EUVD-2018-8579

Malware in sbrugna...

Oracle Siebel CRM < 16.5 (October 2016 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2016 CPU advisory. - Vulnerability in the Siebel Apps - Customer Order Management component of Oracle Siebel CRM subcomponent: Customizable Prod/Configurator. The...

SUSE CVE-2016-7855

Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016...

Security Bulletin: Vulnerability in IBM® Java SDK affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-5597)

Summary There is a vulnerability in IBM® SDK Java Technology Edition, Version 1.6 and 1.7 that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering...

October 2016 Preview of Monthly Quality Rollup for Windows Server 2012

October 2016 Preview of Monthly Quality Rollup for Windows Server 2012 The October 2016 Preview of Monthly Quality Rollup includes improvements and fixes for the Windows Server 2012 platform. We recommend that you apply this quality rollup as part of your regular maintenance routines. Improvement...

October 2016 Preview of Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2

October 2016 Preview of Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2 The October 2016 Preview of Monthly Quality Rollup includes some new improvements and fixes for the Windows 8.1 and Windows Server 2012 R2 platforms. We recommend that you apply this quality rollup as part o...

October 2016 Preview of Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1

October 2016 Preview of Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1 The October 2016 Preview of Monthly Quality Rollup includes some new improvements and fixes for Windows 7 Service Pack 1 SP1 and Windows Server 2008 R2 SP1 platforms. We recommend that you apply this...

CVE-2016-11034

An issue was discovered on Samsung mobile devices with L5.0/5.1 and M6.0 software. The decode function in Qjpeg in Qt 5.7 allows attackers to trigger a system crash via a malformed image. The Samsung ID is SVE-2016-6560 October 2016...

CVE-2016-11035

An issue was discovered on Samsung mobile devices with software through 2016-05-27 Exynos AP chipsets. A local graphics user can cause a Kernel Crash via the fb0DECON frame buffer interface. The Samsung ID is SVE-2016-7011 October 2016...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects IBM Systems Director Storage Control

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Technology Edition, Version 6 that is used by IBM Systems Director Storage Control. These issues was disclosed as part of the IBM Java updates for January 2016, July 2016 and October 2016. Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK have been identified in IBM WebSphere Application Server shipped with IBM Integrated Information Core (Oct 2016 CPU - Includes CVE-2016-5573, CVE-2016-5597)

Summary IBM WebSphere Application Server is shipped as a component of IBM Integrated Information Core. Oracle released the October 2016 critical patch updates which contain multiple fixes for security vulnerabilities in the IBM Java Development Kit that is included with IBM WebSphere Application...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Application Server and Tivoli Netcool Performance Manager October 2016 and January 2017 CPU (multiple CVEs)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 7 and 8 used by Tivoli Netcool Performance Manager . These issues were disclosed as part of the IBM Java SDK updates for October 2016 and January 2017. Vulnerability Details CVEID: CVE-2016-5597...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Enterprise Content Management System Monitor

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version Java 6 and Java 7 used by Enterprise Content Management System Monitor. These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details CVEID: CVE-2016-5573 DESCRIPTION:...

Security Bulletin: A security vulnerability has been identified in IBM® Java SDK that affect IBM Security Directory Suite (CVE-2016-5597) - October 2016 CPU

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition that is shipped with IBM Security Directory Suite. The issue was disclosed as part of the IBM Java SDK updates in October 2016 and includes the vulnerability. Vulnerability Details CVEID: CVE-2016-5597 DESCRIPTION: An unspecifi...

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition (Java CPU October 2016)

Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, and WebSphere Lombardi Edition. WebSphere Application Server Liberty is shipped as a component of the optional BPM component Process Federation Server. Information about...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server October 2016 CPU (CVE-2016-5573, CVE-2016-5597)

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates in October 2016. These may affect some configurations of IBM WebSphere Application Server...

Security Bulletin: Multiple vulnerabilities may affect IBM® WebSphere Real Time

Summary Java SE issues disclosed in the Oracle October 2016 Critical Patch Update Vulnerability Details CVE IDs: CVE-2016-5568 CVE-2016-5556 CVE-2016-5573 CVE-2016-5597 CVE-2016-5554 CVE-2016-5542 DESCRIPTION: This bulletin covers all applicable Java SE CVEs published by Oracle as part of their...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

mysql: unspecified vulnerability in subcomponent: Server: GIS (CPU October 2016)

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS...