National Cyber Awareness System:
04/14/2014 06:09 AM EDT
Original release date: April 14, 2014
The US-CERT Cyber Security Bulletin provides a
summary of new vulnerabilities that have been
recorded by the National Institute of
Standards and Technology (NIST) National
Vulnerability Database (NVD) in the past week.
The NVD is sponsored by the Department
of Homeland Security (DHS) National
Cybersecurity and Communications Integration
Center (NCCIC) / United States Computer Emergency
Readiness Team (US-CERT). For modified or
updated entries, please visit the NVD, which contains historical
vulnerability information.
The vulnerabilities are based on the CVE
vulnerability naming standard and are organized
according to severity, determined by the Common Vulnerability Scoring
System (CVSS) standard. The division of high,
medium, and low severities correspond to the
following scores:
-
High
- Vulnerabilities will be labeled High severity
if they have a CVSS base score of 7.0 - 10.0
-
Medium -
Vulnerabilities will be labeled Medium severity
if they have a CVSS base score of 4.0 - 6.9
-
Low
- Vulnerabilities will be labeled Low severity
if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided
by organizations and efforts sponsored by US-CERT.
This information may include identifying
information, values, definitions, and related links.
Patch information is provided when available. Please
note that some of the information in the bulletins
is compiled from external, open source reports and
is not a direct result of US-CERT analysis.
High Vulnerabilities
Primary
Vendor -- Product |
Description |
Published |
CVSS Score |
Source
& Patch Info |
adobe --
adobe_air |
Buffer
overflow in Adobe Flash Player before
11.7.700.275 and 11.8.x through 13.0.x
before 13.0.0.182 on Windows and OS X and
before 11.2.202.350 on Linux, Adobe AIR
before 13.0.0.83 on Android, Adobe AIR SDK
before 13.0.0.83, and Adobe AIR SDK &
Compiler before 13.0.0.83 allows attackers
to execute arbitrary code via unspecified
vectors. |
2014-04-08 |
9.3 |
CVE-2014-0507 |
advanced_forum_signatures_project
-- advanced_forum_signatures |
Multiple
SQL injection vulnerabilities in
signature.php in the Advanced Forum
Signatures (aka afsignatures) plugin 2.0.4
for MyBB allow remote attackers to execute
arbitrary SQL commands via the (1) afs_type,
(2) afs_background, (3) afs_showonline, (4)
afs_bar_left, (5) afs_bar_center, (6)
afs_full_line1, (7) afs_full_line2, (8)
afs_full_line3, (9) afs_full_line4, (10)
afs_full_line5, or (11) afs_full_line6
parameter. NOTE: the provenance of this
information is unknown; the details are
obtained solely from third party
information. |
2014-04-08 |
7.5 |
CVE-2011-5277 |
advanced_forum_signatures_project
-- advanced_forum_signatures |
SQL
injection vulnerability in signature.php in
Advanced Forum Signatures plugin (aka
afsignatures) 2.0.4 for MyBB allows remote
attackers to execute arbitrary SQL commands
via the afs_bar_right parameter. |
2014-04-08 |
7.5 |
CVE-2011-5278 |
cacti --
cacti |
SQL
injection vulnerability in graph_xport.php
in Cacti 0.8.8b allows remote attackers to
execute arbitrary SQL commands via
unspecified vectors. |
2014-04-10 |
7.5 |
CVE-2014-2708 |
cisco --
adaptive_security_appliance_software |
Cisco
Adaptive Security Appliance (ASA) Software
8.2 before 8.2(5.47), 8.4 before 8.4(7.5),
8.7 before 8.7(1.11), 9.0 before 9.0(3.10),
and 9.1 before 9.1(3.4) allows remote
authenticated users to gain privileges by
leveraging level-0 ASDM access, aka Bug ID
CSCuj33496. |
2014-04-10 |
8.5 |
CVE-2014-2126 |
cisco --
adaptive_security_appliance_software |
Cisco
Adaptive Security Appliance (ASA) Software
8.x before 8.2(5.48), 8.3 before 8.3(2.40),
8.4 before 8.4(7.9), 8.6 before 8.6(1.13),
9.0 before 9.0(4.1), and 9.1 before 9.1(4.3)
does not properly process management-session
information during privilege validation for
SSL VPN portal connections, which allows
remote authenticated users to gain
privileges by establishing a Clientless SSL
VPN session and entering crafted URLs, aka
Bug ID CSCul70099. |
2014-04-10 |
8.5 |
CVE-2014-2127 |
cisco --
adaptive_security_appliance_software |
The
SIP inspection engine in Cisco Adaptive
Security Appliance (ASA) Software 8.2 before
8.2(5.48), 8.4 before 8.4(6.5), 9.0 before
9.0(3.1), and 9.1 before 9.1(2.5) allows
remote attackers to cause a denial of
service (memory consumption or device
reload) via crafted SIP packets, aka Bug ID
CSCuh44052. |
2014-04-10 |
7.1 |
CVE-2014-2129 |
clip-bucket
-- clipbucket |
Multiple
SQL injection vulnerabilities in the
update_counter function in
includes/functions.php in ClipBucket 2.6
allow remote attackers to execute arbitrary
SQL commands via the time parameter to (1)
videos.php or (2) channels.php. NOTE: some
of these details are obtained from third
party information. |
2014-04-08 |
7.5 |
CVE-2012-6643 |
erlang-solutions
-- mongooseim |
Erlang
Solutions MongooseIM through 1.3.1 rev. 2
does not properly restrict the processing of
compressed XML elements, which allows remote
attackers to cause a denial of service
(resource consumption) via a crafted XMPP
stream, aka an "xmppbomb" attack. |
2014-04-10 |
7.8 |
CVE-2014-2829 |
google
-- chrome |
Cross-site
scripting (XSS) vulnerability in the
Runtime_SetPrototype function in runtime.cc
in Google V8, as used in Google Chrome
before 34.0.1847.116, allows remote
attackers to inject arbitrary web script or
HTML via unspecified vectors, aka "Universal
XSS (UXSS)." |
2014-04-09 |
7.5 |
CVE-2014-1716 |
google
-- chrome |
Google
V8, as used in Google Chrome before
34.0.1847.116, does not properly use numeric
casts during handling of typed arrays, which
allows remote attackers to cause a denial of
service (out-of-bounds array access) or
possibly have unspecified other impact via
crafted JavaScript code. |
2014-04-09 |
7.5 |
CVE-2014-1717 |
google
-- chrome |
Integer
overflow in the
SoftwareFrameManager::SwapToNewFrame
function in
content/browser/renderer_host/software_frame_manager.cc
in the software compositor in Google Chrome
before 34.0.1847.116 allows remote attackers
to cause a denial of service or possibly
have unspecified other impact via vectors
that trigger an attempted mapping of a large
amount of renderer memory. |
2014-04-09 |
7.5 |
CVE-2014-1718 |
google
-- chrome |
Use-after-free
vulnerability in the
WebSharedWorkerStub::OnTerminateWorkerContext
function in
content/worker/websharedworker_stub.cc in
the Web Workers implementation in Google
Chrome before 34.0.1847.116 allows remote
attackers to cause a denial of service (heap
memory corruption) or possibly have
unspecified other impact via vectors that
trigger a SharedWorker termination during
script loading. |
2014-04-09 |
7.5 |
CVE-2014-1719 |
google
-- chrome |
Use-after-free
vulnerability in the
HTMLBodyElement::insertedInto function in
core/html/HTMLBodyElement.cpp in Blink, as
used in Google Chrome before 34.0.1847.116,
allows remote attackers to cause a denial of
service or possibly have unspecified other
impact via vectors involving attributes. |
2014-04-09 |
7.5 |
CVE-2014-1720 |
google
-- chrome |
Google
V8, as used in Google Chrome before
34.0.1847.116, does not properly implement
lazy deoptimization, which allows remote
attackers to cause a denial of service
(memory corruption) or possibly have
unspecified other impact via crafted
JavaScript code, as demonstrated by improper
handling of a heap allocation of a number
outside the Small Integer (aka smi) range. |
2014-04-09 |
7.5 |
CVE-2014-1721 |
google
-- chrome |
Use-after-free
vulnerability in the
RenderBlock::addChildIgnoringAnonymousColumnBlocks
function in core/rendering/RenderBlock.cpp
in Blink, as used in Google Chrome before
34.0.1847.116, allows remote attackers to
cause a denial of service or possibly have
unspecified other impact via vectors
involving addition of a child node. |
2014-04-09 |
7.5 |
CVE-2014-1722 |
google
-- chrome |
The
UnescapeURLWithOffsetsImpl function in
net/base/escape.cc in Google Chrome before
34.0.1847.116 does not properly handle
bidirectional Internationalized Resource
Identifiers (IRIs), which makes it easier
for remote attackers to spoof URLs via
crafted use of right-to-left (RTL) Unicode
text. |
2014-04-09 |
7.5 |
CVE-2014-1723 |
google
-- chrome |
Use-after-free
vulnerability in Free(b)soft Laboratory
Speech Dispatcher 0.7.1, as used in Google
Chrome before 34.0.1847.116, allows remote
attackers to cause a denial of service
(application hang) or possibly have
unspecified other impact via a
text-to-speech request. |
2014-04-09 |
7.5 |
CVE-2014-1724 |
google
-- chrome |
Use-after-free
vulnerability in
content/renderer/renderer_webcolorchooser_impl.h
in Google Chrome before 34.0.1847.116 allows
remote attackers to cause a denial of
service or possibly have unspecified other
impact via vectors related to forms. |
2014-04-09 |
7.5 |
CVE-2014-1727 |
google
-- chrome |
Multiple
unspecified vulnerabilities in Google Chrome
before 34.0.1847.116 allow attackers to
cause a denial of service or possibly have
other impact via unknown vectors. |
2014-04-09 |
7.5 |
CVE-2014-1728 |
google
-- chrome |
Multiple
unspecified vulnerabilities in Google V8
before 3.24.35.22, as used in Google Chrome
before 34.0.1847.116, allow attackers to
cause a denial of service or possibly have
other impact via unknown vectors. |
2014-04-09 |
7.5 |
CVE-2014-1729 |
igniterealtime
-- openfire |
Ignite
Realtime Openfire before 3.9.2 does not
properly restrict the processing of
compressed XML elements, which allows remote
attackers to cause a denial of service
(resource consumption) via a crafted XMPP
stream, aka an "xmppbomb" attack. |
2014-04-10 |
7.8 |
CVE-2014-2741 |
isode --
m-link |
Isode
M-Link before 16.0v7 does not properly
restrict the processing of compressed XML
elements, which allows remote attackers to
cause a denial of service (resource
consumption) via a crafted XMPP stream, aka
an "xmppbomb" attack. |
2014-04-10 |
7.8 |
CVE-2014-2742 |
lightwitch
-- metronome |
plugins/mod_compression.lua
in Lightwitch Metronome through 3.4 does not
properly restrict the processing of
compressed XML elements, which allows remote
attackers to cause a denial of service
(resource consumption) via a crafted XMPP
stream, aka an "xmppbomb" attack. |
2014-04-10 |
7.8 |
CVE-2014-2743 |
lightwitch
-- metronome |
plugins/mod_compression.lua
in (1) Prosody before 0.9.4 and (2)
Lightwitch Metronome through 3.4 negotiates
stream compression while a session is
unauthenticated, which allows remote
attackers to cause a denial of service
(resource consumption) via compressed XML
elements in an XMPP stream, aka an
"xmppbomb" attack. |
2014-04-10 |
7.8 |
CVE-2014-2744 |
microsoft
-- internet_explorer |
Microsoft
Internet Explorer 9 allows remote attackers
to execute arbitrary code or cause a denial
of service (memory corruption) via a crafted
web site, aka "Internet Explorer Memory
Corruption Vulnerability," a different
vulnerability than CVE-2014-1751 and
CVE-2014-1755. |
2014-04-08 |
9.3 |
CVE-2014-0235 |
microsoft
-- internet_explorer |
Microsoft
Internet Explorer 9 allows remote attackers
to execute arbitrary code or cause a denial
of service (memory corruption) via a crafted
web site, aka "Internet Explorer Memory
Corruption Vulnerability," a different
vulnerability than CVE-2014-0235 and
CVE-2014-1755. |
2014-04-08 |
9.3 |
CVE-2014-1751 |
microsoft
-- internet_explorer |
Microsoft
Internet Explorer 6 and 7 allows remote
attackers to execute arbitrary code or cause
a denial of service (memory corruption) via
a crafted web site, aka "Internet Explorer
Memory Corruption Vulnerability." |
2014-04-08 |
9.3 |
CVE-2014-1752 |
microsoft
-- internet_explorer |
Microsoft
Internet Explorer 6 through 9 allows remote
attackers to execute arbitrary code or cause
a denial of service (memory corruption) via
a crafted web site, aka "Internet Explorer
Memory Corruption Vulnerability." |
2014-04-08 |
9.3 |
CVE-2014-1753 |
microsoft
-- internet_explorer |
Microsoft
Internet Explorer 9 allows remote attackers
to execute arbitrary code or cause a denial
of service (memory corruption) via a crafted
web site, aka "Internet Explorer Memory
Corruption Vulnerability," a different
vulnerability than CVE-2014-0235 and
CVE-2014-1751. |
2014-04-08 |
9.3 |
CVE-2014-1755 |
microsoft
-- office_compatibility_pack |
Microsoft
Word 2007 SP3 and 2010 SP1 and SP2, and
Office Compatibility Pack SP3, allocates
memory incorrectly for file conversions from
a binary (aka .doc) format to a newer
format, which allows remote attackers to
execute arbitrary code via a crafted
document, aka "Microsoft Office File Format
Converter Vulnerability." |
2014-04-08 |
9.3 |
CVE-2014-1757 |
microsoft
-- word |
Stack-based
buffer overflow in Microsoft Word 2003 SP3
allows remote attackers to execute arbitrary
code via a crafted document, aka "Microsoft
Word Stack Overflow Vulnerability." |
2014-04-08 |
9.3 |
CVE-2014-1758 |
microsoft
-- publisher |
pubconv.dll
in Microsoft Publisher 2003 SP3 and 2007 SP3
allows remote attackers to execute arbitrary
code or cause a denial of service (incorrect
pointer dereference and application crash)
via a crafted .pub file, aka "Arbitrary
Pointer Dereference Vulnerability." |
2014-04-08 |
9.3 |
CVE-2014-1759 |
microsoft
-- internet_explorer |
Microsoft
Internet Explorer 11 allows remote attackers
to execute arbitrary code or cause a denial
of service (memory corruption) via a crafted
web site, aka "Internet Explorer Memory
Corruption Vulnerability." |
2014-04-08 |
9.3 |
CVE-2014-1760 |
pearson
--
esis_enterprise_student_information_system |
SQL
injection vulnerability in the password
reset functionality in Pearson eSIS
Enterprise Student Information System,
possibly 3.3.0.13 and earlier, allows remote
attackers to execute arbitrary SQL commands
via the new password. |
2014-04-10 |
7.5 |
CVE-2014-1455 |
prosody
-- prosody |
Prosody
before 0.9.4 does not properly restrict the
processing of compressed XML elements, which
allows remote attackers to cause a denial of
service (resource consumption) via a crafted
XMPP stream, aka an "xmppbomb" attack,
related to core/portmanager.lua and
util/xmppstream.lua. |
2014-04-10 |
7.8 |
CVE-2014-2745 |
sap --
bi_universal_data_integration |
SQL
injection vulnerability in SAP BI Universal
Data Integration allows remote attackers to
execute arbitrary SQL commands via
unspecified vectors, related to the J2EE
schema. |
2014-04-10 |
7.5 |
CVE-2013-7355 |
sap --
adminadapter |
Unspecified
vulnerability in SAP adminadapter allows
remote attackers to read or write to
arbitrary files via unknown vectors. |
2014-04-10 |
7.5 |
CVE-2013-7360 |
sap --
ccms_agent |
An
unspecified RFC function in SAP CCMS Agent
allows remote attackers to execute arbitrary
commands via unknown vectors. |
2014-04-10 |
7.5 |
CVE-2013-7362 |
sap --
solution_manager |
Unspecified
vulnerability in the Diagnostics (SMD) agent
in SAP Solution Manager allows remote
attackers to obtain sensitive information,
modify the configuration of applications,
and install or remove applications via
vectors involving the P4 protocol. |
2014-04-10 |
7.5 |
CVE-2013-7363 |
sap --
netweaver |
An
unspecified J2EE core service in the J2EE
Engine in SAP NetWeaver does not properly
restrict access, which allows remote
attackers to read and write to arbitrary
files via unknown vectors. |
2014-04-10 |
7.5 |
CVE-2013-7364 |
sap --
enterprise_portal |
SAP
Enterprise Portal does not properly restrict
access to the Federation configuration
pages, which allows remote attackers to gain
privileges via unspecified vectors. |
2014-04-10 |
7.5 |
CVE-2013-7367 |
sap --
enhancement_package |
The
Security Audit Log facility in SAP
Enhancement Package (EHP) 6 for SAP ERP 6.0
allows remote attackers to modify or delete
arbitrary log classes via unspecified
vectors. NOTE: some of these details are
obtained from third party information. |
2014-04-10 |
7.5 |
CVE-2014-2748 |
sap --
print_and_output_management |
SAP
Print and Output Management has hardcoded
credentials, which makes it easier for
remote attackers to obtain access via
unspecified vectors. |
2014-04-10 |
7.5 |
CVE-2014-2751 |
sap --
business_object_processing_framework_for_abap |
SAP
Business Object Processing Framework (BOPF)
for ABAP has hardcoded credentials, which
makes it easier for remote attackers to
obtain access via unspecified vectors. |
2014-04-10 |
7.5 |
CVE-2014-2752 |
tibco --
rendezvous |
Buffer
overflow in the Rendezvous Daemon (rvd),
Rendezvous Routing Daemon (rvrd), Rendezvous
Secure Daemon (rvsd), and Rendezvous Secure
Routing Daemon (rvsrd) in TIBCO Rendezvous
before 8.4.2, Messaging Appliance before
8.7.1, and Substation ES before 2.8.1 allows
remote attackers to execute arbitrary code
by leveraging access to a directly connected
client and transmitting crafted data. |
2014-04-08 |
7.5 |
CVE-2014-2543 |
tibco --
analyst |
Unspecified
vulnerability in Spotfire Web Player Engine,
Spotfire Desktop, and Spotfire Server
Authentication Module in TIBCO Spotfire
Server 3.3.x before 3.3.4, 4.5.x before
4.5.1, 5.0.x before 5.0.2, 5.5.x before
5.5.1, and 6.x before 6.0.2; Spotfire
Professional 4.0.x before 4.0.4, 4.5.x
before 4.5.2, 5.0.x before 5.0.2, 5.5.x
before 5.5.1, and 6.x before 6.0.1; Spotfire
Web Player 4.0.x before 4.0.4, 4.5.x before
4.5.2, 5.0.x before 5.0.2, 5.5.x before
5.5.1, and 6.x before 6.0.1; Spotfire
Automation Services 4.0.x before 4.0.4,
4.5.x before 4.5.2, 5.0.x before 5.0.2,
5.5.x before 5.5.1, and 6.x before 6.0.1;
Spotfire Deployment Kit 4.0.x before 4.0.4,
4.5.x before 4.5.2, 5.0.x before 5.0.2,
5.5.x before 5.5.1, and 6.x before 6.0.1;
Spotfire Desktop 6.x before 6.0.1; and
Spotfire Analyst 6.x before 6.0.1 allows
remote attackers to execute arbitrary code
via unknown vectors. |
2014-04-09 |
7.5 |
CVE-2014-2544 |
tigase
-- tigase |
net/IOService.java
in Tigase before 5.2.1 does not properly
restrict the processing of compressed XML
elements, which allows remote attackers to
cause a denial of service (resource
consumption) via a crafted XMPP stream, aka
an "xmppbomb" attack. |
2014-04-10 |
7.8 |
CVE-2014-2746 |
Back to top
Medium Vulnerabilities
Primary
Vendor -- Product |
Description |
Published |
CVSS Score |
Source
& Patch Info |
adobe -- adobe_air |
Adobe
Flash Player before 11.7.700.275 and 11.8.x
through 13.0.x before 13.0.0.182 on Windows
and OS X and before 11.2.202.350 on Linux,
Adobe AIR before 13.0.0.83 on Android, Adobe
AIR SDK before 13.0.0.83, and Adobe AIR SDK
& Compiler before 13.0.0.83 allow
attackers to bypass intended access
restrictions and obtain sensitive
information via unspecified vectors. |
2014-04-08 |
5.0 |
CVE-2014-0508 |
adobe -- adobe_air |
Cross-site
scripting (XSS) vulnerability in Adobe Flash
Player before 11.7.700.275 and 11.8.x
through 13.0.x before 13.0.0.182 on Windows
and OS X and before 11.2.202.350 on Linux,
Adobe AIR before 13.0.0.83 on Android, Adobe
AIR SDK before 13.0.0.83, and Adobe AIR SDK
& Compiler before 13.0.0.83 allows
remote attackers to inject arbitrary web
script or HTML via unspecified vectors. |
2014-04-08 |
4.3 |
CVE-2014-0509 |
cisco --
adaptive_security_appliance_software |
The
SSL VPN implementation in Cisco Adaptive
Security Appliance (ASA) Software 8.2 before
8.2(5.47, 8.3 before 8.3(2.40), 8.4 before
8.4(7.3), 8.6 before 8.6(1.13), 9.0 before
9.0(3.8), and 9.1 before 9.1(3.2) allows
remote attackers to bypass authentication
via (1) a crafted cookie value within
modified HTTP POST data or (2) a crafted
URL, aka Bug ID CSCua85555. |
2014-04-10 |
5.0 |
CVE-2014-2128 |
cisco -- ons_15454 |
The
session-termination functionality on Cisco
ONS 15454 controller cards with software 9.6
and earlier does not initialize an
unspecified pointer, which allows remote
authenticated users to cause a denial of
service (card reset) via crafted
session-close actions, aka Bug ID
CSCug97416. |
2014-04-10 |
4.0 |
CVE-2014-2141 |
cisco -- ios_xr |
Cisco
IOS XR does not properly throttle ICMPv6
redirect packets, which allows remote
attackers to cause a denial of service (IPv4
and IPv6 transit outage) via crafted
redirect messages, aka Bug ID CSCum14266. |
2014-04-05 |
6.1 |
CVE-2014-2144 |
cisco -- unity_connection |
Directory
traversal vulnerability in the messaging API
in Cisco Unity Connection allows remote
authenticated users to read arbitrary files
via vectors related to unenforced access
constraints for .wav files and the
audio/x-wav MIME type, aka Bug ID
CSCun91071. |
2014-04-05 |
4.0 |
CVE-2014-2145 |
clip-bucket -- clipbucket |
Cross-site
scripting (XSS) vulnerability in ClipBucket
2.6 allows remote attackers to inject
arbitrary web script or HTML via the type
parameter to view_channel.php. NOTE: the
provenance of this information is unknown;
the details are obtained solely from third
party information. |
2014-04-08 |
4.3 |
CVE-2012-6642 |
clip-bucket -- clipbucket |
Multiple
cross-site scripting (XSS) vulnerabilities
in ClipBucket 2.6 allow remote attackers to
inject arbitrary web script or HTML via the
(1) cat parameter to channels.php, (2)
collections.php, (3) groups.php, or (4)
videos.php; (5) query parameter to
search_result.php; or (6) type parameter to
view_collection.php or (7) view_item.php. |
2014-04-08 |
4.3 |
CVE-2012-6644 |
cms_tree_page_view_project --
cms_tree_page_view |
Cross-site
scripting (XSS) vulnerability in the
cms_tpv_admin_head function in functions.php
in the CMS Tree Page View plugin before
0.8.9 for WordPress allows remote attackers
to inject arbitrary web script or HTML via
the cms_tpv_view parameter to
wp-admin/options-general.php. |
2014-04-07 |
4.3 |
CVE-2012-1834 |
danielb -- finder |
Cross-site
scripting (XSS) vulnerability in the Finder
module 6.x-1.x before 6.x-1.26, 7.x-1.x, and
7.x-2.x before 7.x-2.0-alpha8 for Drupal
allows remote attackers to inject arbitrary
web script or HTML via unspecified vectors
related to the "checkbox and radio button
functionalities." |
2014-04-08 |
4.3 |
CVE-2012-1561 |
danielb -- finder |
Cross-site
scripting (XSS) vulnerability in the
autocomplete functionality in the Finder
module 6.x-1.x before 6.x-1.26, 7.x-1.x, and
7.x-2.x before 7.x-2.0-alpha8 for Drupal
allows remote attackers to inject arbitrary
web script or HTML via the title of a node,
a different vulnerability than
CVE-2012-1561. |
2014-04-08 |
4.3 |
CVE-2012-6645 |
david_paleino -- wicd |
The
SetWiredProperty function in the D-Bus
interface in WICD before 1.7.2 allows local
users to write arbitrary configuration
settings and gain privileges via a crafted
property name in a dbus message. |
2014-04-07 |
6.9 |
CVE-2012-2095 |
dell --
openmanage_server_administrator |
Open
redirect vulnerability in Dell OpenManage
Server Administrator (OMSA) before 7.3.0
allows remote attackers to redirect users to
arbitrary web sites and conduct phishing
attacks via a URL in the file parameter to
HelpViewer. |
2014-04-10 |
5.8 |
CVE-2013-0740 |
dvs_custom_notification_project
-- dvs_custom_notification |
Multiple
cross-site request forgery (CSRF)
vulnerabilities in the DVS Custom
Notification plugin 1.0.1 and earlier for
WordPress allow remote attackers to hijack
the authentication of administrators for
requests that (1) change application
settings or (2) conduct cross-site scripting
(XSS) attacks. |
2014-04-10 |
6.8 |
CVE-2012-4921 |
fortinet -- fortiadc-1000e |
Cross-site
scripting (XSS) vulnerability in the web
administration interface in FortiADC with
firmware before 3.2.1 allows remote
attackers to inject arbitrary web script or
HTML via the locale parameter to gui_partA/. |
2014-04-10 |
4.3 |
CVE-2014-0331 |
google -- chrome |
The
base64DecodeInternal function in
wtf/text/Base64.cpp in Blink, as used in
Google Chrome before 34.0.1847.116, does not
properly handle string data composed
exclusively of whitespace characters, which
allows remote attackers to cause a denial of
service (out-of-bounds read) via a
window.atob method call. |
2014-04-09 |
5.0 |
CVE-2014-1725 |
google -- chrome |
The
drag implementation in Google Chrome before
34.0.1847.116 allows user-assisted remote
attackers to bypass the Same Origin Policy
and forge local pathnames by leveraging
renderer access. |
2014-04-09 |
4.3 |
CVE-2014-1726 |
horde -- groupware |
Cross-site
scripting (XSS) vulnerability in
js/compose-dimp.js in Horde Internet Mail
Program (IMP) before 5.0.24, as used in
Horde Groupware Webmail Edition before
4.0.9, allows remote attackers to inject
arbitrary web script or HTML via a crafted
name for an attached file, related to the
dynamic view. |
2014-04-05 |
4.3 |
CVE-2012-5565 |
horde -- groupware |
Multiple
cross-site scripting (XSS) vulnerabilities
in Horde Kronolith Calendar Application H4
before 3.0.17, as used in Horde Groupware
Webmail Edition before 4.0.8, allow remote
attackers to inject arbitrary web script or
HTML via the (1) tasks view or (2) search
view. |
2014-04-05 |
4.3 |
CVE-2012-5566 |
horde -- groupware |
Multiple
cross-site scripting (XSS) vulnerabilities
in Horde Kronolith Calendar Application H4
before 3.0.18, as used in Horde Groupware
Webmail Edition before 4.0.9, allow remote
attackers to inject arbitrary web script or
HTML via crafted event location parameters
in the (1) month, (2) monthlist, or (3)
prevmonthlist fields, related to portal
blocks. |
2014-04-05 |
4.3 |
CVE-2012-5567 |
horde -- groupware |
Cross-site
scripting (XSS) vulnerability in Horde
Internet Mail Program (IMP) before 5.0.22,
as used in Horde Groupware Webmail Edition
before 4.0.9, allows remote attackers to
inject arbitrary web script or HTML via a
crafted SVG image attachment, a different
vulnerability than CVE-2012-5565. |
2014-04-05 |
4.3 |
CVE-2012-6640 |
hp -- icewall_identity_manager |
Unspecified
vulnerability in HP IceWall Identity Manager
4.0 through SP1 and 5.0 and IceWall SSO 10.0
Password Reset Option, when Apache Commons
FileUpload is used, allows remote
authenticated users to cause a denial of
service via unknown vectors. |
2014-04-05 |
4.0 |
CVE-2014-2600 |
huawei -- echo_life |
Cross-site
scripting (XSS) vulnerability in the web
interface on Huawei Echo Life HG8247 routers
with software before V100R006C00SPC127
allows remote attackers to inject arbitrary
web script or HTML via an invalid TELNET
connection attempt with a crafted username
that is not properly handled during
construction of the "failed log-in attempts
over telnet" log view. |
2014-04-05 |
4.3 |
CVE-2014-0337 |
ibm -- optim_workload_replay |
Cross-site
scripting (XSS) vulnerability in IBM
InfoSphere Optim Workload Replay 1.1 allows
remote attackers to inject arbitrary web
script or HTML via a crafted URL. |
2014-04-05 |
4.3 |
CVE-2014-0827 |
ibm -- business_process_manager |
The
User Attribute implementation in IBM
Business Process Manager (BPM) 7.5.x through
7.5.1.2, 8.0.x through 8.0.1.2, and 8.5.x
through 8.5.0.1 does not verify
authorization for read or write access to
attribute values, which allows remote
authenticated users to obtain sensitive
information, configure e-mail notifications,
or modify task assignments via REST API
calls. |
2014-04-10 |
6.0 |
CVE-2014-0908 |
ibm -- spss_analytic_server |
IBM
SPSS Analytic Server 1.0 before IF002 and
1.0.1 before IF004 logs cleartext passwords,
which allows remote authenticated users to
obtain sensitive information via unspecified
vectors. |
2014-04-10 |
4.0 |
CVE-2014-0920 |
jeremy_massel --
underconstruction |
Cross-site
request forgery (CSRF) vulnerability in the
underConstruction plugin before 1.09 for
WordPress allows remote attackers to hijack
the authentication of administrators for
requests that deactivate a plugin via
unspecified vectors. |
2014-04-10 |
6.8 |
CVE-2013-2699 |
kernel -- linux-pam |
Multiple
directory traversal vulnerabilities in
pam_timestamp.c in the pam_timestamp module
for Linux-PAM (aka pam) 1.1.8 allow local
users to create aribitrary files or possibly
bypass authentication via a .. (dot dot) in
the (1) PAM_RUSER value to the get_ruser
function or (2) PAM_TTY value to the
check_tty funtion, which is used by the
format_timestamp_name function. |
2014-04-10 |
5.8 |
CVE-2014-2583 |
lee_howard -- hylafax+ |
Heap-based
buffer overflow in hfaxd in HylaFAX+ 5.2.4
through 5.5.3, when using LDAP
authentication, might allow remote attackers
to cause a denial of service (child hang) or
execute arbitrary code via a long USER
command. |
2014-04-06 |
6.8 |
CVE-2013-5680 |
lesterchan -- wp-postviews |
Cross-site
request forgery (CSRF) vulnerability in the
options admin page in the WP-PostViews
plugin before 1.63 for WordPress allows
remote attackers to hijack the
authentication of administrators for
requests that change plugin settings via
unspecified vectors. |
2014-04-10 |
6.8 |
CVE-2013-3252 |
microsoft -- windows_7 |
Untrusted
search path vulnerability in Microsoft
Windows XP SP2 and SP3, Windows Server 2003
SP2, Windows Vista SP2, Windows Server 2008
SP2 and R2 SP1, Windows 7 SP1, Windows 8,
Windows 8.1, Windows Server 2012 Gold and
R2, and Windows RT Gold and 8.1 allows local
users to gain privileges via a Trojan horse
cmd.exe file in the current working
directory, as demonstrated by a directory
that contains a .bat or .cmd file, aka
"Windows File Handling Vulnerability." |
2014-04-08 |
6.9 |
CVE-2014-0315 |
microsoft -- office |
The
XML parser in Microsoft Office 2007 SP3,
2010 SP1 and SP2, and 2013, and Office for
Mac 2011, does not properly detect recursion
during entity expansion, which allows remote
attackers to cause a denial of service
(memory consumption and persistent
application hang) via a crafted XML document
containing a large number of nested entity
references, as demonstrated by a crafted
text/plain e-mail message to Outlook, a
similar issue to CVE-2003-1564. |
2014-04-05 |
5.0 |
CVE-2014-2730 |
openssl -- openssl |
The
(1) TLS and (2) DTLS implementations in
OpenSSL 1.0.1 before 1.0.1g do not properly
handle Heartbeat Extension packets, which
allows remote attackers to obtain sensitive
information from process memory via crafted
packets that trigger a buffer over-read, as
demonstrated by reading private keys,
related to d1_both.c and t1_lib.c, aka the
Heartbleed bug. |
2014-04-07 |
5.0 |
CVE-2014-0160 |
prestashop -- prestashop |
Cross-site
scripting (XSS) vulnerability in
redirect.php in the Socolissimo module
(modules/socolissimo/) in PrestaShop before
1.4.7.2 allows remote attackers to inject
arbitrary web script or HTML via vectors
related to "parameter names and values." |
2014-04-07 |
4.3 |
CVE-2012-6641 |
prosody -- prosody |
Prosody
before 0.9.4, when mod_compression is
enabled, allows remote attackers to cause a
denial of service (resource consumption) via
compressed XML elements in an XMPP stream,
aka "zip bomb" attack. |
2014-04-10 |
4.3 |
CVE-2014-2750 |
qianqin -- qtranslate |
Cross-site
request forgery (CSRF) vulnerability in the
qTranslate plugin 2.5.34 and earlier for
WordPress allows remote attackers to hijack
the authentication of administrators for
requests that change plugin settings via
unspecified vectors. |
2014-04-10 |
6.8 |
CVE-2013-3251 |
redhat -- jboss_bpm_suite |
JBoss
Drools, Red Hat JBoss BRMS before 6.0.1, and
Red Hat JBoss BPM Suite before 6.0.1 allows
remote authenticated users to execute
arbitrary Java code via a (1) MVFLEX
Expression Language (MVEL) or (2) Drools
expression. |
2014-04-10 |
6.5 |
CVE-2013-6468 |
restful_web_services_project --
restws |
The
RESTful Web Services (RESTWS) module 7.x-1.x
before 7.x-1.3 and 7.x-2.x before
7.x-2.0-alpha5 for Drupal, when page caching
is enabled and anonymous users are assigned
RESTWS permissions, allows remote attackers
to cause a denial of service via a GET
request with an HTTP Accept header set to a
non-HTML type, which can "interfere with
Drupal's page cache." |
2014-04-06 |
4.3 |
CVE-2013-1946 |
rodrigo_polo --
stream_video_player |
Cross-site
request forgery (CSRF) vulnerability in the
Stream Video Player plugin 1.4.0 for
WordPress allows remote attackers to hijack
the authentication of administrators for
requests that change plugin settings via
unspecified vectors. |
2014-04-11 |
6.8 |
CVE-2013-2706 |
roundup-tracker -- roundup |
Cross-site
scripting (XSS) vulnerability in Roundup
before 1.4.20 allows remote attackers to
inject arbitrary web script or HTML via the
otk parameter. |
2014-04-10 |
4.3 |
CVE-2012-6132 |
sap -- ccms_/_database_monitor |
Unspecified
vulnerability in the SAP CCMS / Database
Monitors for Oracle allows attackers to
obtain the database password via unknown
vectors. |
2014-04-10 |
5.0 |
CVE-2013-7356 |
sap -- j2ee_engine |
Unspecified
vulnerability in the configuration service
in SAP J2EE Engine allows remote attackers
to obtain credential information via unknown
vectors. |
2014-04-10 |
5.0 |
CVE-2013-7357 |
sap --
guided_procedures_archive_monitor |
Unspecified
vulnerability in SAP Guided Procedures
Archive Monitor allows remote attackers to
obtain usernames, roles, profiles, and
possibly other identity information via
unknown vectors. |
2014-04-10 |
5.0 |
CVE-2013-7358 |
sap -- mobile_infrastructure |
Unspecified
vulnerability in SAP Mobile Infrastructure
allows remote attackers to obtain sensitive
port information via unknown vectors,
related to an "internal port scanning"
issue. |
2014-04-10 |
5.0 |
CVE-2013-7359 |
sap -- cm_services |
Directory
traversal vulnerability in SAP CMS and CM
Services allows attackers to upload
arbitrary files via unspecified vectors. |
2014-04-10 |
5.0 |
CVE-2013-7361 |
sap -- enterprise_portal |
Cross-site
scripting (XSS) vulnerability in SAP
Enterprise Portal allows remote attackers to
inject arbitrary web script or HTML via
unspecified parameters. |
2014-04-10 |
4.3 |
CVE-2013-7365 |
sap --
software_deployment_manager |
The
SAP Software Deployment Manager (SDM), in
certain unspecified conditions, allows
remote attackers to cause a denial of
service via vectors related to failed
authentications. |
2014-04-10 |
5.0 |
CVE-2013-7366 |
sap -- hana |
The
HANA ICM process in SAP HANA allows remote
attackers to obtain the platform version,
host name, instance number, and possibly
other sensitive information via a malformed
HTTP GET request. |
2014-04-10 |
5.0 |
CVE-2014-2749 |
silverstripe -- silverstripe |
Cross-site
scripting (XSS) vulnerability in the process
function in SSViewer.php in SilverStripe
before 2.3.13 and 2.4.x before 2.4.6 allows
remote attackers to inject arbitrary web
script or HTML via the QUERY_STRING to
template placeholders, as demonstrated by a
request to (1) admin/reports/, (2)
admin/comments/, (3) admin/, (4)
admin/show/, (5) admin/assets/, and (6)
admin/security/. |
2014-04-08 |
4.3 |
CVE-2011-4958 |
tibco -- rendezvous |
The
Rendezvous Daemon (rvd), Rendezvous Routing
Daemon (rvrd), Rendezvous Secure Daemon
(rvsd), and Rendezvous Secure Routing Daemon
(rvsrd) in TIBCO Rendezvous before 8.4.2,
Messaging Appliance before 8.7.1, and
Substation ES before 2.8.1 do not properly
implement access control, which allows
remote attackers to obtain sensitive
information or modify transmitted
information via unspecified vectors. |
2014-04-08 |
5.0 |
CVE-2014-2541 |
tibco -- rendezvous |
Cross-site
scripting (XSS) vulnerability in the
Rendezvous Daemon (rvd), Rendezvous Routing
Daemon (rvrd), Rendezvous Secure Daemon
(rvsd), and Rendezvous Secure Routing Daemon
(rvsrd) in TIBCO Rendezvous before 8.4.2,
Messaging Appliance before 8.7.1, and
Substation ES before 2.8.1 allows remote
attackers to inject arbitrary web script or
HTML via unspecified vectors. |
2014-04-08 |
4.3 |
CVE-2014-2542 |
wordpress -- wordpress |
WordPress
before 3.7.2 and 3.8.x before 3.8.2 allows
remote authenticated users to publish posts
by leveraging the Contributor role, related
to wp-admin/includes/post.php and
wp-admin/includes/class-wp-posts-list-table.php. |
2014-04-09 |
4.0 |
CVE-2014-0165 |
wordpress -- wordpress |
The
wp_validate_auth_cookie function in
wp-includes/pluggable.php in WordPress
before 3.7.2 and 3.8.x before 3.8.2 does not
properly determine the validity of
authentication cookies, which makes it
easier for remote attackers to obtain access
via a forged cookie. |
2014-04-09 |
6.4 |
CVE-2014-0166 |
wp-plugins -- wp-print |
Cross-site
request forgery (CSRF) vulnerability in the
Options in the WP-Print plugin before 2.52
for WordPress allows remote attackers to
hijack the authentication of administrators
for requests that manipulate plugin settings
via unspecified vectors. |
2014-04-10 |
6.8 |
CVE-2013-2693 |
znc -- znc-msvc |
The
CBounceDCCMod::OnPrivCTCP funcion in
bouncedcc.cpp in the bouncedcc module in ZNC
0.200 and 0.202 allows remote attackers to
cause a denial of service (crash) via a
crafted DCC RESUME request. |
2014-04-08 |
5.0 |
CVE-2012-0033 |
Back to top
Low Vulnerabilities
Primary
Vendor -- Product |
Description |
Published |
CVSS Score |
Source
& Patch Info |
cloudbees -- jenkins |
Cross-site
scripting (XSS) vulnerability in CloudBees
Jenkins before 1.514, LTS before 1.509.1,
and Enterprise 1.466.x before 1.466.14.1 and
1.480.x before 1.480.4.1 allows remote
authenticated users with write permission to
inject arbitrary web script or HTML via
unspecified vectors. |
2014-04-10 |
2.1 |
CVE-2013-2033 |
gnu -- a2ps |
The
tempname_ensure function lib/routines.h in
a2ps 4.14 and earlier, as used by the
spy_user function and possibly other
functions, allows local users to modify
arbitrary files via a symlink attack on a
temporary file. |
2014-04-05 |
2.1 |
CVE-2001-1593 |
Back to top
This product is provided subject to this Notification
and this Privacy
& Use policy.
STAY CONNECTED: |
|
SUBSCRIBER SERVICES:
This email was
sent to gera...@gmail.com using GovDelivery,
on behalf of: United States Computer Emergency
Readiness Team (US-CERT) · 245 Murray Lane SW
Bldg 410 · Washington, DC 20598 · (703) 235-5110 |
|
|