Weekly Vulnerabilities Reports > August 5 to 11, 2013

Overview

76 new vulnerabilities reported during this period, including 15 critical vulnerabilities and 11 high severity vulnerabilities. This weekly summary report vulnerabilities in 138 products from 42 vendors including Mozilla, IBM, NI, Symantec, and Cisco. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", "Permissions, Privileges, and Access Controls", and "Cross-Site Request Forgery (CSRF)".

  • 63 reported vulnerabilities are remotely exploitables.
  • 3 reported vulnerabilities have public exploit available.
  • 23 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 64 reported vulnerabilities are exploitable by an anonymous user.
  • Mozilla has the most reported vulnerabilities, with 15 reported vulnerabilities.
  • Mozilla has the most reported critical vulnerabilities, with 5 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

15 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2013-08-09 CVE-2013-4031 IBM Credentials Management vulnerability in IBM products

The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers has a default password for the IPMI user account, which makes it easier for remote attackers to perform power-on, power-off, or reboot actions, or add or modify accounts, via unspecified vectors.

10.0
2013-08-08 CVE-2013-3454 Cisco Credentials Management vulnerability in Cisco products

Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, and 6.0.3 and earlier on TX 9X00 devices, has a default password for the pwrecovery account, which makes it easier for remote attackers to modify the configuration or perform arbitrary actions via HTTPS requests, aka Bug ID CSCui43128.

10.0
2013-08-07 CVE-2013-1710 Mozilla Improper Input Validation vulnerability in Mozilla products

The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks via vectors related to Certificate Request Message Format (CRMF) request generation.

10.0
2013-08-07 CVE-2013-1705 Mozilla Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox and Seamonkey

Heap-based buffer underflow in the cryptojs_interpret_key_gen_type function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Certificate Request Message Format (CRMF) request.

10.0
2013-08-07 CVE-2013-1702 Mozilla Memory Corruption vulnerability in Mozilla Firefox/Thunderbird/Seamonkey

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10.0
2013-08-07 CVE-2013-1701 Mozilla Memory Corruption vulnerability in Mozilla Firefox/Thunderbird/Seamonkey

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10.0
2013-08-06 CVE-2013-5022 NI Path Traversal vulnerability in NI products

Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value.

10.0
2013-08-09 CVE-2013-2577 Xnview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xnview

Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file.

9.3
2013-08-09 CVE-2013-3480 Sagelighteditor Numeric Errors vulnerability in Sagelighteditor Sagelight 4.4

Integer overflow in Sagelight 4.4 and earlier allows remote attackers to execute arbitrary code via crafted width and height dimensions in a BMP file, which triggers a heap-based buffer overflow.

9.3
2013-08-09 CVE-2013-0150 F5 Path Traversal vulnerability in F5 Big-Ip Access Policy Manager and Firepass

Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execute arbitrary files via a ..

9.3
2013-08-09 CVE-2013-3027 IBM Numeric Errors vulnerability in IBM Lotus Domino 9.0.0.0

Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW.

9.3
2013-08-07 CVE-2013-1704 Mozilla Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey

Use-after-free vulnerability in the nsINode::GetParentNode function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a DOM modification at the time of a SetBody mutation event.

9.3
2013-08-06 CVE-2013-5026 NI Unspecified vulnerability in NI Lookout 6.5/6.6/6.7

An ActiveX control in lookout650.ocx, lookout660.ocx, and lookout670.ocx in National Instruments Lookout 6.5 through 6.7 allows remote attackers to execute arbitrary code by triggering the download of, and calls to, an arbitrary DLL file.

9.3
2013-08-06 CVE-2013-5021 NI
ABB
Path Traversal vulnerability in multiple products

Multiple absolute path traversal vulnerabilities in National Instruments cwui.ocx, as used in National Instruments LabWindows/CVI 2012 SP1 and earlier, National Instruments LabVIEW 2012 SP1 and earlier, the Data Analysis component in ABB DataManager 1 through 6.3.6, and other products allow remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method in the (1) CWNumEdit, (2) CWGraph, (3) CWBoolean, (4) CWSlide, or (5) CWKnob ActiveX control, in conjunction with file content in the (a) Caption or (b) FormatString property value.

9.3
2013-08-05 CVE-2013-4805 HP Authentication Bypass vulnerability in HP Integrated Lights-Out

Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors.

9.0

11 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2013-08-05 CVE-2013-4575 Symantec Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Symantec Backup Exec 2010/2012

Heap-based buffer overflow in the utility program in the Linux agent in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via unspecified vectors.

7.9
2013-08-05 CVE-2013-4807 HP Information Disclosure vulnerability in Multiple HP LaserJet Pro Printers

Unspecified vulnerability on the HP LaserJet Pro P1102w, P1606dn, M1212nf MFP, M1213nf MFP, M1214nfh MFP, M1216nfh MFP, M1217nfw MFP, M1218nfs MFP, and CP1025nw with firmware before 2013-07-26 20130703 allows remote attackers to modify data via unknown vectors.

7.8
2013-08-09 CVE-2013-4115 Opensuse
Squid Cache
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long name in a DNS lookup request.

7.5
2013-08-09 CVE-2013-4789 Cotonti SQL Injection vulnerability in Cotonti Siena

SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to index.php.

7.5
2013-08-09 CVE-2013-4742 Netwin Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Netwin Surgeftp

Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.

7.5
2013-08-09 CVE-2013-4147 Yard Radius Project USE of Externally-Controlled Format String vulnerability in Yard Radius Project Yard Radius 1.1.24

Multiple format string vulnerabilities in Yet Another Radius Daemon (YARD RADIUS) 1.1.2 allow context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in a request in the (1) log_msg function in log.c or (2) version or (3) build_version function in version.c.

7.5
2013-08-09 CVE-2013-4943 Siemens Permissions, Privileges, and Access Controls vulnerability in Siemens Comos 10.0/9.1/9.2

The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restrictions by leveraging COMOS project access.

7.2
2013-08-07 CVE-2013-1707 Mozilla Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla products

Stack-based buffer overflow in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line to the Mozilla Maintenance Service.

7.2
2013-08-07 CVE-2013-1706 Mozilla Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla products

Stack-based buffer overflow in maintenanceservice.exe in the Mozilla Maintenance Service in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line.

7.2
2013-08-09 CVE-2013-2792 Selinc Improper Input Validation vulnerability in Selinc products

Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.

7.1
2013-08-09 CVE-2012-3039 Moxa Cryptographic Issues vulnerability in Moxa products

Moxa OnCell Gateway G3111, G3151, G3211, and G3251 devices with firmware before 1.4 do not use a sufficient source of entropy for SSH and SSL keys, which makes it easier for remote attackers to obtain access by leveraging knowledge of a key from a product installation elsewhere.

7.1

45 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2013-08-09 CVE-2013-2796 Schneider Electric Permissions, Privileges, and Access Controls vulnerability in Schneider-Electric Citectscada, Powerlogic Scada and Vijeo Citect

Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

6.9
2013-08-07 CVE-2013-1715 Mozilla
Microsoft
Arbitrary Code Execution vulnerability in Mozilla Firefox and Seamonkey

Multiple untrusted search path vulnerabilities in the (1) full installer and (2) stub installer in Mozilla Firefox before 23.0 on Windows allow local users to gain privileges via a Trojan horse DLL in the default downloads directory.

6.9
2013-08-07 CVE-2013-1712 Mozilla
Microsoft
Local Privilege Escalation vulnerability in Mozilla Firefox/Thunderbird/SeaMonkey

Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 on Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 allow local users to gain privileges via a Trojan horse DLL in (1) the update directory or (2) the current working directory.

6.9
2013-08-09 CVE-2013-2576 B E Soft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in B-E-Soft Artweaver

Buffer overflow in Artweaver before 3.1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AWD file.

6.8
2013-08-09 CVE-2013-3253 Xhanch
Wordpress
Cross-Site Request Forgery (CSRF) vulnerability in Xhanch MY Twitter

Cross-site request forgery (CSRF) vulnerability in admin/setting.php in the Xhanch - My Twitter plugin before 2.7.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change unspecified settings.

6.8
2013-08-08 CVE-2013-3256 Shareaholic
Wordpress
Cross-Site Request Forgery (CSRF) vulnerability in Shareaholic Sexybookmarks 6.1.4.0

Cross-site request forgery (CSRF) vulnerability in the Shareaholic SexyBookmarks plugin 6.1.4.0 for WordPress allows remote attackers to hijack the authentication of users for requests that "manipulate plugin settings."

6.8
2013-08-06 CVE-2013-1633 Python Improper Input Validation vulnerability in Python Setuptools

easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product.

6.8
2013-08-06 CVE-2013-1630 Guillaume Gauvrit Improper Input Validation vulnerability in Guillaume Gauvrit Pyshop

pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a download operation.

6.8
2013-08-06 CVE-2013-1629 Pypa Improper Input Validation vulnerability in Pypa PIP

pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation.

6.8
2013-08-05 CVE-2013-3451 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager

Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Unified Communications Manager (Unified CM) allow remote attackers to hijack the authentication of arbitrary users for requests that perform arbitrary Unified CM operations, aka Bug ID CSCui13033.

6.8
2013-08-05 CVE-2013-3450 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager

Cross-site request forgery (CSRF) vulnerability in the User WebDialer page in Cisco Unified Communications Manager (Unified CM) allows remote attackers to hijack the authentication of arbitrary users for requests that dial calls, aka Bug ID CSCui13028.

6.8
2013-08-05 CVE-2013-1610 Symantec Local Privilege Escalation vulnerability in Symantec Encryption Desktop

Unquoted Windows search path vulnerability in RDDService in Symantec PGP Desktop 10.0.x through 10.2.x and Symantec Encryption Desktop 10.3.0 before MP3 allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory.

6.8
2013-08-05 CVE-2013-4679 Symantec Buffer Errors vulnerability in Symantec Workspace Virtualization 6.4.1895.0

Symantec Workspace Virtualization before 6.x before 6.4.1953.0, when a virtual application layer is configured, allows local users to gain privileges via an application that performs crafted interaction with the operating system.

6.6
2013-08-09 CVE-2013-4619 Open EMR SQL Injection vulnerability in Open-Emr Openemr 4.1.1

Multiple SQL injection vulnerabilities in OpenEMR 4.1.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) start or (2) end parameter to interface/reports/custom_report_range.php, or the (3) form_newid parameter to custom/chart_tracker.php.

6.5
2013-08-06 CVE-2013-3992 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Biginsights 2.0.0.0/2.1.0.0

Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere BigInsights 2.0 through 2.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

6.0
2013-08-05 CVE-2013-0149 Cisco Remote Security Bypass vulnerability in Cisco IOS and IOS XE

The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795.

5.8
2013-08-07 CVE-2013-1717 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla products

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.

5.4
2013-08-09 CVE-2013-0494 IBM Resource Management Errors vulnerability in IBM Sterling B2B Integrator 5.0/5.1

IBM Sterling B2B Integrator 5.0 and 5.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted HTTP (1) Range or (2) Request-Range header.

5.0
2013-08-06 CVE-2013-4124 Canonical
Redhat
Fedoraproject
Samba
Opensuse
Numeric Errors vulnerability in multiple products

Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.

5.0
2013-08-06 CVE-2013-3996 IBM Improper Input Validation vulnerability in IBM Infosphere Biginsights

IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct phishing attacks via a crafted web site.

4.9
2013-08-09 CVE-2013-2798 Selinc Improper Input Validation vulnerability in Selinc products

Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line.

4.7
2013-08-09 CVE-2013-4037 IBM Authentication Bypass vulnerability in Intelligent Platform Management Interface

The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers sends a password hash to the client, which makes it easier for remote attackers to obtain access via a brute-force attack.

4.3
2013-08-09 CVE-2013-5100 Franz Holzinger Cross-Site Scripting vulnerability in Franz Holzinger Static Methods

Cross-site scripting (XSS) vulnerability in the Static Methods since 2007 (div2007) extension before 0.10.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the t3lib_div::quoteJSvalue function.

4.3
2013-08-09 CVE-2012-6458 Silverstripe Cross-Site Scripting vulnerability in Silverstripe 3.0.0

Multiple cross-site scripting (XSS) vulnerabilities in the SilverStripe e-commerce module 3.0 for SilverStripe CMS allow remote attackers to inject arbitrary web script or HTML via the (1) FirstName, (2) Surname, or (3) Email parameter to code/forms/OrderFormAddress.php; or the (4) FirstName or (5) Surname parameter to code/forms/ShopAccountForm.php.

4.3
2013-08-09 CVE-2013-5098 Mikejolley
Wordpress
Cross-Site Scripting vulnerability in Mikejolley Download Monitor

Cross-site scripting (XSS) vulnerability in admin/admin.php in the Download Monitor plugin before 3.3.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the sort parameter, a different vulnerability than CVE-2013-3262.

4.3
2013-08-09 CVE-2013-4759 Magnolia CMS Cross-Site Scripting vulnerability in Magnolia-Cms Magnolia Form Module

Multiple cross-site scripting (XSS) vulnerabilities in the Magnolia Form module 1.x before 1.4.7 and 2.x before 2.0.2 for Magnolia CMS allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) fullname, or (3) email parameter to magnoliaPublic/demo-project/members-area/registration.html.

4.3
2013-08-09 CVE-2013-4625 Cory Lamle
Wordpress
Cross-Site Scripting vulnerability in Cory Lamle Duplicator 0.4.2/0.4.3

Cross-site scripting (XSS) vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the package parameter.

4.3
2013-08-09 CVE-2013-4620 Open EMR Cross-Site Scripting vulnerability in Open-Emr Openemr 4.1.1

Cross-site scripting (XSS) vulnerability in interface/main/onotes/office_comments_full.php in OpenEMR 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the note parameter.

4.3
2013-08-09 CVE-2013-4600 Alkacon Cross-Site Scripting vulnerability in Alkacon Opencms

Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms before 8.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to system/workplace/views/admin/admin-main.jsp or the (2) requestedResource parameter to system/login/index.html.

4.3
2013-08-09 CVE-2013-3262 Mikejolley
Wordpress
Cross-Site Scripting vulnerability in Mikejolley Download Monitor

Cross-site scripting (XSS) vulnerability in admin/admin.php in the Download Monitor plugin before 3.3.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the p parameter.

4.3
2013-08-09 CVE-2013-2117 Jason A Donenfeld
Lars Hjemli
Path Traversal vulnerability in multiple products

Directory traversal vulnerability in the cgit_parse_readme function in ui-summary.c in cgit before 0.9.2, when a readme file is set to a filesystem path, allows remote attackers to read arbitrary files via a ..

4.3
2013-08-09 CVE-2013-3990 IBM Cross-Site Scripting vulnerability in IBM Lotus Domino

Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN98FLQ2.

4.3
2013-08-09 CVE-2013-3032 IBM Cross-Site Scripting vulnerability in IBM Lotus Domino

Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN986NAA.

4.3
2013-08-07 CVE-2013-1714 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla products

The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.

4.3
2013-08-07 CVE-2013-1713 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks or install arbitrary add-ons via a crafted web site.

4.3
2013-08-07 CVE-2013-1711 Mozilla Cross-Site Scripting vulnerability in Mozilla Firefox and Seamonkey

The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging access to an unprivileged object.

4.3
2013-08-07 CVE-2013-1709 Mozilla Cross-Site Scripting vulnerability in Mozilla products

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving spoofing a relative location in a previously visited document.

4.3
2013-08-07 CVE-2013-1708 Mozilla Denial of Service vulnerability in Mozilla Firefox/SeaMonkey

Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function.

4.3
2013-08-06 CVE-2013-5025 NI Security vulnerability in National Instruments LabWindows/CVI

An ActiveX control in exlauncher.dll in the Help subsystem in National Instruments LabWindows/CVI before 2013 allows remote attackers to cause a denial of service by triggering the display of local example files.

4.3
2013-08-06 CVE-2013-5024 NI Unspecified vulnerability in NI Measurementstudio 2013

An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to obtain sensitive information about the existence of registry keys via crafted (1) key-open or (2) key-close method calls.

4.3
2013-08-06 CVE-2013-5023 NI Unspecified vulnerability in NI products

The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files.

4.3
2013-08-05 CVE-2013-4677 Symantec Permissions, Privileges, and Access Controls vulnerability in Symantec Backup Exec 2010/2010R3/2012

Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive information or modify the outcome of a restore via direct access to these files.

4.3
2013-08-05 CVE-2013-4676 Symantec Cross-Site Scripting vulnerability in Symantec Backup Exec 2010R3/2012

Multiple cross-site scripting (XSS) vulnerabilities in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a (1) custom-reports generation page, (2) Storage Devices creation page, or (3) jobs creation page in the management console; or (4) a Backup Exec server-management page in the beutility console.

4.3
2013-08-09 CVE-2013-4038 IBM Cryptographic Issues vulnerability in IBM products

The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file.

4.0
2013-08-05 CVE-2013-3442 Cisco Information Exposure vulnerability in Cisco Unified Communications Manager

The web portal in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive stack-trace information via unspecified vectors that trigger a stack exception, aka Bug ID CSCug34854.

4.0

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2013-08-09 CVE-2013-0492 IBM Cross-Site Scripting vulnerability in IBM Informix Open Admin Tool 2.0/3.0

Cross-site scripting (XSS) vulnerability in IBM Informix Open Admin Tool (OAT) 2.x and 3.x before 3.11.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5
2013-08-06 CVE-2013-3995 IBM Cross-Site Scripting vulnerability in IBM Infosphere Biginsights

Cross-site scripting (XSS) vulnerability in IBM InfoSphere BigInsights 1.1 through 2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2013-08-09 CVE-2013-3659 Nttdocomo Improper Authentication vulnerability in Nttdocomo Overseas Usage 2.0.0/2.0.4

The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for Android does not properly connect to Wi-Fi access points, which allows remote attackers to obtain sensitive information by leveraging presence in an 802.11 network's coverage area.

3.3
2013-08-05 CVE-2013-4678 Symantec Information Exposure vulnerability in Symantec Backup Exec 2010/2010R3/2012

The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain sensitive host-version information via unspecified vectors.

2.7
2013-08-09 CVE-2013-5099 Anchor Cross-Site Scripting vulnerability in Anchor CMS 0.9.1

Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Name field.

2.6