Weekly Vulnerabilities Reports > July 8 to 14, 2013
Overview
93 new vulnerabilities reported during this period, including 39 critical vulnerabilities and 12 high severity vulnerabilities. This weekly summary report vulnerabilities in 134 products from 36 vendors including Microsoft, Cisco, Wordpress, Adobe, and Juniper. Vulnerabilities are notably categorized as "Code Injection", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Resource Management Errors".
- 82 reported vulnerabilities are remotely exploitables.
- 3 reported vulnerabilities have public exploit available.
- 16 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 87 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 28 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 25 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
39 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-07-11 | CVE-2013-1777 | Apache IBM | Code Injection vulnerability in multiple products The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not properly implement the RMI classloader, which allows remote attackers to execute arbitrary code by using the JMX connector to send a crafted serialized object. | 10.0 |
2013-07-11 | CVE-2013-4685 | Juniper | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Juniper products Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7, 12.1 before 12.1R6, and 12.1X44 before 12.1X44-D15 on SRX devices, when Captive Portal is enabled with the UAC enforcer role, allows remote attackers to execute arbitrary code via crafted HTTP requests, aka PR 849100. | 10.0 |
2013-07-10 | CVE-2013-3350 | Adobe | Unspecified vulnerability in Adobe Coldfusion 10.0 Adobe ColdFusion 10 before Update 11 allows remote attackers to call ColdFusion Components (CFC) public methods via WebSockets. | 10.0 |
2013-07-10 | CVE-2013-3348 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 12.0.3.133 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 10.0 |
2013-07-10 | CVE-2013-3347 | Adobe Microsoft Apple Linux | Numeric Errors vulnerability in Adobe Flash Player Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code via PCM data that is not properly handled during resampling. | 10.0 |
2013-07-10 | CVE-2013-3345 | Adobe Microsoft Apple Linux | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Player Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 10.0 |
2013-07-10 | CVE-2013-3344 | Adobe Apple Microsoft Linux | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Player Heap-based buffer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2013-07-08 | CVE-2013-4785 | Dell | Unspecified vulnerability in Dell Idrac6 Firmware 1.7 The web interface on the Dell iDRAC6 with firmware before 1.95 allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified form that is accessible from testurls.html. | 10.0 |
2013-07-08 | CVE-2013-4784 | HP | Improper Authentication vulnerability in HP Integrated Lights-Out BMC The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. | 10.0 |
2013-07-08 | CVE-2013-4783 | Dell | Improper Authentication vulnerability in Dell Idrac6 BMC The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. | 10.0 |
2013-07-08 | CVE-2013-4782 | Supermicro | Improper Authentication vulnerability in Supermicro BMC The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. | 10.0 |
2013-07-10 | CVE-2013-2352 | HP Dell IBM | Credentials Management vulnerability in HP San/Iq LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of an unused one-time password. | 9.4 |
2013-07-10 | CVE-2013-2115 | Apache | Code Injection vulnerability in Apache Struts Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. | 9.3 |
2013-07-10 | CVE-2013-1966 | Apache | Code Injection vulnerability in Apache Struts Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. | 9.3 |
2013-07-10 | CVE-2013-1965 | Apache | Code Injection vulnerability in Apache Struts and Struts2-Showcase Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect. | 9.3 |
2013-07-10 | CVE-2013-1868 | Videolan | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Videolan VLC Media Player Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser. | 9.3 |
2013-07-10 | CVE-2013-3178 | Microsoft | Code Injection vulnerability in Microsoft Silverlight Microsoft Silverlight 5 before 5.1.20513.0 does not properly initialize arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted Silverlight application, aka "Null Pointer Vulnerability." | 9.3 |
2013-07-10 | CVE-2013-3171 | Microsoft | Code Injection vulnerability in Microsoft .Net Framework The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages a partial-trust relationship, aka "Delegate Serialization Vulnerability." | 9.3 |
2013-07-10 | CVE-2013-3164 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer 8 Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 9.3 |
2013-07-10 | CVE-2013-3162 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3115. | 9.3 |
2013-07-10 | CVE-2013-3161 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer 10/9 Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3143. | 9.3 |
2013-07-10 | CVE-2013-3153 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3148. | 9.3 |
2013-07-10 | CVE-2013-3152 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer 10 Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3146. | 9.3 |
2013-07-10 | CVE-2013-3151 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer 10/8/9 Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3144 and CVE-2013-3163. | 9.3 |
2013-07-10 | CVE-2013-3150 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer 9 Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3145. | 9.3 |
2013-07-10 | CVE-2013-3149 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer 7/8 Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 9.3 |
2013-07-10 | CVE-2013-3148 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3153. | 9.3 |
2013-07-10 | CVE-2013-3147 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 9.3 |
2013-07-10 | CVE-2013-3146 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer 10 Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3152. | 9.3 |
2013-07-10 | CVE-2013-3145 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer 9 Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3150. | 9.3 |
2013-07-10 | CVE-2013-3144 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer 10/8/9 Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3151 and CVE-2013-3163. | 9.3 |
2013-07-10 | CVE-2013-3143 | Microsoft | Code Injection vulnerability in Microsoft Internet Explorer 10/9 Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3161. | 9.3 |
2013-07-10 | CVE-2013-3134 | Microsoft | Code Injection vulnerability in Microsoft .Net Framework The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 on 64-bit platforms does not properly allocate arrays of structures, which allows remote attackers to execute arbitrary code via a crafted .NET Framework application that changes array data, aka "Array Allocation Vulnerability." Per: http://technet.microsoft.com/en-us/security/bulletin/ms13-052#section6 'Systems running 32-bit versions of Windows are not affected by this vulnerability.' | 9.3 |
2013-07-10 | CVE-2013-3133 | Microsoft | Code Injection vulnerability in Microsoft .Net Framework Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "Anonymous Method Injection Vulnerability." | 9.3 |
2013-07-10 | CVE-2013-3132 | Microsoft | Code Injection vulnerability in Microsoft .Net Framework Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "Delegate Reflection Bypass Vulnerability." | 9.3 |
2013-07-10 | CVE-2013-3131 | Microsoft | Code Injection vulnerability in Microsoft .Net Framework and Silverlight Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverlight 5 before 5.1.20513.0, does not properly prevent changes to data in multidimensional arrays of structures, which allows remote attackers to execute arbitrary code via (1) a crafted .NET Framework application or (2) a crafted Silverlight application, aka "Array Access Violation Vulnerability." | 9.3 |
2013-07-10 | CVE-2013-3127 | Microsoft | Code Injection vulnerability in Microsoft Windows Media Format Runtime and Windows Media Player The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafted media file, aka "WMV Video Decoder Remote Code Execution Vulnerability." | 9.3 |
2013-07-10 | CVE-2013-3115 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3162. | 9.3 |
2013-07-09 | CVE-2013-4787 | Cryptographic Issues vulnerability in Google Android Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that is modified in a way that does not violate the cryptographic signature, probably involving multiple entries in a Zip file with the same name in which one entry is validated but the other entry is installed, aka Android security bug 8219321 and the "Master Key" vulnerability. | 9.3 |
12 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-07-10 | CVE-2013-3163 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/8/9 Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3144 and CVE-2013-3151. | 8.8 |
2013-07-12 | CVE-2013-2687 | Blackberry | Buffer Errors vulnerability in Blackberry products Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868. | 7.8 |
2013-07-11 | CVE-2013-4688 | Juniper | Denial of Service vulnerability in Juniper Networks Junos flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted MSRPC requests, aka PR 772834. | 7.8 |
2013-07-11 | CVE-2013-4687 | Juniper | Denial of Service vulnerability in Juniper Networks Junos SRX Series Services Gateway flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R6-S2, and 12.1 before 12.1R6 on SRX devices, when certain Application Layer Gateways (ALGs) are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets, aka PRs 727980, 806269, and 835593. | 7.8 |
2013-07-11 | CVE-2013-4684 | Juniper | Denial of Service vulnerability in Juniper Networks Junos flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R8, 12.1 before 12.1R7, and 12.1X44 before 12.1X44-D15 on SRX devices, when PIM and NAT are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted PIM packets, aka PR 842253. | 7.8 |
2013-07-10 | CVE-2013-2784 | Triplc | Cryptographic Issues vulnerability in Triplc Nano-10 PLC and Nano-10 PLC Firmware Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port 502. | 7.8 |
2013-07-08 | CVE-2013-4786 | Oracle Intel | Credentials Management vulnerability in multiple products The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC. | 7.8 |
2013-07-13 | CVE-2013-2351 | HP | Unauthorized Access vulnerability in HP Network Node Manager I 9.0/9.10/9.20 Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, 9.1x, and 9.2x allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. | 7.5 |
2013-07-11 | CVE-2013-1768 | Apache | Permissions, Privileges, and Access Controls vulnerability in Apache Openjpa The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs. | 7.5 |
2013-07-09 | CVE-2013-2118 | Spip | Unspecified vulnerability in Spip SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php. | 7.5 |
2013-07-09 | CVE-2013-1362 | Opensuse Nagios | Improper Input Validation vulnerability in multiple products Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash. | 7.5 |
2013-07-11 | CVE-2013-4686 | Juniper | Denial of Service vulnerability in Juniper Networks Junos The kernel in Juniper Junos 10.4 before 10.4R14, 11.4 before 11.4R8, 11.4X27 before 11.4X27.43, 12.1 before 12.1R6, 12.1X44 before 12.1X44-D20, 12.2 before 12.2R4, and 12.3 before 12.3R2, in certain VLAN configurations with unrestricted arp-resp and proxy-arp settings, allows remote attackers to cause a denial of service (device crash) via a crafted ARP request, aka PR 842091. | 7.1 |
38 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-07-10 | CVE-2013-3154 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows 7, Windows Defender and Windows Server 2008 The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 2008 R2 relies on an incorrect pathname, which allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory, aka "Microsoft Windows 7 Defender Improper Pathname Vulnerability." | 6.9 |
2013-07-09 | CVE-2013-1976 | Redhat | Link Following vulnerability in Redhat Enterprise Linux and Jboss Enterprise web Server The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log. | 6.9 |
2013-07-12 | CVE-2013-3424 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Secure Access Control System Cross-site request forgery (CSRF) vulnerability in Administration and View pages in Cisco Secure Access Control System (ACS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCud75177. | 6.8 |
2013-07-12 | CVE-2013-2704 | Metin Saylan Wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Metin Saylan Dropdown Menu Widget 1.9.1 Cross-site request forgery (CSRF) vulnerability in the Dropdown Menu Widget plugin 1.9.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences. | 6.8 |
2013-07-11 | CVE-2013-3418 | Cisco | Resource Management Errors vulnerability in Cisco Unified Communications Domain Manager Cisco Unified Communications Domain Manager does not properly allocate memory for GET and POST requests, which allows remote authenticated users to cause a denial of service (memory consumption and process crash) via crafted requests to the management interface, aka Bug ID CSCud22922. | 6.8 |
2013-07-10 | CVE-2013-3408 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco products The firmware on Cisco Virtualization Experience Client 6000 devices sets incorrect operating-system permissions, which allows local users to gain privileges via an unspecified sequence of commands, aka Bug ID CSCuc31764. | 6.8 |
2013-07-10 | CVE-2013-3400 | Cisco | Improper Input Validation vulnerability in Cisco Nexus 1000V and Nx-Os The license-installation module in Cisco NX-OS on Nexus 1000V devices allows local users to execute arbitrary commands via crafted "install license" arguments, aka Bug ID CSCuh30824. | 6.8 |
2013-07-10 | CVE-2013-2786 | Alstom | Permissions, Privileges, and Access Controls vulnerability in Alstom Micom S1 Agile and Micom S1 Studio Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 Studio use weak permissions for the MiCOM S1 %PROGRAMFILES% directory, which allows local users to gain privileges via a Trojan horse executable file. | 6.6 |
2013-07-08 | CVE-2013-0235 | Wordpress | Unspecified vulnerability in Wordpress The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, related to a Server-Side Request Forgery (SSRF) issue. | 6.4 |
2013-07-13 | CVE-2013-3692 | Blackberry | Permissions, Privileges, and Access Controls vulnerability in Blackberry OS and Z10 BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses weak permissions for a BlackBerry Protect object, which allows physically proximate attackers to bypass intended access restrictions by leveraging a user's BlackBerry Protect password-reset request and a user's installation of a crafted application. | 6.2 |
2013-07-12 | CVE-2013-2688 | Blackberry | Buffer Errors vulnerability in Blackberry products Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file. | 5.4 |
2013-07-09 | CVE-2013-2052 | Libreswan | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Libreswan 3.0/3.1 Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. | 5.1 |
2013-07-08 | CVE-2013-1414 | Fortinet | Cross-Site Request Forgery (CSRF) vulnerability in Fortinet products Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown. | 5.1 |
2013-07-12 | CVE-2013-3655 | Sharp | Unspecified vulnerability in Sharp Aquos Hn-Pp150 and Aquos Hn-Pp150 Firmware The Sharp AQUOS PhotoPlayer HN-PP150 with firmware before 1.04.00.04 allows remote attackers to cause a denial of service (networking outage) via crafted packet data. | 5.0 |
2013-07-11 | CVE-2013-4690 | Juniper | Resource Management Errors vulnerability in Juniper products Juniper Junos 10.4 before 10.4S13, 11.4 before 11.4R7-S1, 12.1 before 12.1R5-S3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on the SRX1400, SRX3400, and SRX3600 does not properly initialize memory locations used during padding of Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data, aka PR 829536, a related issue to CVE-2003-0001. | 5.0 |
2013-07-10 | CVE-2013-3349 | Adobe | Remote Denial of Service vulnerability in Adobe Coldfusion 9.0/9.0.1/9.0.2 Unspecified vulnerability in Adobe ColdFusion 9.0 through 9.0.2, when the JRun application server is used, allows remote attackers to cause a denial of service via unknown vectors. | 5.0 |
2013-07-08 | CVE-2013-1613 | Symantec | SQL Injection vulnerability in Symantec products SQL injection vulnerability in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 4.7 |
2013-07-12 | CVE-2013-3423 | Cisco | Cross-Site Scripting vulnerability in Cisco Secure Access Control System Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCud75174. | 4.3 |
2013-07-12 | CVE-2013-3422 | Cisco | Cross-Site Scripting vulnerability in Cisco Secure Access Control System Cross-site scripting (XSS) vulnerability in Administration pages in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75165. | 4.3 |
2013-07-12 | CVE-2013-3421 | Cisco | Cross-Site Scripting vulnerability in Cisco Secure Access Control System Cross-site scripting (XSS) vulnerability in the Help index page in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75170. | 4.3 |
2013-07-11 | CVE-2013-3419 | Cisco | Cross-Site Scripting vulnerability in Cisco Unified Meetingplace web Conferencing Cross-site scripting (XSS) vulnerability in Cisco Unified MeetingPlace Web Conferencing allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuh74981. | 4.3 |
2013-07-10 | CVE-2013-3579 | Lookout | Local Denial of Service vulnerability in Lookout Security & Antivirus 8.17 The Lookout Mobile Security application before 8.17-8a39d3f for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an intent to com.lookout.security.ScanTell with zero arguments. | 4.3 |
2013-07-10 | CVE-2013-3416 | Cisco | Cross-Site Scripting vulnerability in Cisco products Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997. | 4.3 |
2013-07-10 | CVE-2013-1132 | Cisco | Cross-Site Scripting vulnerability in Cisco Unified Communications Domain Manager Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Communications Domain Manager allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) IptAccountMgmt, (2) IptFeatureConfigTemplateMgmt, (3) IptFeatureDisplayPolicyMgmt, or (4) IptProviderMgmt page, aka Bug IDs CSCud69972, CSCud70193, and CSCud70261. | 4.3 |
2013-07-10 | CVE-2013-3405 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Telepresence TC Software The web portal in TC software on Cisco TelePresence endpoints does not require an exact password match during a login attempt by a user who has not configured a password, which allows remote attackers to bypass authentication by sending an arbitrary password, aka Bug ID CSCud96071. | 4.3 |
2013-07-10 | CVE-2012-5855 | Videolan | Numeric Errors vulnerability in Videolan VLC Media Player The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. | 4.3 |
2013-07-10 | CVE-2013-3166 | Microsoft | Cross-Site Scripting vulnerability in Microsoft Internet Explorer Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scrolling events, aka "Shift JIS Character Encoding Vulnerability," a different vulnerability than CVE-2013-0015. | 4.3 |
2013-07-09 | CVE-2013-1950 | Libtirpc Project | Resource Management Errors vulnerability in Libtirpc Project Libtirpc The svc_dg_getargs function in libtirpc 0.2.3 and earlier allows remote attackers to cause a denial of service (rpcbind crash) via a Sun RPC request with crafted arguments that trigger a free of an invalid pointer. | 4.3 |
2013-07-08 | CVE-2013-2205 | Wordpress | Configuration vulnerability in Wordpress The default configuration of SWFUpload in WordPress before 3.5.2 has an unrestrictive security.allowDomain setting, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted web site. | 4.3 |
2013-07-08 | CVE-2013-2204 | Tinymce Wordpress | Improper Input Validation vulnerability in multiple products moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5.2 and other products, does not consider the presence of a # (pound sign) character during extraction of the QUERY_STRING, which allows remote attackers to pass arbitrary parameters to a Flash application, and conduct content-spoofing attacks, via a crafted string after a ? (question mark) character. | 4.3 |
2013-07-08 | CVE-2013-2203 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress WordPress before 3.5.2, when the uploads directory forbids write access, allows remote attackers to obtain sensitive information via an invalid upload request, which reveals the absolute path in an XMLHttpRequest error message. | 4.3 |
2013-07-08 | CVE-2013-2202 | Wordpress | Information Exposure vulnerability in Wordpress WordPress before 3.5.2 allows remote attackers to read arbitrary files via an oEmbed XML provider response containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 4.3 |
2013-07-08 | CVE-2013-2201 | Wordpress | Cross-Site Scripting vulnerability in Wordpress Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) uploads of media files, (2) editing of media files, (3) installation of plugins, (4) updates to plugins, (5) installation of themes, or (6) updates to themes. | 4.3 |
2013-07-08 | CVE-2013-2199 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery (SSRF) issue, a similar vulnerability to CVE-2013-0235. | 4.3 |
2013-07-08 | CVE-2013-0237 | Moxiecode Wordpress Fedoraproject | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used in WordPress before 3.5.1 and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 4.3 |
2013-07-08 | CVE-2013-0236 | Wordpress | Cross-Site Scripting vulnerability in Wordpress Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) gallery shortcodes or (2) the content of a post. | 4.3 |
2013-07-08 | CVE-2013-1614 | Symantec | Cross-Site Scripting vulnerability in Symantec products Multiple cross-site scripting (XSS) vulnerabilities in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-07-08 | CVE-2013-2200 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress WordPress before 3.5.2 does not properly check the capabilities of roles, which allows remote authenticated users to bypass intended restrictions on publishing and authorship reassignment via unspecified vectors. | 4.0 |
4 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-07-08 | CVE-2013-1615 | Symantec | Information Exposure vulnerability in Symantec products The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspecified web-GUI API calls. | 2.9 |
2013-07-09 | CVE-2013-2096 | Openstack | Resource Management Errors vulnerability in Openstack Folsom, Grizzly and Havana OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by creating an image with a large virtual size that does not contain a large amount of data. | 2.1 |
2013-07-08 | CVE-2013-3273 | EMC RSA | Credentials Management vulnerability in multiple products EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file. | 2.1 |
2013-07-08 | CVE-2013-3272 | EMC | Credentials Management vulnerability in EMC Replication Manager EMC Replication Manager (RM) before 5.4.4 places encoded passwords in application log files, which makes it easier for local users to obtain sensitive information by reading a file and conducting an unspecified decoding attack. | 2.1 |