Vulnerability Summary for the Week of May 5, 2014
26
Vulnerability Summary for the Week of May 5, 2014 Please Note: • The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low. • The CVE indentity number is the publicly known ID given to that particular vulnerability. Therefore you can search the status of that particular vulnerability using that ID. • The CVSS (Common Vulnerability Scoring System) score is a standard scoring system used to determine the severity of the vulnerability. High Severity Vulnerabilities The Primary Vendor --- Product Description Date Published CVSS Score The CVE Identity acunetix -- web_vulnerability_scanne r Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remote attackers to execute arbitrary code via an HTML file containing an IMG element with a long URL (src attribute). 2014-04-27 10.0 CVE-2014-2994 adobe -- flash_player Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in April 2014. 2014-04-29 10.0 CVE-2014-0515 apache -- struts ParametersInterceptor in Apache Struts before 2.3.16.2 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. 2014-04-29 7.5 CVE-2014-0112 apache -- struts CookieInterceptor in Apache Struts before 2.3.16.2, when a wildcard cookiesName value is 2014-04-29 7.5 CVE-2014-0113
-
Upload
abdelmajid-lakbabi -
Category
Documents
-
view
17 -
download
1
description
sec
Transcript of Vulnerability Summary for the Week of May 5, 2014
Vulnerability Summary for the Week of May 5, 2014Please Note:
• The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low.
• The CVE indentity number is the publicly known ID given to that particular vulnerability. Therefore you can
search the status of that particular vulnerability using that ID.
• The CVSS (Common Vulnerability Scoring System) score is a standard scoring system used to determine the
severity of the vulnerability.
High Severity Vulnerabilities
The Primary Vendor --- Product
Description Date Published
CVSS Score
The CVE Identity
acunetix --
web_vulnerability_scanne
r
Stack-based buffer overflow in Acunetix Web
Vulnerability Scanner (WVS) 8 build 20120704
allows remote attackers to execute arbitrary
code via an HTML file containing an IMG element
with a long URL (src attribute).
2014-04-27 10.0 CVE-2014-2994
adobe -- flash_player Buffer overflow in Adobe Flash Player before
11.7.700.279 and 11.8.x through 13.0.x before
13.0.0.206 on Windows and OS X, and before
11.2.202.356 on Linux, allows remote attackers
to execute arbitrary code via unspecified vectors,
as exploited in the wild in April 2014.
2014-04-29 10.0 CVE-2014-0515
apache -- struts ParametersInterceptor in Apache Struts before
2.3.16.2 does not properly restrict access to the
getClass method, which allows remote attackers
to "manipulate" the ClassLoader and execute
arbitrary code via a crafted request. NOTE: this
vulnerability exists because of an incomplete fix
for CVE-2014-0094.
2014-04-29 7.5 CVE-2014-0112
apache -- struts CookieInterceptor in Apache Struts before
2.3.16.2, when a wildcard cookiesName value is
2014-04-29 7.5 CVE-2014-0113
used, does not properly restrict access to the
getClass method, which allows remote attackers
to "manipulate" the ClassLoader and execute
arbitrary code via a crafted request. NOTE: this
vulnerability exists because of an incomplete fix
for CVE-2014-0094.
apache -- struts The ActionForm object in Apache Struts 1.x
through 1.3.10 allows remote attackers to
"manipulate" the ClassLoader and execute
arbitrary code via the class parameter, which is
passed to the getClass method.
2014-04-30 7.5 CVE-2014-0114
cisco --
telepresence_system_soft
ware
Cisco TelePresence System MXP Series Software
before F9.3.1 allows remote attackers to cause a
denial of service (device reload) via crafted SIP
packets, aka Bug ID CSCty45739.
2014-05-02 7.1 CVE-2014-2156
cisco --
telepresence_system_soft
ware
Cisco TelePresence System MXP Series Software
before F9.3.1 allows remote attackers to cause a
denial of service (device reload) via crafted SIP
packets, aka Bug ID CSCty45733.
2014-05-02 7.1 CVE-2014-2157
cisco --
telepresence_system_soft
ware
Cisco TelePresence System MXP Series Software
before F9.3.1 allows remote attackers to cause a
denial of service (device reload) via crafted SIP
packets, aka Bug ID CSCty45720.
2014-05-02 7.8 CVE-2014-2158
cisco --
telepresence_system_soft
ware
The H.225 subsystem in Cisco TelePresence
System MXP Series Software before F9.3.1 allows
remote attackers to cause a denial of service
(device reload) via crafted packets, aka Bug ID
CSCtq78722.
2014-05-02 7.8 CVE-2014-2159
cisco --
telepresence_system_soft
ware
The H.225 subsystem in Cisco TelePresence
System MXP Series Software before F9.3.1 allows
remote attackers to cause a denial of service
(device reload) via crafted packets, aka Bug ID
CSCty45745.
2014-05-02 7.8 CVE-2014-2160
cisco --
telepresence_system_soft
ware
The H.225 subsystem in Cisco TelePresence
System MXP Series Software before F9.3.1 allows
remote attackers to cause a denial of service
(device reload) via crafted packets, aka Bug ID
CSCty45731.
2014-05-02 7.8 CVE-2014-2161
cisco --
telepresence_tc_software
The SIP implementation in Cisco TelePresence TC
Software 4.x and 5.x and TE Software 4.x and 6.0
allows remote attackers to cause a denial of
service (device reload) via crafted SIP packets,
aka Bug ID CSCud29566.
2014-05-02 7.8 CVE-2014-2162
cisco --
telepresence_tc_software
The SIP implementation in Cisco TelePresence TC
Software 4.x and 5.x and TE Software 4.x allows
remote attackers to cause a denial of service
(device reload) via crafted SIP packets, aka Bug
ID CSCua64961.
2014-05-02 7.8 CVE-2014-2163
cisco --
telepresence_tc_software
The SIP implementation in Cisco TelePresence TC
Software 4.x and 5.x and TE Software 4.x and 6.0
allows remote attackers to cause a denial of
service (device reload) via crafted SIP packets,
aka Bug ID CSCuj94651.
2014-05-02 7.8 CVE-2014-2164
cisco --
telepresence_tc_software
The SIP implementation in Cisco TelePresence TC
Software 4.x and 5.x and TE Software 4.x and 6.0
allows remote attackers to cause a denial of
service (device reload) via crafted SIP packets,
aka Bug ID CSCtq72699.
2014-05-02 7.8 CVE-2014-2165
cisco --
telepresence_tc_software
The SIP implementation in Cisco TelePresence TC
Software 4.x and TE Software 4.x allows remote
attackers to cause a denial of service (device
reload) via crafted SIP packets, aka Bug ID
CSCto70562.
2014-05-02 7.8 CVE-2014-2166
cisco --
telepresence_tc_software
The SIP implementation in Cisco TelePresence TC
Software 4.x and 5.x and TE Software 4.x and 6.0
allows remote attackers to cause a denial of
service (device reload) via crafted SIP packets,
aka Bug ID CSCua86589.
2014-05-02 7.8 CVE-2014-2167
cisco --
telepresence_tc_software
Buffer overflow in Cisco TelePresence TC
Software 4.x and 5.x and TE Software 4.x and 6.0
allows remote attackers to execute arbitrary
code via crafted DNS response packets, aka Bug
ID CSCty44804.
2014-05-02 7.6 CVE-2014-2168
cisco --
telepresence_tc_software
Cisco TelePresence TC Software 4.x through 6.x
before 6.2.0 and TE Software 4.x and 6.0 allow
remote authenticated users to execute arbitrary
2014-05-02 9.0 CVE-2014-2169
commands by using the commands as
arguments to internal system scripts, aka Bug ID
CSCue60211.
cisco --
telepresence_tc_software
Cisco TelePresence TC Software 4.x and 5.x
before 5.1.7 and 6.x before 6.0.1 and TE Software
4.x and 6.0 allow remote authenticated users to
execute arbitrary commands by using the
commands as arguments to tshell (aka tcsh)
scripts, aka Bug ID CSCue60202.
2014-05-02 9.0 CVE-2014-2170
cisco --
telepresence_tc_software
Heap-based buffer overflow in Cisco
TelePresence TC Software 4.x through 6.x before
6.0.1 and TE Software 4.x and 6.0.x before 6.0.2
allows remote attackers to execute arbitrary
code via crafted SIP packets, aka Bug ID
CSCud81796.
2014-05-02 10.0 CVE-2014-2171
cisco --
telepresence_tc_software
Cisco TelePresence TC Software 4.x and 5.x and
TE Software 4.x and 6.0 do not properly restrict
access to the serial port, which allows local users
to gain privileges via unspecified commands, aka
Bug ID CSCub67692.
2014-05-02 7.2 CVE-2014-2173
cisco --
telepresence_tc_software
Cisco TelePresence TC Software 4.x and 5.x and
TE Software 4.x and 6.0 allow remote attackers
to cause a denial of service (memory
consumption) via crafted H.225 packets, aka Bug
ID CSCtq78849.
2014-05-02 7.8 CVE-2014-2175
citrix --
netscaler_access_gateway
_firmware
Unspecified vulnerability in the Diffie-Hellman
key agreement implementation in the
management GUI Java applet in Citrix NetScaler
Application Delivery Controller (ADC) and
NetScaler Gateway before 9.3-66.5 and 10.x
before 10.1-122.17 has unknown impact and
vectors.
2014-05-01 7.5 CVE-2014-2881
citrix --
netscaler_access_gateway
_firmware
Unspecified vulnerability in the management
GUI in Citrix NetScaler Application Delivery
Controller (ADC) and NetScaler Gateway before
9.3-66.5 and 10.x before 10.1-122.17 has
unspecified impact and vectors, related to
certificate validation.
2014-05-01 7.5 CVE-2014-2882
debian -- dpkg Directory traversal vulnerability in the unpacking
functionality in dpkg before 1.15.9, 1.16.x before
1.16.13, and 1.17.x before 1.17.8 allows remote
attackers to write arbitrary files via a crafted
source package, related to "C-style filename
quoting."
2014-04-30 9.3 CVE-2014-0471
fortinet --
fortiauthenticator
FortiGuard FortiAuthenticator before 3.0 allows
remote administrators to gain privileges via the
command line interface.
2014-04-30 9.0 CVE-2013-6990
fortinet -- fortiweb CRLF injection vulnerability in FortiGuard
FortiWeb before 5.0.3 allows remote attackers to
inject arbitrary HTTP headers and conduct HTTP
response splitting attacks via unspecified
vectors.
2014-04-30 7.5 CVE-2014-1956
google -- android Android before 4.4 does not properly arrange for
seeding of the OpenSSL PRNG, which makes it
easier for attackers to defeat cryptographic
protection mechanisms by leveraging use of the
PRNG within multiple applications.
2014-04-29 7.5 CVE-2013-7373
google -- chrome Google V8, as used in Google Chrome before
34.0.1847.131 on Windows and OS X and before
34.0.1847.132 on Linux, does not properly store
internationalization metadata, which allows
remote attackers to bypass intended access
restrictions by leveraging "type confusion" and
reading property values, related to i18n.js and
runtime.cc.
2014-04-26 7.8 CVE-2014-1730
google -- chrome core/html/HTMLSelectElement.cpp in the DOM
implementation in Blink, as used in Google
Chrome before 34.0.1847.131 on Windows and
OS X and before 34.0.1847.132 on Linux, does
not properly check renderer state upon a focus
event, which allows remote attackers to cause a
denial of service or possibly have unspecified
other impact via vectors that leverage "type
confusion" for SELECT elements.
2014-04-26 7.5 CVE-2014-1731
google -- chrome Use-after-free vulnerability in
browser/ui/views/speech_recognition_bubble_v
2014-04-26 7.5 CVE-2014-1732
iews.cc in Google Chrome before 34.0.1847.131
on Windows and OS X and before 34.0.1847.132
on Linux allows remote attackers to cause a
denial of service or possibly have unspecified
other impact via an INPUT element that triggers
the presence of a Speech Recognition Bubble
window for an incorrect duration.
google -- chrome The PointerCompare function in codegen.cc in
Seccomp-BPF, as used in Google Chrome before
34.0.1847.131 on Windows and OS X and before
34.0.1847.132 on Linux, does not properly merge
blocks, which might allow remote attackers to
bypass intended sandbox restrictions by
leveraging renderer access.
2014-04-26 7.5 CVE-2014-1733
google -- chrome Multiple unspecified vulnerabilities in Google
Chrome before 34.0.1847.131 on Windows and
OS X and before 34.0.1847.132 on Linux allow
attackers to cause a denial of service or possibly
have other impact via unknown vectors.
2014-04-26 7.5 CVE-2014-1734
google -- chrome Multiple unspecified vulnerabilities in Google V8
before 3.24.35.33, as used in Google Chrome
before 34.0.1847.131 on Windows and OS X and
before 34.0.1847.132 on Linux, allow attackers to
cause a denial of service or possibly have other
impact via unknown vectors.
2014-04-26 7.5 CVE-2014-1735
igor_sysoev -- nginx The SPDY implementation in the
ngx_http_spdy_module module in nginx 1.5.10
before 1.5.11, when running on a 32-bit
platform, allows remote attackers to execute
arbitrary code via a crafted request.
2014-04-29 7.5 CVE-2014-0088
livetecs -- timeline Livetecs Timelive before 6.2.8 does not properly
restrict access to systemsetting.aspx, which
allows remote attackers to change
configurations and obtain the database
connection string and credentials via
unspecified vectors.
2014-04-28 7.5 CVE-2014-1217
livetecs -- timeline Unrestricted file upload vulnerability in the
Manage Project functionality in Livetecs Timelive
2014-04-28 7.5 CVE-2014-2042
before 6.5.1 allows remote authenticated users
to execute arbitrary code by uploading a file
with an executable extension, then accessing it
via a direct request to the file in a predictable
directory in Uploads/.
microsoft --
internet_explorer
Unspecified vulnerability in Microsoft Internet
Explorer 11 allows remote attackers to execute
arbitrary code with medium-integrity privileges
and bypass a sandbox protection mechanism via
unknown vectors, as demonstrated by ZDI
during a Pwn4Fun competition at CanSecWest
2014.
2014-04-27 7.5 CVE-2014-1762
microsoft --
internet_explorer
Use-after-free vulnerability in Microsoft Internet
Explorer 11 allows remote attackers to execute
arbitrary code and bypass a sandbox protection
mechanism via unspecified vectors, as
demonstrated by VUPEN during a Pwn2Own
competition at CanSecWest 2014.
2014-04-27 10.0 CVE-2014-1763
microsoft --
internet_explorer
Microsoft Internet Explorer 11 allows remote
attackers to execute arbitrary code and bypass a
sandbox protection mechanism by leveraging
"object confusion" in a broker process, as
demonstrated by VUPEN during a Pwn2Own
competition at CanSecWest 2014.
2014-04-27 10.0 CVE-2014-1764
microsoft --
internet_explorer
Multiple use-after-free vulnerabilities in
Microsoft Internet Explorer 11 allow remote
attackers to execute arbitrary code via
unspecified vectors, as demonstrated by
Sebastian Apelt and Andreas Schmidt during a
Pwn2Own competition at CanSecWest 2014.
2014-04-27 10.0 CVE-2014-1765
microsoft -- windows_8.1 Unspecified vulnerability in the kernel in
Microsoft Windows 8.1 allows local users to gain
privileges via unknown vectors, as demonstrated
by Sebastian Apelt and Andreas Schmidt during
a Pwn2Own competition at CanSecWest 2014.
2014-04-27 7.2 CVE-2014-1766
microsoft --
internet_explorer
Use-after-free vulnerability in VGX.DLL in
Microsoft Internet Explorer 6 through 11 allows
remote attackers to execute arbitrary code or
2014-04-27 10.0 CVE-2014-1776
cause a denial of service (memory corruption) via
unspecified vectors, as exploited in the wild in
April 2014.
mozilla -- firefox Multiple unspecified vulnerabilities in the
browser engine in Mozilla Firefox before 29.0,
Firefox ESR 24.x before 24.5, Thunderbird before
24.5, and SeaMonkey before 2.26 allow remote
attackers to cause a denial of service (memory
corruption and application crash) or possibly
execute arbitrary code via unknown vectors.
2014-04-30 10.0 CVE-2014-1518
mozilla -- firefox Multiple unspecified vulnerabilities in the
browser engine in Mozilla Firefox before 29.0
and SeaMonkey before 2.26 allow remote
attackers to cause a denial of service (memory
corruption and application crash) or possibly
execute arbitrary code via unknown vectors.
2014-04-30 10.0 CVE-2014-1519
mozilla -- firefox The
mozilla::dom::OscillatorNodeEngine::ComputeCu
stom function in the Web Audio subsystem in
Mozilla Firefox before 29.0 and SeaMonkey
before 2.26 allows remote attackers to execute
arbitrary code or cause a denial of service (out-
of-bounds read, memory corruption, and
application crash) via crafted content.
2014-04-30 10.0 CVE-2014-1522
mozilla -- firefox The nsXBLProtoImpl::InstallImplementation
function in Mozilla Firefox before 29.0, Firefox
ESR 24.x before 24.5, Thunderbird before 24.5,
and SeaMonkey before 2.26 does not properly
check whether objects are XBL objects, which
allows remote attackers to execute arbitrary
code or cause a denial of service (buffer
overflow) via crafted JavaScript code that
accesses a non-XBL object as if it were an XBL
object.
2014-04-30 10.0 CVE-2014-1524
mozilla -- firefox The mozilla::dom::TextTrack::AddCue function in
Mozilla Firefox before 29.0 and SeaMonkey
before 2.26 does not properly perform garbage
collection for Text Track Manager variables,
2014-04-30 9.3 CVE-2014-1525
which allows remote attackers to execute
arbitrary code or cause a denial of service (use-
after-free and heap memory corruption) via a
crafted VIDEO element in an HTML document.
mozilla -- firefox The sse2_composite_src_x888_8888 function in
Pixman, as used in Cairo in Mozilla Firefox 28.0
and SeaMonkey 2.25 on Windows, allows remote
attackers to execute arbitrary code or cause a
denial of service (out-of-bounds write and
application crash) by painting on a CANVAS
element.
2014-04-30 10.0 CVE-2014-1528
mozilla -- firefox The Web Notification API in Mozilla Firefox
before 29.0, Firefox ESR 24.x before 24.5,
Thunderbird before 24.5, and SeaMonkey before
2.26 allows remote attackers to bypass intended
source-component restrictions and execute
arbitrary JavaScript code in a privileged context
via a crafted web page for which
Notification.permission is granted.
2014-04-30 9.3 CVE-2014-1529
mozilla -- firefox Use-after-free vulnerability in the
nsGenericHTMLElement::GetWidthHeightForIma
ge function in Mozilla Firefox before 29.0, Firefox
ESR 24.x before 24.5, Thunderbird before 24.5,
and SeaMonkey before 2.26 allows remote
attackers to execute arbitrary code or cause a
denial of service (heap memory corruption) via
vectors involving an imgLoader object that is not
properly handled during an image-resize
operation.
2014-04-30 10.0 CVE-2014-1531
mozilla -- firefox Use-after-free vulnerability in the
nsHostResolver::ConditionallyRefreshRecord
function in libxul.so in Mozilla Firefox before
29.0, Firefox ESR 24.x before 24.5, Thunderbird
before 24.5, and SeaMonkey before 2.26 allows
remote attackers to execute arbitrary code or
cause a denial of service (heap memory
corruption) via vectors related to host resolution.
2014-04-30 10.0 CVE-2014-1532
openstack -- neutron The openvswitch-agent process in OpenStack 2014-04-28 9.0 CVE-2014-0187
Neutron 2013.1 before 2013.2.4 and 2014.1
before 2014.1.1 allows remote authenticated
users to bypass security group restrictions via an
invalid CIDR in a security group rule, which
prevents further rules from being applied.
papercut -- papercut_mf Unspecified vulnerability in the print release
functionality in PaperCut MF 14.1 (Build 26983)
has unknown impact and remote vectors,
related to embedded MFPs.
2014-04-28 7.5 CVE-2014-2657
phusion -- juvia Juvia uses the same secret key for all
installations, which allows remote attackers to
have unspecified impact by leveraging the secret
key in app/config/initializers/secret_token.rb,
related to cookies.
2014-04-29 7.5 CVE-2013-7134
python -- pillow Python Image Library (PIL) 1.1.7 and earlier and
Pillow 2.3 might allow remote attackers to
execute arbitrary commands via shell
metacharacters in unspecified vectors related to
CVE-2014-1932, possibly JpegImagePlugin.py.
2014-04-27 10.0 CVE-2014-3007
simplemachines --
simple_machines_forum
Simple Machines Forum (SMF) before 1.1.19 and
2.x before 2.0.6 allows remote attackers to
impersonate arbitrary users via multiple space
characters characters.
2014-04-29 7.5 CVE-2013-7235
simplemachines --
simple_machines_forum
Simple Machines Forum (SMF) 2.0.6, 1.1.19, and
earlier allows remote attackers to impersonate
arbitrary users via a Unicode homoglyph
character in a username.
2014-04-29 7.5 CVE-2013-7236
super_project -- super super.c in Super 3.30.0 does not check the return
value of the setuid function when the -F flag is
set, which allows local users to gain privileges
via unspecified vectors, aka an RLIMIT_NPROC
attack.
2014-04-30 7.2 CVE-2014-0470
unitrends --
enterprise_backup
Unitrends Enterprise Backup 7.3.0 allows remote
authenticated users to execute arbitrary
commands via shell metacharacters in the comm
parameter to recoveryconsole/bpl/snmpd.php.
2014-04-28 10.0 CVE-2014-3008
unitrends -- recoveryconsole/bpl/snmpd.php in Unitrends 2014-05-02 7.5 CVE-2014-3139
enterprise_backup Enterprise Backup 7.3.0 allows remote attackers
to bypass authentication by setting the auth
parameter to a certain string.
wdc --
arkeia_virtual_appliance
Directory traversal vulnerability in
opt/arkeia/wui/htdocs/index.php in the WD
Arkeia virtual appliance (AVA) with firmware
before 10.2.9 allows remote attackers to read
arbitrary files and execute arbitrary PHP code via
a ..././ (dot dot dot slash dot slash) in the lang
Cookie parameter, as demonstrated by a request
to login/doLogin.
2014-04-28 7.5 CVE-2014-2846
xcloner -- xcloner Multiple cross-site request forgery (CSRF)
vulnerabilities in XCloner Standalone 3.5 and
earlier allow remote attackers to hijack the
authentication of administrators for requests
that (1) change the administrator password via
the config task to index2.php or (2) when the
enable_db_backup and sql_mem options are
enabled, access the database backup
functionality via the dbbackup_comp parameter
in the generate action to index2.php. NOTE:
vector 2 might be a duplicate of CVE-2014-2340,
which is for the XCloner Wordpress plugin.
NOTE: remote attackers can leverage CVE-2014-
2996 with vector 2 to execute arbitrary
commands.
2014-04-25 7.6 CVE-2014-2579
xcloner -- xcloner XCloner Standalone 3.5 and earlier, when
enable_db_backup and sql_mem are enabled,
allows remote authenticated administrators to
execute arbitrary commands via shell
metacharacters in the dbbackup_comp
parameter in a generate action to index2.php.
NOTE: it is not clear whether this issue crosses
privilege boundaries, since administrators might
already have the privileges to execute code.
NOTE: this can be leveraged by remote attackers
using CVE-2014-2579.
2014-04-25 7.1 CVE-2014-2996
Medium Severity Vulnerabilities
The Primary Vendor --- Product
Description Date Published CVSSScore
The CVE Identity
apache -- harmony The engineNextBytes function in
classlib/modules/security/src/main/java/common/o
rg/apache/harmony/security/provider/crypto/SHA1
PRNG_SecureRandomImpl.java in the
SecureRandom implementation in Apache
Harmony through 6.0M3, as used in the Java
Cryptography Architecture (JCA) in Android before
4.4 and other products, when no seed is provided
by the user, uses an incorrect offset value, which
makes it easier for attackers to defeat cryptographic
protection mechanisms by leveraging the resulting
PRNG predictability, as exploited in the wild against
Bitcoin wallet applications in August 2013.
2014-04-29 5.0 CVE-2013-7372
basespace_ruby_sd
k_project --
basespace_ruby_sd
k
The put_call function in the API client
(api/api_client.rb) in the BaseSpace Ruby SDK (aka
bio-basespace-sdk) gem 0.1.7 for Ruby uses the
API_KEY on the command line, which allows remote
attackers to obtain sensitive information by listing
the processes.
2014-04-29 5.0 CVE-2013-7111
birebin --
birebin.com_app
The Birebin.com application for Android does not
verify X.509 certificates from SSL servers, which
allows man-in-the-middle attackers to spoof servers
and obtain sensitive information via a crafted
certificate.
2014-04-25 6.4 CVE-2014-2993
bluecoat --
content_analysis_sy
stem_software
The commandline interface in Blue Coat Content
Analysis System (CAS) 1.1 before 1.1.4.2 allows
remote administrators to execute arbitrary
2014-04-30 6.5 CVE-2014-2565
commands via unspecified vectors, related to
"command injection."
canonical -- update-
manager
DistUpgrade/DistUpgradeFetcherCore.py in Update
Manager before 1:0.87.31.1, 1:0.134.x before
1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x
before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5
on Ubuntu 8.04 through 11.10 does not verify the
GPG signature before extracting an upgrade tarball,
which allows man-in-the-middle attackers to (1)
create or overwrite arbitrary files via a directory
traversal attack using a crafted tar file, or (2) bypass
authentication via a crafted meta-release file.
2014-04-27 6.4 CVE-2011-3152
canonical --
ubuntu_linux
The Ubuntu Date and Time Indicator (aka indicator-
datetime) 13.10.0+13.10.x before
13.10.0+13.10.20131023.2-0ubuntu1.1 does not
properly restrict access to Evolution, which allows
local users to bypass the greeter screen restrictions
by clicking the date.
2014-05-01 4.6 CVE-2013-7374
cisco --
telepresence_tc_sof
tware
Buffer overflow in Cisco TelePresence TC Software
4.x and 5.x and TE Software 4.x and 6.0 allows local
users to gain privileges by leveraging improper
handling of the u-boot compiler flag for internal
executable files, aka Bug ID CSCub67693.
2014-05-02 6.6 CVE-2014-2172
cisco --
unified_contact_ce
nter_enterprise
The Document Management component in Cisco
Unified Contact Center Express does not properly
validate a parameter, which allows remote
authenticated users to upload files to arbitrary
pathnames via a crafted HTTP request, aka Bug ID
CSCun74133.
2014-04-29 4.0 CVE-2014-2180
cisco --
adaptive_security_a
ppliance_software
Cisco Adaptive Security Appliance (ASA) Software,
when DHCPv6 replay is configured, allows remote
attackers to cause a denial of service (device reload)
via a crafted DHCPv6 packet, aka Bug ID
CSCun45520.
2014-04-29 6.1 CVE-2014-2182
cisco --
asr_1001_router
The L2TP module in Cisco IOS XE 3.10S(.2) and
earlier on ASR 1000 routers allows remote
authenticated users to cause a denial of service (ESP
card reload) via a malformed L2TP packet, aka Bug
2014-04-29 6.3 CVE-2014-2183
ID CSCun09973.
cisco --
unified_communica
tions_manager
The IP Manager Assistant (IPMA) component in
Cisco Unified Communications Manager (Unified
CM) allows remote attackers to obtain sensitive
information via a crafted URL, aka Bug ID
CSCun74352.
2014-04-29 5.0 CVE-2014-2184
cisco --
unified_communica
tions_manager
The Call Detail Records (CDR) Management
component in Cisco Unified Communications
Manager (Unified CM) allows remote authenticated
users to obtain sensitive information by reading
extraneous fields in an HTML document, aka Bug ID
CSCun74374.
2014-04-29 4.0 CVE-2014-2185
cisco --
webex_meetings_s
erver
Cross-site request forgery (CSRF) vulnerability in the
web framework in Cisco WebEx Meetings Server
allows remote attackers to hijack the authentication
of arbitrary users, aka Bug ID CSCuj81777.
2014-04-30 6.8 CVE-2014-2186
coreftp -- core_ftp Core FTP Server 1.2 before build 515 allows remote
attackers to cause a denial of service (reachable
assertion and crash) via an AUTH SSL command
with malformed data, as demonstrated by pressing
the enter key twice.
2014-05-01 4.3 CVE-2014-1441
coreftp -- core_ftp Directory traversal vulnerability in Core FTP Server
1.2 before build 515 allows remote authenticated
users to determine the existence of arbitrary files
via a /../ sequence in an XCRC command.
2014-05-01 4.0 CVE-2014-1442
coreftp -- core_ftp Core FTP Server 1.2 before build 515 allows remote
authenticated users to obtain sensitive information
(password for the previous user) via a USER
command with a specific length, possibly related to
an out-of-bounds read.
2014-05-01 4.0 CVE-2014-1443
cybozu -- garoon Cybozu Garoon 3.0 through 3.7 SP3 allows remote
authenticated users to bypass intended access
restrictions and delete schedule information via
unspecified API calls.
2014-05-02 6.0 CVE-2014-1989
dompdf -- dompdf dompdf.php in dompdf before 0.6.1, when
DOMPDF_ENABLE_PHP is enabled, allows context-
dependent attackers to bypass chroot protections
2014-04-28 4.3 CVE-2014-2383
and read arbitrary files via a PHP protocol and
wrappers in the input_file parameter, as
demonstrated by a
php://filter/read=convert.base64-encode/resource
in the input_file parameter.
ecava -- integraxor Ecava IntegraXor before 4.1.4393 allows remote
attackers to read cleartext credentials for
administrative accounts via SELECT statements that
leverage the guest role.
2014-04-30 5.0 CVE-2014-0786
emc --
rsa_access_manage
r
The runtime WS component in the server in EMC
RSA Access Manager 6.1.3 before 6.1.3.39, 6.1.4
before 6.1.4.22, 6.2.0 before 6.2.0.11, and 6.2.1
before 6.2.1.03, when INFO logging is enabled,
allows local users to discover cleartext passwords
by reading log files.
2014-05-01 6.9 CVE-2014-0646
entity_reference_pr
oject --
entityreference
The Entity reference module 7.x-1.x before 7.x-1.1-
rc1 for Drupal allows remote attackers to read
private nodes titles by leveraging edit permissions
to a node that references a private node.
2014-04-29 4.3 CVE-2013-7066
fortinet -- fortiweb Cross-site scripting (XSS) vulnerability in FortiGuard
FortiWeb before 5.0.3 allows remote attackers to
inject arbitrary web script or HTML via unspecified
vectors.
2014-04-30 4.3 CVE-2014-1955
fortinet -- fortiweb FortiGuard FortiWeb before 5.0.3 allows remote
authenticated users to gain privileges via
unspecified vectors.
2014-04-30 6.5 CVE-2014-1957
gnome -- gnome-
shell
js/ui/screenShield.js in GNOME Shell (aka gnome-
shell) before 3.8 allows physically proximate
attackers to execute arbitrary commands by
leveraging an unattended workstation with the
keyboard focus on the Activities search.
2014-04-29 4.6 CVE-2013-7220
gnome -- gnome-
shell
The automatic screen lock functionality in GNOME
Shell (aka gnome-shell) before 3.10 does not
prevent access to the "Enter a Command" dialog,
which allows physically proximate attackers to
execute arbitrary commands by leveraging an
unattended workstation.
2014-04-29 4.6 CVE-2013-7221
gnustep -- base Tools/gdomap.c in gdomap in GNUstep Base 1.24.6
and earlier, when run in daemon mode, does not
properly handle the file descriptor for the logger,
which allows remote attackers to cause a denial of
service (abort) via an invalid request.
2014-04-28 4.3 CVE-2014-2980
ibm --
websphere_applicat
ion_server
IBM WebSphere Application Server (WAS) 8.x
before 8.0.0.9 and 8.5.x before 8.5.5.2 allows remote
attackers to read arbitrary files via a crafted URL.
2014-05-01 4.3 CVE-2014-0823
ibm --
websphere_applicat
ion_server
The Administrative Console in IBM WebSphere
Application Server (WAS) 8.x before 8.0.0.9 and
8.5.x before 8.5.5.2 allows remote authenticated
users to obtain sensitive information via a crafted
request.
2014-05-01 4.0 CVE-2014-0857
ibm --
websphere_applicat
ion_server
The web-server plugin in IBM WebSphere
Application Server (WAS) 7.x before 7.0.0.33, 8.x
before 8.0.0.9, and 8.5.x before 8.5.5.2, when POST
retries are enabled, allows remote attackers to
cause a denial of service (daemon crash) via
unspecified vectors.
2014-05-01 5.0 CVE-2014-0859
ibm --
websphere_applicat
ion_server
IBM WebSphere Application Server (WAS) Liberty
Profile 8.5.x before 8.5.5.2 allows remote attackers
to obtain sensitive information via a crafted
request.
2014-05-01 4.3 CVE-2014-0896
igniterealtime --
smack
The ServerTrustManager component in the Ignite
Realtime Smack XMPP API before 4.0.0-rc1 does not
verify basicConstraints and nameConstraints in
X.509 certificate chains from SSL servers, which
allows man-in-the-middle attackers to spoof servers
and obtain sensitive information via a crafted
certificate chain.
2014-04-30 5.8 CVE-2014-0363
igniterealtime --
smack
The ParseRoster component in the Ignite Realtime
Smack XMPP API before 4.0.0-rc1 does not verify
the from attribute of a roster-query IQ stanza, which
allows remote attackers to spoof IQ responses via a
crafted attribute.
2014-04-30 5.0 CVE-2014-0364
invitation_project --
invitation
The Invitation module 7.x-2.x for Drupal does not
properly check permissions, which allows remote
attackers to obtain sensitive information via
2014-04-29 5.0 CVE-2013-7063
unspecified default views.
joachim_noreiko --
flag_module
Cross-site scripting (XSS) vulnerability in the admin
page in the Flag module 7.x-3.x before 7.x-3.1 for
Drupal allows remote authenticated users with the
"Administer flags" permission to inject arbitrary
web script or HTML via the flag name.
2014-04-27 4.3 CVE-2013-4336
linux -- linux_kernel Off-by-one error in the bpf_jit_compile function in
arch/x86/net/bpf_jit_comp.c in the Linux kernel
before 3.1.8, when BPF JIT is enabled, allows local
users to cause a denial of service (system crash) or
possibly gain privileges via a long jump after a
conditional jump.
2014-04-26 4.6 CVE-2014-2889
litech --
router_advertiseme
nt_daemon
Directory traversal vulnerability in device-linux.c in
the router advertisement daemon (radvd) before
1.8.2 allows local users to overwrite arbitrary files,
and remote attackers to overwrite certain files, via a
.. (dot dot) in an interface name. NOTE: this can be
leveraged with a symlink to overwrite arbitrary files.
2014-04-27 6.4 CVE-2011-3602
litech --
router_advertiseme
nt_daemon
The router advertisement daemon (radvd) before
1.8.2 does not properly handle errors in the
privsep_init function, which causes the radvd
daemon to run as root and has an unspecified
impact.
2014-04-27 4.4 CVE-2011-3603
malcolm_nooning --
pirpc
The PlRPC module, possibly 0.2020 and earlier, for
Perl uses the Storable module, which allows remote
attackers to execute arbitrary code via a crafted
request, which is not properly handled when it is
deserialized.
2014-04-29 6.8 CVE-2013-7284
mediawiki --
mediawiki
Cross-site scripting (XSS) vulnerability in
includes/actions/InfoAction.php in MediaWiki
before 1.21.9 and 1.22.x before 1.22.6 allows
remote attackers to inject arbitrary web script or
HTML via the sort key in an info action.
2014-04-29 4.3 CVE-2014-2853
misli --
misli.com_app
The Misli.com application for Android does not
verify X.509 certificates from SSL servers, which
allows man-in-the-middle attackers to spoof servers
and obtain sensitive information via a crafted
certificate.
2014-04-25 6.4 CVE-2014-2992
mozilla -- firefox maintenservice_installer.exe in the Maintenance
Service Installer in Mozilla Firefox before 29.0 and
Firefox ESR 24.x before 24.5 on Windows allows
local users to gain privileges by placing a Trojan
horse DLL file into a temporary directory at an
unspecified point in the update process.
2014-04-30 6.9 CVE-2014-1520
mozilla -- firefox Heap-based buffer overflow in the read_u32
function in Mozilla Firefox before 29.0, Firefox ESR
24.x before 24.5, Thunderbird before 24.5, and
SeaMonkey before 2.26 allows remote attackers to
cause a denial of service (out-of-bounds read and
application crash) via a crafted JPEG image.
2014-04-30 4.3 CVE-2014-1523
mozilla -- firefox The XrayWrapper implementation in Mozilla Firefox
before 29.0 and SeaMonkey before 2.26 allows
user-assisted remote attackers to bypass intended
access restrictions via a crafted web site that is
visited in the debugger, leading to unwrapping
operations and calls to DOM methods on the
unwrapped objects.
2014-04-30 5.8 CVE-2014-1526
mozilla -- firefox Mozilla Firefox before 29.0 on Android allows
remote attackers to spoof the address bar via
crafted JavaScript code that uses DOM events to
prevent the reemergence of the actual address bar
after scrolling has taken it off of the screen.
2014-04-30 5.0 CVE-2014-1527
mozilla -- firefox The docshell implementation in Mozilla Firefox
before 29.0, Firefox ESR 24.x before 24.5,
Thunderbird before 24.5, and SeaMonkey before
2.26 allows remote attackers to trigger the loading
of a URL with a spoofed baseURI property, and
conduct cross-site scripting (XSS) attacks, via a
crafted web site that performs history navigation.
2014-04-30 4.3 CVE-2014-1530
neo4j -- neo4j Multiple cross-site request forgery (CSRF)
vulnerabilities in Neo4J 1.9.2 allow remote attackers
to hijack the authentication of administrators for
requests that execute arbitrary code, as
demonstrated by a request to (1)
db/data/ext/GremlinPlugin/graphdb/execute_scrip
t or (2) db/manage/server/console/.
2014-04-29 4.3 CVE-2013-7259
net-snmp -- net-
snmp
The perl_trapd_handler function in
perl/TrapReceiver/TrapReceiver.xs in Net-SNMP
5.7.3.pre3 and earlier, when using certain Perl
versions, allows remote attackers to cause a denial
of service (snmptrapd crash) via an empty
community string in an SNMP trap, which triggers a
NULL pointer dereference within the newSVpv
function in Perl.
2014-04-27 4.3 CVE-2014-2285
openjpeg --
openjpeg
OpenJPEG 1.5.1 allows remote attackers to obtain
sensitive information via unspecified vectors that
trigger a heap-based out-of-bounds read.
2014-04-27 5.0 CVE-2013-6053
openjpeg --
openjpeg
OpenJPEG 1.5.1 allows remote attackers to cause a
denial of service via unspecified vectors that trigger
NULL pointer dereferences, division-by-zero, and
other errors.
2014-04-27 6.4 CVE-2013-6887
openstack --
icehouse
The Sheepdog backend in OpenStack Image
Registry and Delivery Service (Glance) 2013.2 before
2013.2.4 and icehouse before icehouse-rc2 allows
remote authenticated users with permission to
insert or modify an image to execute arbitrary
commands via a crafted location.
2014-04-27 6.0 CVE-2014-0162
organic_groups_pr
oject --
organic_groups
The Organic Groups (OG) module 7.x-2.x before 7.x-
2.3 for Drupal allows remote attackers to bypass
access restriction and post to arbitrary groups via a
group audience field, as demonstrated by the
og_group_ref field.
2014-04-29 5.8 CVE-2013-7065
organic_groups_pr
oject --
organic_groups
The Organic Groups (OG) module 7.x-2.x before 7.x-
2.3 for Drupal allows remote authenticated users to
bypass group restrictions on nodes with all groups
set to optional input via an empty group field.
2014-04-29 4.9 CVE-2013-7068
papercut --
papercut_mf
Unspecified vulnerability in Papercut MF and NG
before 14.1 (Build 26983) allows attacker to cause a
denial of service via unknown vectors.
2014-04-28 5.0 CVE-2014-2658
php-fusion -- php-
fusion
Multiple cross-site scripting (XSS) vulnerabilities in
PHP-Fusion before 7.02.06 allow remote attackers
to inject arbitrary web script or HTML via the (1)
highlight parameter to forum/viewthread.php; or
remote authenticated users with certain
2014-04-29 4.3 CVE-2013-1804
permissions to inject arbitrary web script or HTML
via the (2) user_list or (3) user_types parameter to
messages.php; (4) message parameter to
infusions/shoutbox_panel/shoutbox_admin.php;
(5) message parameter to
administration/news.php; (6) panel_list parameter
to administration/panel_editor.php; (7) HTTP User
Agent string to administration/phpinfo.php; (8)
"__BBCODE__" parameter to
administration/bbcodes.php; errorMessage
parameter to (9) article_cats.php, (10)
download_cats.php, (11) news_cats.php, or (12)
weblink_cats.php in administration/, when error is
3; or (13) body or (14) body2 parameter to
administration/articles.php.
php-fusion -- php-
fusion
Multiple directory traversal vulnerabilities in PHP-
Fusion before 7.02.06 allow remote authenticated
users to include and execute arbitrary files via a ..
(dot dot) in the (1) user_theme parameter to
maincore.php; or remote authenticated
administrators to delete arbitrary files via the (2)
enable parameter to
administration/user_fields.php or (3) file parameter
to administration/db_backup.php.
2014-04-30 6.5 CVE-2013-1806
php-fusion -- php-
fusion
PHP-Fusion before 7.02.06 stores backup files with
predictable filenames in an unrestricted directory
under the web document root, which might allow
remote attackers to obtain sensitive information via
a direct request to the backup file in
administration/db_backups/.
2014-04-30 5.0 CVE-2013-1807
pocoproject --
poco_c++_libraries
The Poco::Net::X509Certificate::verify method in the
NetSSL library in POCO C++ Libraries before 1.4.6p4
allows man-in-the-middle attackers to spoof SSL
servers via crafted DNS PTR records that are
requested during comparison of a server name to a
wildcard domain name in an X.509 certificate.
2014-04-25 6.4 CVE-2014-0350
redhat --
enterprise_mrg
Cumin (aka MRG Management Console), as used in
Red Hat Enterprise MRG 2.5, uses the DES-based
crypt function to hash passwords, which makes it
2014-04-30 5.0 CVE-2013-6445
easier for attackers to obtain sensitive information
via a brute-force attack.
sap --
netweaver_softwar
e_lifecycle_manage
r
The Java Server Pages in the Software Lifecycle
Manager (SLM) in SAP NetWeaver allows remote
attackers to obtain sensitive information via a
crafted request, related to SAP Solution Manager
7.1.
2014-04-30 5.0 CVE-2014-3129
sap --
netweaver_abap_a
pplication_server
The ABAP Help documentation and translation
tools (BC-DOC-HLP) in Basis in SAP Netweaver ABAP
Application Server does not properly restrict access,
which allows local users to gain privileges and
execute ABAP instructions via crafted help
messages.
2014-04-30 4.6 CVE-2014-3130
sap --
profile_maintenanc
e
SAP Profile Maintenance does not properly restrict
access, which allows remote authenticated users to
obtain sensitive information via an unspecified RFC
function, related to SAP Solution Manager 7.1.
2014-04-30 4.0 CVE-2014-3131
sap --
background_proces
sing
SAP Background Processing does not properly
restrict access, which allows remote authenticated
users to obtain sensitive information via an
unspecified RFC function, related to SAP Solution
Manager 7.1.
2014-04-30 4.0 CVE-2014-3132
sap --
netweaver_java_ap
plication_server
SAP Netweaver Java Application Server does not
properly restrict access, which allows remote
attackers to obtain the list of SAP systems
registered on an SLD via an unspecified webdynpro,
related to SystemSelection.
2014-04-30 5.0 CVE-2014-3133
sap --
businessobjects
Cross-site scripting (XSS) vulnerability in the
InfoView application in SAP BusinessObjects allows
remote attackers to inject arbitrary web script or
HTML via unspecified vectors.
2014-04-30 4.3 CVE-2014-3134
simplemachines --
simple_machines_f
orum
Simple Machines Forum (SMF) before 1.1.19 and 2.x
before 2.0.6 allows remote attackers to conduct
clickjacking attacks via an X-Frame-Options header.
2014-04-29 4.3 CVE-2013-7234
southrivertech --
titan_ftp_server
Directory traversal vulnerability in the web interface
in Titan FTP Server before 10.40 build 1829 allows
remote attackers to copy an arbitrary user's home
2014-04-29 5.0 CVE-2014-1841
folder via a Move action with a .. (dot dot) in the src
parameter.
southrivertech --
titan_ftp_server
Directory traversal vulnerability in the web interface
in Titan FTP Server before 10.40 build 1829 allows
remote attackers to list all usernames via a Go
action with a .. (dot dot) in the search-bar value.
2014-04-29 5.0 CVE-2014-1842
southrivertech --
titan_ftp_server
Directory traversal vulnerability in the web interface
in Titan FTP Server before 10.40 build 1829 allows
remote attackers to obtain the property
information of an arbitrary home folder via a
Properties action with a .. (dot dot) in the src
parameter.
2014-04-29 5.0 CVE-2014-1843
tibco --
managed_file_trans
fer_command_cent
er
TIBCO Managed File Transfer Internet Server before
7.2.2, Managed File Transfer Command Center
before 7.2.2, Slingshot before 1.9.1, and Vault
before 1.0.1 allow remote attackers to obtain
sensitive information via a crafted HTTP request.
2014-04-30 5.0 CVE-2014-2545
transifex -- transifex Transifex command-line client before 0.9 does not
validate X.509 certificates, which allows man-in-
the-middle attackers to spoof a Transifex server via
an arbitrary certificate.
2014-05-01 4.3 CVE-2013-2073
transifex -- transifex Transifex command-line client before 0.10 does not
validate X.509 certificates for data transfer
connections, which allows man-in-the-middle
attackers to spoof a Transifex server via an arbitrary
certificate. NOTE: this vulnerability exists because of
an incomplete fix for CVE-2013-2073.
2014-05-01 4.3 CVE-2013-7110
ubercart -- ubercart Session fixation vulnerability in the Ubercart
module 6.x-2.x before 6.x-2.13 and 7.x-3.x before
7.x-3.6 for Drupal, when the "Log in new customers
after checkout" option is enabled, allows remote
attackers to hijack web sessions by leveraging
knowledge of the original session ID.
2014-04-29 6.8 CVE-2013-7302
vbulletin -- vbulletin Multiple cross-site scripting (XSS) vulnerabilities in
vBulletin 5.1.1 Alpha 9 allow remote attackers to
inject arbitrary web script or HTML via (1) the
PATH_INFO to privatemessage/new/, (2) the
folderid parameter to a private message in
2014-04-30 4.3 CVE-2014-3135
privatemessage/view, (3) a fragment indicator to
/help, or (4) the view parameter to a topic, as
demonstrated by a request to forum/anunturi-
importante/rst-power/67030-rst-admin-restore.
videowhisper --
videowhisper
Multiple cross-site scripting (XSS) vulnerabilities in
vwrooms\templates\logout.tpl.php in the
VideoWhisper Webcam plugins for Drupal 7.x allow
remote attackers to inject arbitrary web script or
HTML via the (1) module or (2) message parameter
to index.php.
2014-04-28 4.3 CVE-2014-2715
xen -- xen The vgic_distr_mmio_write function in the virtual
guest interrupt controller (GIC) distributor
(arch/arm/vgic.c) in Xen 4.4.x, when running on an
ARM system, allows local guest users to cause a
denial of service (NULL pointer dereference and
host crash) via unspecified vectors.
2014-04-28 5.5 CVE-2014-2986
xerox -- docushare SQL injection vulnerability in Xerox DocuShare
before 6.53 Patch 6 Hotfix 2, 6.6.1 Update 1before
Hotfix 24, and 6.6.1 Update 2 before Hotfix 3 allows
remote authenticated users to execute arbitrary
SQL commands via the PATH_INFO to
/docushare/dsweb/ResultBackgroundJobMultiple/.
NOTE: some of these details are obtained from third
party information.
2014-05-01 6.5 CVE-2014-3138
zarafa -- zarafa The ValidateUserLogon function in
provider/libserver/ECSession.cpp in Zarafa 5.00
before 7.1.8 beta2 allows remote attackers to cause
a denial of service (crash) via vectors related to "a
NULL pointer of the username."
2014-04-28 5.0 CVE-2014-0037
zarafa -- zarafa The ValidateUserLogon function in
provider/libserver/ECSession.cpp in Zarafa 7.1.8,
6.20.0, and earlier, when using certain build
conditions, allows remote attackers to cause a
denial of service (crash) via vectors related to "a
NULL pointer of the password."
2014-04-28 5.0 CVE-2014-0079
zlib -- pigz Race condition in pigz before 2.2.5 uses permissions
derived from the umask when compressing a file
before setting that file's permissions to match those
2014-04-27 4.4 CVE-2013-0296
of the original file, which might allow local users to
bypass intended access permissions while
compression is occurring.
Low Severity Vulnerabilities
The Primary Vendor --- Product
Description Date Published CVSSScore
The CVE Identity
ajenti -- ajenti Cross-site scripting (XSS) vulnerability in
plugins/main/content/js/ajenti.coffee in Eugene
Pankov Ajenti 1.2.13 allows remote authenticated
users to inject arbitrary web script or HTML via the
command field in the Cron functionality.
2014-04-30 3.5 CVE-2014-2260
blender -- blender The undo save quit routine in the kernel in Blender
2.5, 2.63a, and earlier allows local users to overwrite
arbitrary files via a symlink attack on the quit.blend
temporary file. NOTE: this issue might be a
regression of CVE-2008-1103.
2014-04-27 3.3 CVE-2010-5105
cybozu -- garoon The Phone Messages feature in Cybozu Garoon 2.0.0
through 3.7 SP2 allows remote authenticated users
to cause a denial of service (resource consumption)
via unspecified vectors.
2014-05-02 3.5 CVE-2014-1988
dkorunic --
pam_s/key
A certain Gentoo patch for the PAM S/Key module
does not properly clear credentials from memory,
which allows local users to obtain sensitive
information by reading system memory.
2014-04-28 2.1 CVE-2013-4285
freelance-it-
consultant --
eu_cookie_complia
Cross-site scripting (XSS) vulnerability in the EU
Cookie Compliance module 7.x-1.x before 7.x-1.12
for Drupal allows remote authenticated
2014-04-29 2.1 CVE-2013-7064
nce administrators with the "Administer EU Cookie
Compliance popup" permission to inject arbitrary
web script or HTML via unspecified configuration
values.
gnome --
gnome_display_ma
nager
GNOME Display Manager (gdm) 3.4.1 and earlier,
when disable-user-list is set to true, allows local
users to cause a denial of service (unable to login) by
pressing the cancel button after entering a user
name.
2014-04-29 2.1 CVE-2013-7273
ibm --
websphere_applica
tion_server
Cross-site scripting (XSS) vulnerability in the
Administration Console in IBM WebSphere
Application Server (WAS) 7.x before 7.0.0.33, 8.x
before 8.0.0.9, and 8.5.x before 8.5.5.2, and
WebSphere Virtual Enterprise 7.x before 7.0.0.5,
allows remote authenticated users to inject arbitrary
web script or HTML via a crafted URL.
2014-05-01 3.5 CVE-2013-6323
ibm --
tivoli_netcool/omni
bus
Cross-site scripting (XSS) vulnerability in
webtop/eventviewer/eventViewer.jsp in the Web
GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows
remote authenticated users to inject arbitrary web
script or HTML via a crafted URL, a different
vulnerability than CVE-2014-0942.
2014-05-01 3.5 CVE-2014-0941
ibm --
tivoli_netcool/omni
bus
Cross-site scripting (XSS) vulnerability in
webtop/eventviewer/eventViewer.jsp in the Web
GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows
remote authenticated users to inject arbitrary web
script or HTML via a crafted URL, a different
vulnerability than CVE-2014-0941.
2014-05-01 3.5 CVE-2014-0942
linux -- linux_kernel The Netlink implementation in the Linux kernel
through 3.14.1 does not provide a mechanism for
authorizing socket operations based on the opener
of a socket, which allows local users to bypass
intended access restrictions and modify network
configurations by using a Netlink socket for the (1)
stdout or (2) stderr of a setuid program.
2014-04-26 2.1 CVE-2014-0181
• Sources: http://nvd.nist.gov (For more information visit the National Vulnerabilities Database (NVD) which
contains a database of every vulnerability that has ever been published).
Uganda Communications Commission – UGCERTEmail: [email protected] Tel + 256 414 302 100/150 Toll Free: 0800 133 911
Website www.ug-cert.ug Face book / Twitter: UGCERT
