Redhat Enterprise Linux Desktop vulnerabilities

CVE-2016-4809 [HIGH] CWE-20 CVE-2016-4809: The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchiv The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.

CVE-2016-7166 [MEDIUM] CWE-399 CVE-2016-7166: libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote a libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.

CVE-2016-5844 [MEDIUM] CWE-190 CVE-2016-5844: Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a den Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

CVE-2016-6662 [CRITICAL] CWE-264 CVE-2016-6662: Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting genera

CVE-2016-5403 [MEDIUM] CWE-400 CVE-2016-5403: The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cau The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.

CVE-2016-5131 [HIGH] CWE-416 CVE-2016-5131: Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.

CVE-2016-5440 [MEDIUM] CVE-2016-5440: Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and ear Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.

CVE-2016-5444 [LOW] CVE-2016-5444: Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and ear Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.

CVE-2016-5387 [HIGH] CVE-2016-5387: The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka

CVE-2016-5385 [HIGH] CWE-601 CVE-2016-5385: PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and theref PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy hea

CVE-2016-5388 [HIGH] CWE-284 CVE-2016-5388: Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy

CVE-2016-2775 [MEDIUM] CWE-20 CVE-2016-2775: ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or th ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.

CVE-2016-5009 [MEDIUM] CWE-20 CVE-2016-5009: The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a d The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix.

CVE-2016-1704 [HIGH] CVE-2016-1704: Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVE-2016-0758 [HIGH] CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain pri Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.

CVE-2016-4470 [MEDIUM] CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not e The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

CVE-2016-4171 [CRITICAL] CVE-2016-4171: Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to ex Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.

CVE-2016-4138 [CRITICAL] CVE-2016-4138: Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash l Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVE-2016-4148 [HIGH] CVE-2016-4148: Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash l Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVE-2016-4140 [HIGH] CVE-2016-4140: Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash l Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.