Weekly Vulnerabilities Reports > May 20 to 26, 2013
Overview
79 new vulnerabilities reported during this period, including 27 critical vulnerabilities and 6 high severity vulnerabilities. This weekly summary report vulnerabilities in 70 products from 29 vendors including Microsoft, Apple, Wireshark, Debian, and Opensuse. Vulnerabilities are notably categorized as "Resource Management Errors", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", "Improper Input Validation", and "Cross-site Scripting".
- 70 reported vulnerabilities are remotely exploitables.
- 8 reported vulnerabilities have public exploit available.
- 10 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 73 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 37 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 23 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
27 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-05-23 | CVE-2012-4697 | Turck | Credentials Management vulnerability in Turck products TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session. | 10.0 |
2013-05-23 | CVE-2013-2781 | 3S Software | Resource Management Errors vulnerability in 3S-Software Codesys Gateway-Server 2.3.9.27 Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. | 10.0 |
2013-05-24 | CVE-2013-1022 | Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted mvhd atoms in a movie file. | 9.3 |
2013-05-24 | CVE-2013-1021 | Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG data in a movie file. | 9.3 |
2013-05-24 | CVE-2013-1020 | Apple Microsoft | Resource Management Errors vulnerability in Apple Quicktime Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG data in a movie file. | 9.3 |
2013-05-24 | CVE-2013-1019 | Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS and Quicktime Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding. | 9.3 |
2013-05-24 | CVE-2013-1018 | Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. | 9.3 |
2013-05-24 | CVE-2013-1017 | Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted dref atoms in a movie file. | 9.3 |
2013-05-24 | CVE-2013-1016 | Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.263 encoding. | 9.3 |
2013-05-24 | CVE-2013-1015 | Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TeXML file. | 9.3 |
2013-05-24 | CVE-2013-0989 | Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP3 file. | 9.3 |
2013-05-24 | CVE-2013-0988 | Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FPX file. | 9.3 |
2013-05-24 | CVE-2013-0987 | Apple Microsoft | Resource Management Errors vulnerability in Apple Quicktime Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QTIF file. | 9.3 |
2013-05-24 | CVE-2013-0986 | Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and Quicktime Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted enof atoms in a movie file. | 9.3 |
2013-05-23 | CVE-2012-6558 | Heaventools | Buffer Errors vulnerability in Heaventools PE Explorer 1.99.6 Heap-based buffer overflow in HeavenTools PE Explorer 1.99 R6 allows remote attackers to execute arbitrary code via the size value for a string in the resource section of a Portable Executable (PE) file. | 9.3 |
2013-05-23 | CVE-2012-6553 | Angusj | Buffer Errors vulnerability in Angusj Resource Hacker 3.6.0.92 Heap-based buffer overflow in Resource Hacker 3.6.0.92 allows remote attackers to execute arbitrary code via a Portable Executable (PE) file with a resource section containing a string that has many tab or line feed characters. | 9.3 |
2013-05-20 | CVE-2013-1010 | Apple Microsoft | Resource Management Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
2013-05-20 | CVE-2013-1008 | Apple Microsoft | Resource Management Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
2013-05-20 | CVE-2013-1007 | Apple Microsoft | Resource Management Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
2013-05-20 | CVE-2013-1006 | Apple Microsoft | Resource Management Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
2013-05-20 | CVE-2013-1005 | Apple Microsoft | Resource Management Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
2013-05-20 | CVE-2013-1004 | Apple Microsoft | Resource Management Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
2013-05-20 | CVE-2013-1003 | Apple Microsoft | Resource Management Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
2013-05-20 | CVE-2013-1002 | Apple Microsoft | Resource Management Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
2013-05-20 | CVE-2013-1001 | Apple Microsoft | Resource Management Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
2013-05-20 | CVE-2013-1000 | Apple Microsoft | Buffer Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
2013-05-20 | CVE-2013-0999 | Apple Microsoft | Buffer Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
6 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-05-24 | CVE-2013-3633 | Siemens | Permissions, Privileges, and Access Controls vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200 switch family (incl. | 8.0 |
2013-05-25 | CVE-2013-3561 | Debian Opensuse Wireshark | Numeric Errors vulnerability in multiple products Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector. | 7.8 |
2013-05-24 | CVE-2013-3660 | Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next object in a certain list, which allows local users to obtain write access to the PATHRECORD chain, and consequently gain privileges, by triggering excessive consumption of paged memory and then making many FlattenPath function calls, aka "Win32k Read AV Vulnerability." | 7.8 |
2013-05-24 | CVE-2013-3634 | Siemens | Improper Input Validation vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200 switch family (incl. | 7.5 |
2013-05-23 | CVE-2012-6560 | Freenac | Improper Input Validation vulnerability in Freenac 3.0.2 SQL injection vulnerability in deviceadd.php in FreeNAC 3.02 allows remote attackers to execute arbitrary SQL commands via the status parameter. | 7.5 |
2013-05-22 | CVE-2013-3496 | Infotecs | Permissions, Privileges, and Access Controls vulnerability in Infotecs products Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator 3.2.10 (15632) and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 (0.5643) and earlier use weak permissions (Everyone: Full Control) for a folder under %PROGRAMFILES%\Infotecs, which allows local users to gain privileges via a Trojan horse (1) executable file or (2) DLL file. | 7.2 |
43 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-05-21 | CVE-2013-1964 | XEN | Permissions, Privileges, and Access Controls vulnerability in XEN Xen 4.0.x and 4.1.x incorrectly releases a grant reference when releasing a non-v1, non-transitive grant, which allows local guest administrators to cause a denial of service (host crash), obtain sensitive information, or possibly have other impacts via unspecified vectors. | 6.9 |
2013-05-23 | CVE-2012-6562 | Elgg | Permissions, Privileges, and Access Controls vulnerability in Elgg engine/lib/users.php in Elgg before 1.8.5 does not properly specify permissions for the useradd action, which allows remote attackers to create arbitrary accounts. | 6.8 |
2013-05-20 | CVE-2013-3270 | EMC | Permissions, Privileges, and Access Controls vulnerability in EMC Celerra Control Station and VNX Control Station EMC VNX Control Station before 7.1.70.2 and Celerra Control Station before 6.0.70.1 have an incorrect group ownership for unspecified script files, which allows local users to gain privileges by leveraging nasadmin group membership. | 6.8 |
2013-05-20 | CVE-2013-1011 | Apple Microsoft | Resource Management Errors vulnerability in Apple Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 6.8 |
2013-05-20 | CVE-2013-0998 | Apple Microsoft | Resource Management Errors vulnerability in Apple Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 6.8 |
2013-05-20 | CVE-2013-0997 | Apple Microsoft | Resource Management Errors vulnerability in Apple Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 6.8 |
2013-05-20 | CVE-2013-0996 | Apple Microsoft | Resource Management Errors vulnerability in Apple Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 6.8 |
2013-05-20 | CVE-2013-0995 | Apple Microsoft | Resource Management Errors vulnerability in Apple Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 6.8 |
2013-05-20 | CVE-2013-0994 | Apple Microsoft | Resource Management Errors vulnerability in Apple Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 6.8 |
2013-05-20 | CVE-2013-0993 | Apple Microsoft | Resource Management Errors vulnerability in Apple Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 6.8 |
2013-05-20 | CVE-2013-0992 | Apple Microsoft | Resource Management Errors vulnerability in multiple products WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 6.8 |
2013-05-20 | CVE-2013-0991 | Apple Microsoft | Resource Management Errors vulnerability in Apple Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 6.8 |
2013-05-23 | CVE-2012-6554 | A51Dev | Improper Input Validation vulnerability in A51Dev Activecollab Chat Module functions/html_to_text.php in the Chat module before 1.5.2 for activeCollab allows remote authenticated users to execute arbitrary PHP code via the message[message_text] parameter to chat/add_messag, which is not properly handled when executing the preg_replace function with the eval switch. | 6.5 |
2013-05-21 | CVE-2013-2059 | Openstack | Improper Authentication vulnerability in Openstack Keystone 2012.1/2013.1 OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token. | 6.0 |
2013-05-21 | CVE-2007-6746 | Canonical | Improper Input Validation vulnerability in Canonical Telepathy-Idle and Ubuntu Linux telepathy-idle before 0.1.15 does not verify (1) that the issuer is a trusted CA, (2) that the server hostname matches a domain name in the subject's Common Name (CN), or (3) the expiration date of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
2013-05-25 | CVE-2013-3562 | Debian Opensuse Wireshark | Numeric Errors vulnerability in multiple products Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet. | 5.0 |
2013-05-25 | CVE-2013-3560 | Debian Opensuse Wireshark | USE of Externally-Controlled Format String vulnerability in multiple products The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 5.0 |
2013-05-25 | CVE-2013-3559 | Debian Opensuse Wireshark | Numeric Errors vulnerability in multiple products epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet. | 5.0 |
2013-05-25 | CVE-2013-3558 | Wireshark Debian Opensuse | Numeric Errors vulnerability in multiple products The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 5.0 |
2013-05-25 | CVE-2013-3557 | Wireshark Debian Opensuse | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 5.0 |
2013-05-25 | CVE-2013-3556 | Wireshark Debian Opensuse | Improper Input Validation vulnerability in multiple products The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 5.0 |
2013-05-25 | CVE-2013-3555 | Debian Opensuse Wireshark | Improper Input Validation vulnerability in multiple products epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 5.0 |
2013-05-25 | CVE-2013-2083 | Moodle | Improper Input Validation vulnerability in Moodle The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly handle a certain array-element syntax, which allows remote attackers to bypass intended form-data filtering via a crafted request. | 5.0 |
2013-05-25 | CVE-2013-2082 | Moodle | Permissions, Privileges, and Access Controls vulnerability in Moodle Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not enforce capability requirements for reading blog comments, which allows remote attackers to obtain sensitive information via a crafted request. | 5.0 |
2013-05-23 | CVE-2011-4518 | Microsys | Path Traversal vulnerability in Microsys Promotic Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |
2013-05-23 | CVE-2013-1204 | Cisco | Resource Management Errors vulnerability in Cisco IOS XR Memory leak in the SNMP process in Cisco IOS XR allows remote attackers to cause a denial of service (memory consumption or process reload) by sending many port-162 UDP packets, aka Bug ID CSCug80345. | 5.0 |
2013-05-20 | CVE-2013-0145 | Vercot | Buffer Errors vulnerability in Vercot Serva32 2.1.0 Buffer overflow in the TFTPD service in Serva32 2.1.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in a read request. | 5.0 |
2013-05-24 | CVE-2013-3661 | Microsoft | Path Traversal vulnerability in Microsoft products The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not check whether linked-list traversal is continually accessing the same list member, which allows local users to cause a denial of service (infinite traversal) via vectors that trigger a crafted PATHRECORD chain. | 4.9 |
2013-05-25 | CVE-2013-2081 | Moodle | Permissions, Privileges, and Access Controls vulnerability in Moodle Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not consider "don't send" attributes during hub registration, which allows remote hubs to obtain sensitive site information by reading form data. | 4.3 |
2013-05-23 | CVE-2011-4520 | Microsys | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsys Promotic Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page. | 4.3 |
2013-05-23 | CVE-2011-4519 | Microsys | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsys Promotic Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page. | 4.3 |
2013-05-23 | CVE-2012-6563 | Elgg | Permissions, Privileges, and Access Controls vulnerability in Elgg engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors. | 4.3 |
2013-05-23 | CVE-2012-6561 | Elgg | Cross-Site Scripting vulnerability in Elgg Cross-site scripting (XSS) vulnerability in engine/lib/views.php in Elgg before 1.8.5 allows remote attackers to inject arbitrary web script or HTML via the view parameter to index.php. | 4.3 |
2013-05-23 | CVE-2012-6559 | Freenac | Cross-Site Scripting vulnerability in Freenac 3.0.2 Multiple cross-site scripting (XSS) vulnerabilities in FreeNAC 3.02 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) mac, (3) graphtype, (4) name, or (5) type parameter to stats.php; or (6) comment parameter to deviceadd.php. | 4.3 |
2013-05-23 | CVE-2012-6557 | Zodiacdm Vanillaforums | Cross-Site Scripting vulnerability in Zodiacdm Aboutme-Plugin 1.1.1 Multiple cross-site scripting (XSS) vulnerabilities in the AboutMe plugin 1.1.1 for Vanilla Forums allow remote attackers to inject arbitrary web script or HTML via the (1) AboutMe/RealName, (2) AboutMe/Name, (3) AboutMe/Quote, (4) AboutMe/Loc, (5) AboutMe/Emp, (6) AboutMe/JobTit, (7) AboutMe/HS, (8) AboutMe/Col, (9) AboutMe/Bio, (10) AboutMe/Inter, (11) AboutMe/Mus, (12) AboutMe/Gam, (13) AboutMe/Mov, (14) AboutMe/FTV, or (15) AboutMe/Bks parameter to the Edit My Details page. | 4.3 |
2013-05-23 | CVE-2012-6556 | Jspautsch Vanillaforums | Cross-Site Scripting vulnerability in Jspautsch Firstlastnames 1.1.1 Multiple cross-site scripting (XSS) vulnerabilities in the FirstLastNames plugin 1.1.1 for Vanilla Forums allow remote attackers to inject arbitrary web script or HTML via the (1) User/FirstName or (2) User/LastName parameter to the edit user page. | 4.3 |
2013-05-23 | CVE-2012-6555 | Vanillaforums | Cross-site Scripting vulnerability in Vanillaforums Latestcomment 1.1 Cross-site scripting (XSS) vulnerability in the LatestComment plugin 1.1 for Vanilla Forums allows remote attackers to inject arbitrary web script or HTML via the discussion title. | 4.3 |
2013-05-22 | CVE-2013-2311 | Web2Py | Cross-Site Scripting vulnerability in Web2Py Cross-site scripting (XSS) vulnerability in static/js/share.js (aka the social bookmarking widget) in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-05-22 | CVE-2013-0942 | EMC Microsoft Apache | Cross-Site Scripting vulnerability in EMC RSA Authentication Agent 7.1 Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-05-21 | CVE-2012-6137 | Redhat | Credentials Management vulnerability in Redhat products rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials. | 4.3 |
2013-05-20 | CVE-2013-1014 | Apple Microsoft | Improper Input Validation vulnerability in Apple Itunes Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate. | 4.3 |
2013-05-25 | CVE-2013-2080 | Moodle | Permissions, Privileges, and Access Controls vulnerability in Moodle The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly consider the existence of hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role and reading the Gradebook Overview report. | 4.0 |
2013-05-25 | CVE-2013-2079 | Moodle | Permissions, Privileges, and Access Controls vulnerability in Moodle mod/assign/locallib.php in the assignment module in Moodle 2.3.x before 2.3.7 and 2.4.x before 2.4.4 does not consider capability requirements during the processing of ZIP assignment-archive download (aka downloadall) requests, which allows remote authenticated users to read other users' assignments by leveraging the student role. | 4.0 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-05-22 | CVE-2013-0941 | RSA Apache Microsoft | Cryptographic Issues vulnerability in RSA products EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data. | 2.1 |
2013-05-21 | CVE-2013-2006 | Openstack | Information Exposure vulnerability in Openstack Keystone 2013.1.1 OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file. | 2.1 |
2013-05-21 | CVE-2013-1977 | Openstack | Permissions, Privileges, and Access Controls vulnerability in Openstack Devstack OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admin_token secret by reading the file. | 2.1 |