-10397 CVE-2016-7478 CVE-2016-9933

PHP: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of PHP.
Impacted products: Mac OS X, Debian, openSUSE, openSUSE Leap, Solaris, PHP, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 10/11/2016.
Identifiers: 72482, 72696, 73093, 73192, 73213, 73279, 73280, 73331, 73418, bulletinapr2018, CVE-2016-10397, CVE-2016-7478, CVE-2016-9933, CVE-2016-9934, DLA-1034-1, DLA-818-1, DLA-875-1, DSA-3732-1, DSA-3732-2, HT207483, openSUSE-SU-2016:3239-1, openSUSE-SU-2017:0061-1, openSUSE-SU-2017:0081-1, openSUSE-SU-2017:0588-1, openSUSE-SU-2017:0598-1, openSUSE-SU-2017:2337-1, openSUSE-SU-2017:2366-1, SSA:2016-347-03, SUSE-SU-2017:0534-1, SUSE-SU-2017:0556-1, SUSE-SU-2017:0568-1, SUSE-SU-2017:2303-1, USN-3196-1, USN-3382-1, USN-3382-2, VIGILANCE-VUL-21091.

Description of the vulnerability

Several vulnerabilities were announced in PHP.

An attacker can generate an integer overflow via imageline(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; 73213]

An attacker can generate an integer overflow via gdImageScaleBilinearPalette(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; 73279]

An attacker can generate a buffer overflow via dynamicGetbuf(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; 73280]

An attacker can generate a memory corruption via gdImageAALine(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; 72482]

An attacker can generate a buffer overflow via imagefilltoborder(), in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-21458). [severity:2/4; 72696, CVE-2016-9933]

An attacker can generate an integer overflow via _php_imap_mail(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; 73418]

An attacker can force a NULL pointer to be dereferenced via WDDX Packet Deserialization, in order to trigger a denial of service. [severity:1/4; 73331, CVE-2016-9934]

An attacker can generate an infinite loop via Unserialize Exception, in order to trigger a denial of service. [severity:2/4; 73093, CVE-2016-7478]

An attacker can alter DNS resolving via parse_url(), in order to deceive the victim. [severity:2/4; 73192, CVE-2016-10397]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2016-5199 CVE-2016-5200 CVE-2016-5201

Chrome: four vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Chrome.
Impacted products: Debian, Fedora, Chrome, openSUSE, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Creation date: 10/11/2016.
Identifiers: CERTFR-2016-AVI-376, CVE-2016-5199, CVE-2016-5200, CVE-2016-5201, CVE-2016-5202, DSA-3731-1, FEDORA-2016-a815b7bf5d, FEDORA-2016-e0e1cb2b2b, FEDORA-2017-98bed96d12, FEDORA-2017-ae1fde5fb8, openSUSE-SU-2016:2792-1, openSUSE-SU-2016:2793-1, RHSA-2016:2718-01, USN-3133-1, VIGILANCE-VUL-21090.

Description of the vulnerability

Several vulnerabilities were announced in Chrome.

An attacker can generate a memory corruption via FFmpeg, in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-21224). [severity:3/4; CVE-2016-5199]

An attacker can force a read at an invalid address via V8, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-5200]

An attacker can bypass security features via Extensions, in order to obtain sensitive information. [severity:2/4; CVE-2016-5201]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-5202]
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about MicroFocus openSUSE Leap: