Weekly Vulnerabilities Reports > February 25 to March 3, 2013
Overview
24 new vulnerabilities reported during this period, including 4 critical vulnerabilities and 5 high severity vulnerabilities. This weekly summary report vulnerabilities in 28 products from 12 vendors including Cisco, Linux, IBM, Apple, and Microsoft. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Resource Management Errors", and "Improper Input Validation".
- 17 reported vulnerabilities are remotely exploitables.
- 5 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 21 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 7 reported vulnerabilities.
- Linux has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
4 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2013-02-27 | CVE-2013-0504 | Adobe Apple Microsoft Linux | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Player Buffer overflow in the broker service in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows attackers to execute arbitrary code via unspecified vectors. | 10.0 |
| 2013-03-01 | CVE-2013-0707 | Justsystems | Arbitrary Code Execution vulnerability in Multiple JustSystems Products Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file. | 9.3 |
| 2013-02-27 | CVE-2013-0648 | Adobe Apple Microsoft Linux | Remote Code Execution vulnerability in Adobe Flash Player Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013. | 9.3 |
| 2013-02-27 | CVE-2013-0643 | Adobe Apple Microsoft Linux | Permissions, Privileges, and Access Controls vulnerability in Adobe Flash Player The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013. | 9.3 |
5 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2013-02-27 | CVE-2013-1137 | Cisco | Buffer Errors vulnerability in Cisco Unified Presence Server 8.6/9.0/9.1 Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930. | 7.8 |
| 2013-02-27 | CVE-2013-1133 | Cisco | Improper Input Validation vulnerability in Cisco Unified Communications Manager Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 BE3k before 8.6(4) BE3k, and 9.x before 9.0(1) allows remote attackers to cause a denial of service (CPU consumption and GUI and voice outages) via malformed packets to unused UDP ports, aka Bug ID CSCtx43337. | 7.8 |
| 2013-02-27 | CVE-2013-0490 | IBM | Local Privilege Escalation vulnerability in IBM Infosphere Guardium 8.00 Unspecified vulnerability in IBM InfoSphere Guardium S-TAP 8.1 for DB2 on z/OS allows local users to gain privileges via unknown vectors. | 7.2 |
| 2013-02-27 | CVE-2013-1135 | Cisco | Improper Input Validation vulnerability in Cisco Prime Central for Hosted Collaboration Solution Assurance 8.6/9.0 Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.0 allows remote attackers to cause a denial of service (CPU consumption and monitoring outage) via malformed TLS messages to TCP port (1) 9043 or (2) 9443, aka Bug ID CSCuc07155. | 7.1 |
| 2013-02-27 | CVE-2013-1134 | Cisco | Improper Authentication vulnerability in Cisco Unified Communications Manager 9.0(1) The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920. | 7.1 |
12 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2013-02-27 | CVE-2012-5767 | IBM | Security Bypass vulnerability in IBM Ts3500 Tape Library and Ts3500 Tape Library Firmware Unspecified vulnerability in the web interface on the IBM TS3500 Tape Library with firmware before C260 allows remote authenticated users to gain privileges via unspecified vectors. | 6.5 |
| 2013-02-28 | CVE-2013-1141 | Cisco | Buffer Errors vulnerability in Cisco products The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a denial of service (device reload) via crafted mDNS packets, aka Bug ID CSCue04153. | 6.1 |
| 2013-02-28 | CVE-2013-1124 | Cisco Apple | Cryptographic Issues vulnerability in Cisco Network Admission Control The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309. | 5.8 |
| 2013-02-27 | CVE-2012-4842 | IBM | Resource Management Errors vulnerability in IBM Lotus Domino Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 5.8 |
| 2013-03-01 | CVE-2011-2479 | Linux | Resource Management Errors vulnerability in Linux Kernel The Linux kernel before 2.6.39 does not properly create transparent huge pages in response to a MAP_PRIVATE mmap system call on /dev/zero, which allows local users to cause a denial of service (system crash) via a crafted application. | 5.5 |
| 2013-03-01 | CVE-2013-0709 | Bayashi | Cross-Site Scripting vulnerability in Bayashi Dopvstar* 0091 Cross-site scripting (XSS) vulnerability in dopvSTAR* 0091 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display of the access log. | 4.3 |
| 2013-03-01 | CVE-2013-0708 | Bayashi | Cross-Site Scripting vulnerability in Bayashi Dopvcomet* 0009 Cross-site scripting (XSS) vulnerability in dopvCOMET* 0009b allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display of the access log. | 4.3 |
| 2013-03-01 | CVE-2013-0256 | Ruby Lang Canonical | Cross-site Scripting vulnerability in multiple products darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL. | 4.3 |
| 2013-03-01 | CVE-2012-5604 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat Cloudforms 1.1 The ldap_fluff gem for Ruby, as used in Red Hat CloudForms 1.1, when using Active Directory for authentication, allows remote attackers to bypass authentication via unspecified vectors. | 4.3 |
| 2013-02-27 | CVE-2012-4844 | IBM | Cross-Site Scripting vulnerability in IBM Lotus Domino Cross-site scripting (XSS) vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-02-28 | CVE-2013-1772 | Linux | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linux Kernel The log_prefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service (buffer overflow and system crash) by leveraging /dev/kmsg write access and triggering a call_console_drivers function call. | 4.0 |
| 2013-02-27 | CVE-2013-1139 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Cloud Portal The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134. | 4.0 |
3 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2013-02-28 | CVE-2013-0343 | Linux | IPv6 Temporary Addresses Remote Security vulnerability in Linux Kernel The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages. | 3.2 |
| 2013-03-01 | CVE-2012-6116 | Katello | Permissions, Privileges, and Access Controls vulnerability in Katello and Katello-Configure modules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 in Katello uses weak permissions (666) for the Candlepin bootstrap RPM, which allows local users to modify the Candlepin CA certificate by writing to this file. | 2.1 |
| 2013-03-01 | CVE-2012-5561 | Katello | Information Exposure vulnerability in Katello 1.1 script/katello-generate-passphrase in Katello 1.1 uses world-readable permissions for /etc/katello/secure/passphrase, which allows local users to obtain the passphrase by reading the file. | 2.1 |