CVE-2015-1834
published 2017-05-25CVE-2015-1834: A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud…
PriorityP340medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
EPSS
1.69%
74.2th percentile
A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions prior to 1.4.2. Path traversal is the 'outbreak' of a given directory structure through relative file paths in the user input. It aims at accessing files and directories that are stored outside the web root folder, for disallowed reading or even executing arbitrary system commands. An attacker could use a certain parameter of the file path for instance to inject '../' sequences in order to navigate through the file system. In this particular case a remote authenticated attacker can exploit the identified vulnerability in order to upload arbitrary files to the server running a Cloud Controller instance - outside the isolated application container.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cloudfoundry | cf-release | <= 207 | — |
| pivotal | cloud_foundry | — | — |
| pivotal | cloud_foundry | — | — |
| pivotal_software | cloud_foundry_elastic_runtime | <= 1.4.1 | — |
| xmlsoft | libxml2 | >= 0 < 2.9.1+dfsg1-3ubuntu4.8 | 2.9.1+dfsg1-3ubuntu4.8 |
| xmlsoft | libxml2 | >= 0 < 2.9.3+dfsg1-1ubuntu0.1 | 2.9.3+dfsg1-1ubuntu0.1 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:P/A:N
osv7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xmcg-5rvr-g4j6: A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivot
ghsa_unreviewed·2022-05-13
CVE-2015-1834 [MEDIUM] CWE-22 GHSA-xmcg-5rvr-g4j6: A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivot
A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions prior to 1.4.2. Path traversal is the 'outbreak' of a given directory structure through relative file paths in the user input. It aims at accessing files and directories that are stored outside the web root folder, for disallowed reading or even executing arbitrary system commands. An attacker could use a certain parameter of the file path for instance to inject '../' sequences in order to navigate through the file system. In this particular case a remote authenticated attacker can exploit the identified vulnerability in order to upload arbitrary files to the server running a Cloud Controller instance
OSV
libxml2 vulnerabilities
osv·2016-06-06·CVSS 7.5
CVE-2015-8806 libxml2 vulnerabilities
libxml2 vulnerabilities
It was discovered that libxml2 incorrectly handled certain malformed
documents. If a user or automated system were tricked into opening a
specially crafted document, an attacker could possibly cause libxml2 to
crash, resulting in a denial of service. (CVE-2015-8806, CVE-2016-2073,
CVE-2016-3627, CVE-2016-3705, CVE-2016-4447)
It was discovered that libxml2 incorrectly handled certain malformed
documents. If a user or automated system were tricked into opening a
specially crafted document, an attacker could cause libxml2 to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-1762, CVE-2016-1834)
Mateusz Jurczyk discovered that libxml2 incorrectly handled certain
malformed documents. If a user or automated system were tricked into
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2015-4511 Mozilla: Buffer overflow while decoding WebM video (MFSA 2015-105)
bugzilla·2015-09-23·CVSS 6.8
CVE-2015-4511 [MEDIUM] CVE-2015-4511 Mozilla: Buffer overflow while decoding WebM video (MFSA 2015-105)
CVE-2015-4511 Mozilla: Buffer overflow while decoding WebM video (MFSA 2015-105)
Using the Address Sanitizer tool, security researcher Atte Kettunen discovered
a buffer overflow in the nestegg library when decoding a WebM format video
with maliciously formatted headers. This leads to a potentially exploitable
crash.
External Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2015-105/
Discussion:
Acknowledgements:
Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Atte Kettunen as the original reporter.
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 6
Via RHSA-2015:1834 https://rhn.redhat.com/errata/RHSA-2015-1834.html
Bugzilla
CVE-2015-4509 Mozilla: Use-after-free while manipulating HTML media content (MFSA 2015-106)
bugzilla·2015-09-22·CVSS 7.5
CVE-2015-4509 [HIGH] CVE-2015-4509 Mozilla: Use-after-free while manipulating HTML media content (MFSA 2015-106)
CVE-2015-4509 Mozilla: Use-after-free while manipulating HTML media content (MFSA 2015-106)
An anonymous researcher reported, via HP's Zero Day Initiative, a use-after-free vulnerability with HTML media elements on a page during script manipulation of the URI table of these elements. This results in a potentially exploitable crash.
External References:
https://www.mozilla.org/en-US/security/advisories/mfsa2015-106/
Discussion:
Acknowledgements:
Red Hat would like to thank the Mozilla project for reporting this issue.
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 6
Via RHSA-2015:1834 https://rhn.redhat.com/errata/RHSA-2015-1834.html
---
This issue has been addressed in the following pro
2017-05-25
Published