Weekly Vulnerabilities Reports > July 1 to 7, 2013
Overview
52 new vulnerabilities reported during this period, including 3 critical vulnerabilities and 6 high severity vulnerabilities. This weekly summary report vulnerabilities in 49 products from 19 vendors including IBM, Typo3, Cisco, HP, and Redhat. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Permissions, Privileges, and Access Controls", "SQL Injection", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".
- 48 reported vulnerabilities are remotely exploitables.
- 1 reported vulnerabilities have public exploit available.
- 20 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 25 reported vulnerabilities are exploitable by an anonymous user.
- IBM has the most reported vulnerabilities, with 25 reported vulnerabilities.
- HP has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
3 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-07-06 | CVE-2013-2340 | HP | Security vulnerability in Multiple HP Products Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors. | 10.0 |
2013-07-02 | CVE-2013-2343 | HP | Remote Arbitrary Code Execution vulnerability in HP products Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1510. | 10.0 |
2013-07-02 | CVE-2013-3003 | IBM | Local Arbitrary Command Execution vulnerability in IBM IMS Enterprise Suite 1.1/2.1/2.2 Unspecified vulnerability in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2.1, and 2.2 allows remote authenticated users to execute arbitrary commands via unknown vectors. | 9.0 |
6 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-07-06 | CVE-2013-3005 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM AIX and Vios The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows remote authenticated users to bypass intended file-ownership restrictions, and read or overwrite arbitrary files, via unspecified vectors. | 8.5 |
2013-07-04 | CVE-2013-3563 | Lianja | Buffer Errors vulnerability in Lianja SQL Server 1.0 Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string to TCP port 8001. | 7.5 |
2013-07-01 | CVE-2013-4748 | Georg Ringer Typo3 | SQL Injection vulnerability in Georg Ringer News SQL injection vulnerability in the News system (news) extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-07-01 | CVE-2013-4745 | Kurt Gusbeth Typo3 | SQL Injection vulnerability in Kurt Gusbeth Myquizpoll SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 2.0.6 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-07-06 | CVE-2013-2341 | HP | Security vulnerability in Multiple HP Products Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote authenticated users to execute arbitrary code or obtain sensitive information via unknown vectors. | 7.1 |
2013-07-02 | CVE-2013-3581 | Choice Wireless | Improper Authentication vulnerability in Choice Wireless Wixfmr-111 ajax.cgi in the web interface on the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem allows remote attackers to obtain sensitive information via an Ajax (1) wmxState or (2) netState request. | 7.1 |
35 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-07-02 | CVE-2013-2171 | Freebsd | Permissions, Privileges, and Access Controls vulnerability in Freebsd 9.0/9.1 The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEASE-p4 does not properly determine whether a task should have write access to a memory location, which allows local users to bypass filesystem write permissions and consequently gain privileges via a crafted application that leverages read permissions, and makes mmap and ptrace system calls. | 6.9 |
2013-07-02 | CVE-2013-3395 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuh70263, CSCuh70323, and CSCuh26634. | 6.8 |
2013-07-01 | CVE-2013-2158 | Services Project Drupal | Cross-Site Request Forgery (CSRF) vulnerability in Services Project Services Cross-site request forgery (CSRF) vulnerability in the Services module 6.x-3.x and 7.x-3.x before 7.x-3.4 for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2013-07-02 | CVE-2013-3399 | Cisco | Buffer Errors vulnerability in Cisco Desktop Collaboration Experience Dx650 Buffer overflow in an unspecified Android API on the Cisco Desktop Collaboration Experience DX650 allows attackers to execute arbitrary code via vectors that leverage incorrect memory allocation, aka Bug IDs CSCuf93957, CSCug22352, and CSCug22462. | 6.6 |
2013-07-04 | CVE-2013-4650 | Mongodb | Permissions, Privileges, and Access Controls vulnerability in Mongodb MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database. | 6.5 |
2013-07-03 | CVE-2013-2984 | IBM | Path Traversal vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote authenticated users to read or modify files via unspecified vectors. | 6.5 |
2013-07-03 | CVE-2013-2982 | IBM | Arbitrary File Upload vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to upload arbitrary files via unspecified vectors. | 6.5 |
2013-07-03 | CVE-2013-0560 | IBM | SQL Injection vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2012-5766. | 6.5 |
2013-07-03 | CVE-2012-5766 | IBM | SQL Injection vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors involving the RNVisibility page and unspecified screens, a different vulnerability than CVE-2013-0560. | 6.5 |
2013-07-01 | CVE-2012-6144 | Typo3 | SQL Injection vulnerability in Typo3 SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2013-07-03 | CVE-2013-0476 | IBM | Command Injection vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to inject arbitrary FTP commands via unspecified vectors. | 6.4 |
2013-07-04 | CVE-2013-4729 | Phpmyadmin | Permissions, Privileges, and Access Controls vulnerability in PHPmyadmin import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request. | 5.5 |
2013-07-03 | CVE-2013-2144 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Virtualization Manager Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a denial of service (disk space consumption) by cloning a VM from a snapshot. | 5.0 |
2013-07-03 | CVE-2013-0558 | IBM | Information Exposure vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive information about application implementation via unspecified vectors. | 5.0 |
2013-07-03 | CVE-2013-0539 | IBM | Credentials Management vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway An unspecified third-party component in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 uses short session ID values, which makes it easier for remote attackers to hijack sessions, and consequently obtain sensitive information, via a brute-force attack. | 5.0 |
2013-07-03 | CVE-2013-0481 | IBM | Information Exposure vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway The console in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to read stack traces by triggering (1) an error or (2) an exception. | 5.0 |
2013-07-03 | CVE-2012-5936 | IBM | Cryptographic Issues vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | 5.0 |
2013-07-02 | CVE-2013-3028 | IBM | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Websphere MQ Multiple buffer overflows in mqm programs in IBM WebSphere MQ 7.0.x before 7.0.1.11, 7.1.x before 7.1.0.3, and 7.5.x before 7.5.0.2 on non-Windows platforms allow local users to gain privileges via unspecified vectors. | 4.6 |
2013-07-06 | CVE-2013-3299 | Realnetworks | Improper Input Validation vulnerability in Realnetworks Realplayer RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or application crash) via an HTML document containing JavaScript code that constructs a long string. | 4.3 |
2013-07-04 | CVE-2013-3413 | Cisco | Cross-Site Scripting vulnerability in Cisco Identity Services Engine Software Cross-site scripting (XSS) vulnerability in the search form in the administration/monitoring panel on the Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuh87036. | 4.3 |
2013-07-02 | CVE-2013-0455 | IBM | Cross-Site Scripting vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2.4 and Sterling File Gateway allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-07-02 | CVE-2013-3401 | Cisco | Security Bypass vulnerability in Cisco TelePresence TC Software The SIP implementation in Cisco TelePresence TC Software allows remote attackers to trigger unintended use of NOTIFY messages via unspecified vectors, aka Bug ID CSCud96080. | 4.3 |
2013-07-01 | CVE-2013-4749 | Usertask Center Messaging Project Typo3 | Cross-Site Scripting vulnerability in Usertask Center Messaging Project Usertask Center Messaging Cross-site scripting (XSS) vulnerability in the UserTask Center, Messaging (sys_messages) extension 1.1.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-07-01 | CVE-2013-4747 | Kasper Skarhoj Typo3 | Cross-Site Scripting vulnerability in Kasper Skarhoj Accessible IS Browse Results 1.2.1 Cross-site scripting (XSS) vulnerability in the Accessible browse results for indexed search (accessible_is_browse_results) extension 1.2.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-07-01 | CVE-2013-4746 | Kurt Gusbeth Typo3 | Cross-Site Scripting vulnerability in Kurt Gusbeth Myquizpoll Cross-site scripting (XSS) vulnerability in the My quiz and poll (myquizpoll) extension before 2.0.6 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-07-01 | CVE-2013-4744 | Phpunit Project | Cross-Site Scripting vulnerability in PHPunit Project PHPunit Cross-site scripting (XSS) vulnerability in the PHPUnit extension before 3.5.15 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-07-03 | CVE-2013-3020 | IBM | Information Exposure vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-0568, CVE-2013-0475, and CVE-2013-0567. | 4.0 |
2013-07-03 | CVE-2013-2987 | IBM | Information Exposure vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-3020, CVE-2013-0568, CVE-2013-0475, and CVE-2013-0567. | 4.0 |
2013-07-03 | CVE-2013-2985 | IBM | Information Exposure vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2987, CVE-2013-3020, CVE-2013-0568, CVE-2013-0475, and CVE-2013-0567. | 4.0 |
2013-07-03 | CVE-2013-0568 | IBM | Information Exposure vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-3020, CVE-2013-0475, and CVE-2013-0567. | 4.0 |
2013-07-03 | CVE-2013-0567 | IBM | Information Exposure vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-3020, CVE-2013-0568, and CVE-2013-0475. | 4.0 |
2013-07-03 | CVE-2013-0479 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not properly restrict file types and extensions, which allows remote authenticated users to bypass intended access restrictions via a crafted filename. | 4.0 |
2013-07-03 | CVE-2013-0475 | IBM | Information Exposure vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-3020, CVE-2013-0568, and CVE-2013-0567. | 4.0 |
2013-07-03 | CVE-2013-0463 | IBM | Information Exposure vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-2985, CVE-2013-2987, CVE-2013-3020, CVE-2013-0568, CVE-2013-0475, and CVE-2013-0567. | 4.0 |
2013-07-03 | CVE-2013-0456 | IBM | Unspecified vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to hijack sessions via a modified cookie path. | 4.0 |
8 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-07-06 | CVE-2013-0581 | IBM | Cross-Site Scripting vulnerability in IBM Business Process Manager Multiple cross-site scripting (XSS) vulnerabilities in IBM Business Process Manager (BPM) 7.5.1.x, 8.0.0.x, and 8.0.1 before FP1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) ProcessPortal/jsp/socialPortal/dashboard.jsp, (2) teamworks/executeServiceByName, (3) portal/jsp/viewAdHocReportWizard.do, or (4) rest/bpm/wle/v1/process. | 3.5 |
2013-07-04 | CVE-2013-3742 | Phpmyadmin | Cross-Site Scripting vulnerability in PHPmyadmin 4.0.0/4.0.1/4.0.2 Cross-site scripting (XSS) vulnerability in view_create.php (aka the Create View page) in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an invalid SQL CREATE VIEW statement with a crafted name that triggers an error message. | 3.5 |
2013-07-03 | CVE-2013-0468 | IBM | Cross-Site Scripting vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway Cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-2983. | 3.5 |
2013-07-02 | CVE-2013-2983 | IBM | Cross-Site Scripting vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling File Gateway 2.2 and Sterling B2B Integrator allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2013-0468. | 3.5 |
2013-07-01 | CVE-2012-6148 | Typo3 | Cross-Site Scripting vulnerability in Typo3 Cross-site scripting (XSS) vulnerability in the function menu API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2013-07-01 | CVE-2012-6147 | Typo3 | Cross-Site Scripting vulnerability in Typo3 Cross-site scripting (XSS) vulnerability in the tree render API (TCA-Tree) in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2013-07-01 | CVE-2012-6145 | Typo3 | Cross-Site Scripting vulnerability in Typo3 Cross-site scripting (XSS) vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2013-07-04 | CVE-2013-2164 | Linux Redhat | Information Exposure vulnerability in multiple products The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive. | 2.1 |