Log

CVE-2016-9934 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ It has been discovered that ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string.
References
+ https://bugs.php.net/bug.php?id=73331
+ https://github.com/php/php-src/commit/6045de69c7dedcba3eadf7c4bba424b19c81d00d
+ http://www.openwall.com/lists/oss-security/2016/12/12/2
Notes
CVE-2016-9935 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document.
References
+ https://bugs.php.net/bug.php?id=73631
+ https://github.com/php/php-src/commit/66fd44209d5ffcb9b3d1bc1b9fd8e35b485040c0
+ http://seclists.org/oss-sec/2016/q4/658
Notes
CVE-2016-9936 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via crafted serialized data.
References
+ https://github.com/php/php-src/commit/b2af4e8868726a040234de113436c6e4f6372d17
+ https://bugs.php.net/bug.php?id=72978
+ http://www.openwall.com/lists/oss-security/2016/12/12/2
Notes
CVE-2016-9941 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A heap-based buffer overflow has been discovered in rfbproto.c in the LibVNCClient part of LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area.
References
+ https://github.com/LibVNC/libvncserver/pull/137
Notes
CVE-2016-9942 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A heap-based buffer overflow has been discovered in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions.
References
+ https://github.com/LibVNC/libvncserver/pull/137
Notes
CVE-2016-9962 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Privilege escalation
Description
+ The runc component used by `docker exec` feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can, depending on the nature of the incoming process, leverage this to elevate access to the host. This ranges from accessing host content through the file descriptors of the incoming process to, potentially, a complete container escape by leveraging memory access or syscall interception.
References
+ https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5
+ https://bugzilla.suse.com/show_bug.cgi?id=1012568
+ https://github.com/docker/docker/compare/v1.12.5...v1.12.6
+ https://www.mail-archive.com/fulldisclosure@seclists.org/msg04165.html
Notes
CVE-2016-9963 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ It was found that Exim leaked DKIM signing private keys to the "mainlog" log file. As a result, an attacker with access to system log files could potentially access these leaked DKIM private keys.
References
+ https://exim.org/static/doc/CVE-2016-9963.txt
+ https://bugs.exim.org/show_bug.cgi?id=1996
+ http://seclists.org/oss-sec/2016/q4/694
Notes
CVE-2017-0359 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Arbitrary file overwrite
Description
+ It has been discovered that diffoscope may write to arbitrary locations on disk depending on the contents of an untrusted archive.
References
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854723
+ https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=632a40828a54b399787c25e7fa243f732aef7e05
Notes
CVE-2017-0361 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Information disclosure
Description
+ MediaWiki before 1.29.2 may leak passwords in plaintext. API parameters may now be marked as "sensitive" to keep their values out of the logs.
References
+ https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
+ https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
+ https://phabricator.wikimedia.org/T125177
+ https://phabricator.wikimedia.org/T180488
+ https://github.com/wikimedia/mediawiki/commit/8b0220e81ba462d21d8e1facbe6aed047f7418a2
+ https://github.com/wikimedia/mediawiki/commit/59ce3456a8007d76875fe8fb21eff4a90b214034
Notes
+ CVE-2017-0361 wasn't correctly fixed in all branches and previous security releases before 1.29.2.
CVE-2017-0362 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Cross-site request forgery
Description
+ MediaWiki before 1.18.1 did not require a CSRF token for the "Mark all pages visited" action on the watchlist.
References
+ https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
+ https://phabricator.wikimedia.org/T150044
Notes