Vulnerabilities Weekly Summary Ending October 14

This week Microsoft’s Patch Tuesday addressed many vulnerabilities affecting their Operating Systems, likewise, Adobe addressed vulnerabilities for Flash Player. Cisco and Chrome also released security updates for their products.

Microsoft’s Patch Tuesday for October 2016

Microsoft’s patches for the month has been released and as usual addresses many vulnerabilities.  Ten patches in total have been released. Below are the list of vulnerabilities deemed critical, some of which if exploited could allow a remote attacker to take control of an affected system (Oct. 11, 2016, “Microsoft Security Bulletin Summary for October 2016“):

• Internet Explorer
  • CVE-2016-3267 – Microsoft Browser Information Disclosure Vulnerability
  • CVE-2016-3382 – Scripting Engine Memory Corruption Vulnerability
  • CVE-2016-3383 – Internet Explorer Memory Corruption Vulnerability
  • CVE-2016-3384 – Internet Explorer Memory Corruption Vulnerability
  • CVE-2016-3385 – Scripting Engine Memory Corruption Vulnerability
  • CVE-2016-3390 – Scripting Engine Memory Corruption Vulnerability
• Microsoft Edge
  • CVE-2016-3331 – Microsoft Browser Memory Corruption Vulnerability
  • CVE-2016-3382 – Scripting Engine Memory Corruption Vulnerability
  • CVE-2016-3386 – Scripting Engine Memory Corruption Vulnerability
  • CVE-2016-3389 – Scripting Engine Memory Corruption Vulnerability
  • CVE-2016-3390 – Scripting Engine Memory Corruption Vulnerability
  • CVE-2016-7189 – Scripting Engine Remote Code Execution Vulnerability
  • CVE-2016-7190 – Scripting Engine Memory Corruption Vulnerability
  • CVE-2016-7194 – Scripting Engine Memory Corruption Vulnerability
• Microsoft Graphics Component
  • CVE-2016-3393 – Windows Graphics Component RCE Vulnerability
• Microsoft Video Control
  • CVE-2016-0142 – Microsoft Video Control Remote Code Execution Vulnerabilities

Please refer to to the bulletin for the complete list of vulnerabilities and our Patches and Updates page for direct links to the updates.

Adobe Security Bulletin for October 2016 addressing Flash Player and Creative Cloud Desktop Application

Adobe released two security bulletins, one addressing vulnerabilities for Adobe Flash Player (Oct. 11, 2016, “Security updates available for Adobe Flash Player“); the other addressing Creative Cloud Desktop Application (Oct. 11, 2016, “Security update available for the Creative Cloud Desktop Application)

• CVE-2016-6992 –  “…type confusion vulnerability that could lead to code execution“
• CVE-2016-6981 – “…use-after-free vulnerabilities that could lead to code execution“
• CVE-2016-6987 – “…use-after-free vulnerabilities that could lead to code execution“
• CVE-2016-4286 – “…security bypass vulnerability“
• CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, CVE-2016-6990 – “…memory corruption vulnerabilities that could lead to code execution“
• CVE-2016-6935 – “…can cause the product to access resources in a parent path, possibly allowing local privilege escalation”
  

Security update for Chrome v.54.0.2840.59

Chrome released security update v.54.0.2840.59 for Chrome 54.  This updates includes 21 security fixes, below are a list of the vulnerabilities deemed to be “high” (Oct. 12, 2016, “Stable Channel Update for Desktop“):

• CVE-2016-5181 – “Universal XSS in Blink”.
• CVE-2016-5182 – “Heap overflow in Blink”.
• CVE-2016-5183 – “Use after free in PDFium”.
• CVE-2016-5184 – “Use after free in Blink“.
• CVE-2016-5185 – “Use after free in PDFium”.
• CVE-2016-5187 – “URL Spoofing“.
• CVE-2016-5194 – “Various fixes from internal audits, fuzzing and other initiatives“.

Cisco Security Advisories for Cisco Meeting Server, Unified Communications Manager and Finesse

Cisco released several security advisories for a few of their products including Cisco Meeting Server, Cisco Unified Communications Manager and Cisco Finesse.  Below are a list of all the vulnerabilities addressed in these security advisories:

• CVE-2016-6445 – “A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to masquerade as a legitimate user” (2016 Oct. 12, “Cisco Meeting Server Client Authentication Bypass Vulnerability“).

• CVE-2016-6437 – “A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation (2016 Oct. 12, “Cisco Wide Area Application Services Central Manager Denial of Service Vulnerability“).

• CVE-2016-6440 – “The Cisco Unified Communications Manager (CUCM) may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to a clickjacking attack. Protection mechanisms should be used to prevent this type of attack” (2016 Oct. 12, “Cisco Unified Communications Manager iFrame Data Clickjacking Vulnerability“).

• CVE-2016-6443 – “A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability” (2016 Oct. 12, “Cisco Prime Infrastructure and Evolved Programmable Network Manager Database Interface SQL Injection Vulnerability“).
• CVE-2016-6442 – “A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface” (2016 Oct. 12, “Cisco Finesse Cross-Site Request Forgery Vulnerability“).

• CVE-2016-6438 – “A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device“

Reference:

• (2016 Oct. 11). “Microsoft Security Bulletin Summary for October 2016“. Microsoft Corp. Retrieved from https://technet.microsoft.com/en-us/library/security/ms16-oct.aspx

• (2016 Oct. 11). “Security updates available for Adobe Flash Player“. Adobe Systems, Inc. Retrieved from https://helpx.adobe.com/security/products/flash-player/apsb16-32.html
  

• (2016 Oct. 11). “Security update available for the Creative Cloud Desktop Application“. Adobe Systems, Inc. Retrieved from https://helpx.adobe.com/security/products/creative-cloud/apsb16-34.html

• (2016 Oct. 12). “Stable Channel Update for Desktop“. Google Inc. Retrieved from https://googlechromereleases.blogspot.com/search/label/Stable%20updates

• (2016 Oct. 12). “Cisco Meeting Server Client Authentication Bypass Vulnerability“. Cisco Systems. Retrieved from https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-msc

• (2016 Oct. 12). “Cisco Wide Area Application Services Central Manager Denial of Service Vulnerability“. Cisco Systems. Retrieved from https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-waas

• (2016 Oct. 12). “Cisco Unified Communications Manager iFrame Data Clickjacking Vulnerability“. Cisco Systems. Retrieved from https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-ucm

• (2016 Oct. 12). “Cisco Prime Infrastructure and Evolved Programmable Network Manager Database Interface SQL Injection Vulnerability“. Cisco Systems. Retrieved from https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-prime

• (2016 Oct. 12). “Cisco Finesse Cross-Site Request Forgery Vulnerability“. Cisco Systems. Retrieved from https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-fin