VARIoT IoT vulnerabilities database

Cisco IOS XE 3.1 through 3.17 and 16.1 on 64-bit platforms allows remote attackers to cause a denial of service (data-structure corruption and device reload) via fragmented IPv4 packets, aka Bug ID CSCux66005. Cisco IOSXESoftware is an operating system developed by Cisco Systems for its network devices. A denial of service vulnerability exists in the IPFragmentReassembly feature in Cisco IOSXESoftware. A remote attacker could exploit the vulnerability by sending a specially crafted IPv4 segmentation packet, causing the device to be overloaded, resulting in a denial of service. Cisco IOS XE Software is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to restart, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCux66005

Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.1 through 3.9 allow remote attackers to cause a denial of service (device restart) via a crafted IPv4 Multicast Source Discovery Protocol (MSDP) Source-Active (SA) message, aka Bug ID CSCud36767. Cisco IOS and IOS XE There is a service disruption ( Reboot device ) There are vulnerabilities that are put into a state. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Cisco IOS/IOSXESoftware has a denial of service vulnerability in the multicast subsystem. An unauthenticated remote attacker exploiting this vulnerability could cause the affected device to be overloaded. This vulnerability is located in both IPv4MSDP and IPv6PIM. These issues are being tracked by Cisco Bug IDs CSCud36767 and CSCuy16399

The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz86065. Vendors have confirmed this vulnerability Bug ID CSCuz82907 , CSCuz84330 and CSCuz86065 It is released as.A large amount by a third party FTP Service disruption through traffic (DoS) There is a possibility of being put into a state. CiscoAsyncOSonEmailSecurityAppliance (ESA) and so on are products of Cisco. Cisco ESA is a set of email security appliances. Cisco AsyncOS is a set of operating systems used in these products. A denial of service vulnerability exists in the CiscoAsyncOSFileTransferProtocol service. A remote attacker could exploit the vulnerability by sending an FTP data stream to a local FTP service to cause a denial of service. An attacker can exploit this issue to cause denial-of-service condition. This issue is being tracked by Cisco bug IDs CSCuz82907, CSCuz84330 and CSCuz86065. The following products are affected: Cisco ESA versions 9.6.0-000 to 9.9.6-026, Content SMA, WSA versions 9.0.0-162 to 9.5.0-444

Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 4.10.2 through 6.1.0 and Firepower Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCva21636. Vendors have confirmed this vulnerability Bug ID CSCva21636 It is released as.A third party may be able to hijack the authentication of any user. An attacker can exploit this issue to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. This issue is being tracked by Cisco Bug ID CSCva21636

Cross-site scripting (XSS) vulnerability in Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.0 through 3.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCva14552. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCva14552. The tool provides real-time configuration, management, analysis and monitoring functions

Cross-site scripting (XSS) vulnerability in IBM 10x, as used in Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications before 1.0.0.5_2, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. IBMMEIG is a cross-enterprise integrated communications gateway product. IBMB2BAdvanced Communications is a B2B advanced communications product. A 10x cross-site scripting vulnerability exists in IBMMEIG 1.0 to 1.0.0.1 and B2BAdvancedCommunications 1.0.0.2 to 1.0.0.5_1. This vulnerability could be exploited by a remote attacker to inject arbitrary JavaScript code into the WebUI. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks

SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur25485. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. This issue is being tracked by Cisco Bug ID CSCur25485

Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467. An attacker can exploit this issue to gain elevated privileges on an affected device. This issue is being tracked by Cisco Bug ID CSCur25467

Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets that require NAT, aka Bug ID CSCuw85853. Cisco IOSXE is an operating system developed by Cisco Systems for its network devices. NetworkAddressTranslation (NAT) is one of the network address translation functions. A denial of service vulnerability exists in the implementation of the NAT feature in Cisco IOSXESoftware. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCuw85853

Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through 3.17 and 16.1 allow remote attackers to cause a denial of service (device restart) via a malformed IPv6 Protocol Independent Multicast (PIM) register packet, aka Bug ID CSCuy16399. Cisco IOS and IOS XE There is a service disruption ( Reboot device ) There are vulnerabilities that are put into a state. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Cisco IOS/IOSXESoftware has a denial of service vulnerability in the multicast subsystem. An unauthenticated remote attacker exploiting this vulnerability could cause the affected device to be overloaded. This vulnerability is located in both IPv4MSDP and IPv6PIM. These issues are being tracked by Cisco Bug IDs CSCud36767 and CSCuy16399

Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause a denial of service (traffic-processing outage) via a crafted series of Common Industrial Protocol (CIP) requests, aka Bug ID CSCur69036. Cisco IOS There is a service disruption ( Stop traffic processing ) There are vulnerabilities that are put into a state. Cisco IOS is an operating system developed by Cisco Systems for its network devices. CommonIndustrialProtocol (CIP) is one of the industrial protocols for industrial automation applications. A remote attacker can request the vulnerability to cause the switch to stop processing the data stream by submitting CIP information, causing a denial of service (reboot). An attacker can exploit this issue to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCur69036

Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.17 and 16.2 allow remote attackers to cause a denial of service (device reload) via crafted fields in an H.323 message, aka Bug ID CSCux04257. Both Cisco IOS and IOSXESoftware are operating systems developed by Cisco for its network devices. The vulnerability stems from a program failing to properly validate fields in the H.323 protocol suite. A remote attacker could exploit the vulnerability by accessing an invalid memory area to cause a denial of service (restart and crash). An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCux04257

Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with the HTTP Explicit Proxy functionality or SOCKS profile, allow remote attackers to modify the system configuration, read system files, and possibly execute arbitrary code via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlA third party may change system settings, read system files, and execute arbitrary code. Multiple F5 BIG-IP Products are prone to a remote command-execution vulnerability. An attacker can execute arbitrary system commands within the context of the affected application. F5 BIG-IP is an all-in-one network device integrated with network traffic management, application security management, load balancing and other functions from F5 Corporation of the United States. The following versions are affected: F5 BIG-IP System version 11.5.0, version 11.5.1 before HF11, version 11.5.2, version 11.5.3, version 11.5.4 before HF2, version 11.6.0 before HF8, HF1 Version 11.6.1 before, Version 12.0.0 before HF4, Version 12.1.0 before HF2

HPE Network Automation Software 10.10 allows local users to write to arbitrary files via unspecified vectors. HP Network Automation is an automated network configuration management tool from Hewlett Packard (HP). The tool automates configuration changes, software updates, compliance audits, and tracking and control across a wide range of multi-vendor network devices. A local security bypass vulnerability exists in HP Network Automation 10.10. An attacker could exploit the vulnerability to bypass security restrictions and perform unauthorized operations. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05281739 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05281739 Version: 1 HPSBGN03650 rev.1 - HPE Network Automation Software, Local Arbitrary File Modification NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. The vulnerability could be locally exploited to allow arbitrary file modification. References: CVE-2016-4386 PSRT110063 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Network Automation Software v10.10 BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2016-4386 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 6.6 (AV:L/AC:L/Au:N/C:C/I:C/A:N) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499 RESOLUTION HPE has made the following mitigation information available to resolve the vulnerability for the impacted versions of HPE Network Automation Software: https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facetse arch/document/KM02413825?lang=en&cc=us&hpappid 2392_SSO_PRO_HPE HISTORY Version:1 (rev.1) - 28 September 2016 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJX7BdgAAoJEGIGBBYqRO9/HOIIAIelNeLzbEVyRx9KLp6MJ+9f oBfrEiEJzZ1lvR8RhD60q4UMuZK17TZWDLDQTd+j386SSBqau9frsXjhnrcfOaoY MXjbP0K3VtJ5szcS0Kprj3KeZmyKNrJmXg1pBFcSulzsJvO8/f/FLccLrYzgcTsy jMhIe/rLmSUGNpNeVN+SmllOWhyvODXoGO9Adh5sMZzRkqlfiXE19vic6W6L9i4e 0gK3nzj8XTB5qsjSsSfddvScrRDUH4zWCKRfLaZM9xGcQLTFaTFhUAeiW73cJnK1 +8LKRA5y5cDiLsa57rg4vAOkOjb7+dtkgKxAYGWiGihwy7zmLg8yIhITHqSwDik= =+wEG -----END PGP SIGNATURE-----

Directory traversal vulnerability in Huawei eSight before V300R003C20SPC005 allows remote authenticated users to read arbitrary files via unspecified vectors. Multiple Huawei Products are prone to an directory-traversal vulnerability. This may aid in further attacks. Huawei eSight is a new generation of overall operation and maintenance management solution for enterprise basic network, unified communication, telepresence conferencing, video surveillance and data center developed by Huawei in China. This solution supports unified monitoring and configuration management for multi-vendor and multi-type equipment, and monitors and analyzes network and service quality. There is a path traversal vulnerability in Huawei eSight V300R002C00, V300R003C10, and V300R003C20. The vulnerability is caused by the program not fully verifying the path. Remote attackers can exploit this vulnerability to download unauthorized files, resulting in information disclosure

HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspecified vectors. HPThinPro is a thin client device from Hewlett Packard (HP). An attacker could exploit the vulnerability to gain unauthorized access to HP client devices and elevation of privileges. HP ThinPro is prone to local privilege-escalation vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the root privileges

Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream. Symantec Messaging Gateway is prone to a directory-traversal vulnerability. An attackers can use specially crafted requests with directory-traversal sequences ('../') to read arbitrary files in the context of the application. This may aid in further attacks. Symantec Messaging Gateway is a spam filter that integrates anti-spam, anti-virus, advanced content filtering and data leakage prevention technologies from Symantec. Charting is one of the charting components

crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to crash the affected application, resulting in a denial-of-service condition. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201612-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack. Background ========== OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/openssl < 1.0.2j >= 1.0.2j Description =========== Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details. Additionally, a time based side-channel attack may allow a local attacker to recover a private DSA key. Workaround ========== There is no known workaround at this time. Resolution ========== All OpenSSL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j" References ========== [ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201612-16 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] openssl (SSA:2016-270-01) New openssl packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.2j-i586-1_slack14.2.txz: Upgraded. This update fixes a security issue: Missing CRL sanity check (CVE-2016-7052) For more information, see: https://www.openssl.org/news/secadv/20160926.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7052 (* Security fix *) patches/packages/openssl-solibs-1.0.2j-i586-1_slack14.2.txz: Upgraded. +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-1.0.2j-i586-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-solibs-1.0.2j-i586-1_slack14.2.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-1.0.2j-x86_64-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-solibs-1.0.2j-x86_64-1_slack14.2.txz Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2j-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2j-i586-1.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2j-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2j-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.2 packages: cf3e90f91b35ee96f5a900e5f2ec8fd5 openssl-1.0.2j-i586-1_slack14.2.txz 31cc46351fdd4c487f75abdbfcd696e7 openssl-solibs-1.0.2j-i586-1_slack14.2.txz Slackware x86_64 14.2 packages: 333fd278752b5f04a805aeabd77f28c4 openssl-1.0.2j-x86_64-1_slack14.2.txz 6b25daf23b1cfc59351308b9c11e830a openssl-solibs-1.0.2j-x86_64-1_slack14.2.txz Slackware -current packages: 98337bdfe00f04be784953fee5c023ca a/openssl-solibs-1.0.2j-i586-1.txz 3cd05a7ed655e7f51f652a31b9b908e7 n/openssl-1.0.2j-i586-1.txz Slackware x86_64 -current packages: 6907d9a091ace959d8f04aa92cd7e5f6 a/openssl-solibs-1.0.2j-x86_64-1.txz 4017d82d5c4c370ab6850a5d623d321a n/openssl-1.0.2j-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg openssl-1.0.2j-i586-1_slack14.2.txz openssl-solibs-1.0.2j-i586-1_slack14.2.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAlfpZcsACgkQakRjwEAQIjPMMACbB1R3zcPgLf11KPr1jtmRE7PN BvgAnjd81wwT0k1DTOieELSStonzadsk =AuZJ -----END PGP SIGNATURE-----

statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session. Supplementary information : CWE Vulnerability type by CWE-416: Use After Free ( Use of freed memory ) Has been identified. OpenSSL is prone to a remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions

Huawei AnyMail before 2.6.0301.0060 allows remote attackers to cause a denial of service (application crash) via a crafted compressed email attachment. Huawei AnyMail There is a service disruption ( Application crash ) There are vulnerabilities that are put into a state. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. Huawei AnyMail is a set of mobile mail application platform of China Huawei (Huawei). Security vulnerabilities exist in Huawei AnyMail versions 2.5.0501.0190 and 2.5.0301.0190