Security Vulnerabilities - CVEs Published In February 2017
MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to execute arbitrary code via vectors related to the mco ping command.
CVSS Score
9.8
EPSS Score
0.021
Published
2017-02-13
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
CVSS Score
8.8
EPSS Score
0.018
Published
2017-02-13
The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ (aka cryptopp) before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks.
CVSS Score
7.5
EPSS Score
0.01
Published
2017-02-13
Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-02-13
Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C.
CVSS Score
7.5
EPSS Score
0.006
Published
2017-02-13
Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-02-13
The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a Bleichenbacher signature forgery attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2017-02-13
install/index.php in Exponent CMS 2.3.9 allows remote attackers to execute arbitrary commands via shell metacharacters in the sc array parameter.
CVSS Score
9.8
EPSS Score
0.015
Published
2017-02-13
Bubblewrap before 0.1.3 sets the PR_SET_DUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket.
CVSS Score
7.0
EPSS Score
0.001
Published
2017-02-13
Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write.
CVSS Score
9.8
EPSS Score
0.008
Published
2017-02-13