Weekly Vulnerabilities Reports > August 19 to 25, 2013
Overview
103 new vulnerabilities reported during this period, including 2 critical vulnerabilities and 26 high severity vulnerabilities. This weekly summary report vulnerabilities in 78 products from 52 vendors including Puppet, Cisco, IBM, Bestpractical, and Canonical. Vulnerabilities are notably categorized as "Cross-site Scripting", "Resource Management Errors", "SQL Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Improper Input Validation".
- 85 reported vulnerabilities are remotely exploitables.
- 14 reported vulnerabilities have public exploit available.
- 37 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 88 reported vulnerabilities are exploitable by an anonymous user.
- Puppet has the most reported vulnerabilities, with 11 reported vulnerabilities.
- Sixnet has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
2 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-08-21 | CVE-2013-2802 | Sixnet | Code Injection vulnerability in Sixnet RTU Firmware and UDR The universal protocol implementation in Sixnet UDR before 2.0 and RTU firmware before 4.8 allows remote attackers to execute arbitrary code; read, modify, or create files; or obtain file metadata via function opcodes. | 10.0 |
2013-08-25 | CVE-2013-5578 | Staruml | Buffer Errors vulnerability in Staruml 5.0.2.1570 Buffer overflow in the ToDot method in the WINGRAPHVIZLib.NEATO ActiveX control in WinGraphviz.dll in StarUML allows remote attackers to execute arbitrary code via a long argument. | 9.3 |
26 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-08-25 | CVE-2013-3462 | Cisco | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Unified Communications Manager Buffer overflow in Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6, 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(2) allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Bug ID CSCud54358. | 8.5 |
2013-08-21 | CVE-2013-0526 | IBM | Improper Input Validation vulnerability in IBM products ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter. | 8.5 |
2013-08-25 | CVE-2013-3460 | Cisco | Resource Management Errors vulnerability in Cisco Unified Communications Manager Memory leak in Cisco Unified Communications Manager (Unified CM) 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(1) allows remote attackers to cause a denial of service (service disruption) via a high rate of UDP packets, aka Bug ID CSCub85597. | 7.8 |
2013-08-25 | CVE-2013-3459 | Cisco | Resource Management Errors vulnerability in Cisco Unified Communications Manager Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6a does not properly handle errors, which allows remote attackers to cause a denial of service (service disruption) via malformed registration messages, aka Bug ID CSCuf93466. | 7.8 |
2013-08-25 | CVE-2013-3390 | Cisco | Resource Management Errors vulnerability in Cisco Prime Central for Hosted Collaboration Solution Assurance Memory leak in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets, aka Bug ID CSCub59158. | 7.8 |
2013-08-25 | CVE-2013-3389 | Cisco | Resource Management Errors vulnerability in Cisco Prime Central for Hosted Collaboration Solution Assurance Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets to port (1) 61615 or (2) 61616, aka Bug ID CSCtz90114. | 7.8 |
2013-08-25 | CVE-2013-3388 | Cisco | Resource Management Errors vulnerability in Cisco Prime Central for Hosted Collaboration Solution Assurance Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets to port 44444, aka Bug ID CSCtz92776. | 7.8 |
2013-08-25 | CVE-2013-3387 | Cisco | Resource Management Errors vulnerability in Cisco Prime Central for Hosted Collaboration Solution Assurance Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (disk consumption) via a flood of TCP packets to port 5400, leading to large error-log files, aka Bug ID CSCua42724. | 7.8 |
2013-08-22 | CVE-2013-3453 | Cisco | Resource Management Errors vulnerability in Cisco Unified Communications Manager and Unified Presence Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (memory and CPU consumption) by making many TCP connections to port (1) 5060 or (2) 5061, aka Bug ID CSCud84959. | 7.8 |
2013-08-22 | CVE-2013-2789 | Kepware | Infinite Loop vulnerability in Kepware Kepserverex The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0 allows remote attackers to cause a denial of service (master-station infinite loop) via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service (master-station infinite loop) via crafted input over a serial line. | 7.8 |
2013-08-25 | CVE-2013-4219 | Intel | Numeric Errors vulnerability in Intel Wimax Network Service 1.5.0/1.5.2 Multiple integer overflows in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices allow remote attackers to cause a denial of service (component crash) or possibly execute arbitrary code via an L5 connection with a crafted PDU value that triggers a heap-based buffer overflow within (1) L5SocketsDispatcher.c or (2) L5Connector.c. | 7.5 |
2013-08-25 | CVE-2012-6588 | Myrephp | SQL Injection vulnerability in Myrephp Myre Business Directory SQL injection vulnerability in links.php in MYRE Business Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |
2013-08-25 | CVE-2012-6586 | Myrephp | SQL Injection vulnerability in Myrephp Myre Vacation Rental Multiple SQL injection vulnerabilities in MYRE Vacation Rental Software allow remote attackers to execute arbitrary SQL commands via the (1) garage1 or (2) bathrooms1 parameter to vacation/1_mobile/search.php, or (3) unspecified input to vacation/widgate/request_more_information.php. | 7.5 |
2013-08-25 | CVE-2012-6584 | Myrephp | SQL Injection vulnerability in Myrephp Myre Realty Manager Multiple SQL injection vulnerabilities in MYRE Realty Manager allow remote attackers to execute arbitrary SQL commands via the bathrooms1 parameter to (1) demo2/search.php or (2) search.php. | 7.5 |
2013-08-25 | CVE-2010-5289 | Incredimail | Buffer Errors vulnerability in Incredimail 2.0 Buffer overflow in the Authenticate method in the INCREDISPOOLERLib.Pop ActiveX control in ImSpoolU.dll in IncrediMail 2.0 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in the first argument. | 7.5 |
2013-08-23 | CVE-2013-1435 | Cacti | Code Injection vulnerability in Cacti (1) snmp.php and (2) rrd.php in Cacti before 0.8.8b allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors. | 7.5 |
2013-08-23 | CVE-2013-1434 | Cacti | SQL Injection vulnerability in Cacti Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti before 0.8.8b allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-08-23 | CVE-2013-5569 | Heiko Sudar Typo3 | SQL Injection vulnerability in Heiko Sudar Slideshare 0.1.0 SQL injection vulnerability in the Slideshare extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-08-21 | CVE-2013-4701 | Janrain | XML External Entity Injection vulnerability in Janrain PHP-Openid 2.2.2 Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via XRDS data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 7.5 |
2013-08-20 | CVE-2013-2161 | Openstack Opensuse | Code Injection vulnerability in multiple products XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows attackers to trigger invalid or spoofed Swift responses via an account name. | 7.5 |
2013-08-20 | CVE-2013-5322 | JAN Bednarik Typo3 | SQL Injection vulnerability in JAN Bednarik Cooluri SQL injection vulnerability in the CoolURI extension before 1.0.30 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-08-20 | CVE-2013-5321 | Alienvault | SQL Injection vulnerability in Alienvault Open Source Security Information Management 4.1 Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) sensor parameter in a Query action to forensics/base_qry_main.php; the (2) tcp_flags[] or (3) tcp_port[0][4] parameter to forensics/base_stat_alerts.php; the (4) ip_addr[1][8] or (5) port_type parameter to forensics/base_stat_ports.php; or the (6) sortby or (7) rvalue parameter in a search action to vulnmeter/index.php. | 7.5 |
2013-08-20 | CVE-2013-5318 | Benjamin Arnaudetr | SQL Injection vulnerability in Benjamin Arnaudetr Ginkgocms 5.0 SQL injection vulnerability in Ginkgo CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the rang parameter to index.php. | 7.5 |
2013-08-19 | CVE-2013-3567 | Puppet Puppetlabs Canonical Novell | Improper Input Validation vulnerability in multiple products Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call. | 7.5 |
2013-08-19 | CVE-2013-5311 | Vastal | SQL Injection vulnerability in Vastal PHPvid 1.2.3 Multiple SQL injection vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to execute arbitrary SQL commands via the "n" parameter to (1) browse_videos.php or (2) members.php. | 7.5 |
2013-08-25 | CVE-2013-3461 | Cisco | Resource Management Errors vulnerability in Cisco Unified Communications Manager Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) before 8.6(2a)su3 and 9.x before 9.1(1) does not properly restrict the rate of SIP packets, which allows remote attackers to cause a denial of service (memory and CPU consumption, and service disruption) via a flood of UDP packets to port 5060, aka Bug ID CSCub35869. | 7.1 |
53 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-08-24 | CVE-2013-1662 | Vmware | Permissions, Privileges, and Access Controls vulnerability in VMWare Player and Workstation vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in a directory in the PATH, related to use of the popen library function. | 6.9 |
2013-08-23 | CVE-2013-2196 | XEN | Remote Privilege Escalation vulnerability in Xen Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "other problems" that are not CVE-2013-2194 or CVE-2013-2195. | 6.9 |
2013-08-23 | CVE-2013-2195 | XEN | Numeric Errors vulnerability in XEN The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "pointer dereferences" involving unexpected calculations. | 6.9 |
2013-08-23 | CVE-2013-2194 | XEN | Numeric Errors vulnerability in XEN Multiple integer overflows in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel. | 6.9 |
2013-08-20 | CVE-2013-4958 | Puppet | Improper Authentication vulnerability in Puppet Enterprise Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation. | 6.9 |
2013-08-23 | CVE-2013-3370 | Bestpractical | Permissions, Privileges, and Access Controls vulnerability in Bestpractical RT Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 does not properly restrict access to private callback components, which allows remote attackers to have an unspecified impact via a direct request. | 6.8 |
2013-08-21 | CVE-2013-3029 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Websphere Application Server Cross-site request forgery (CSRF) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences. | 6.8 |
2013-08-20 | CVE-2013-5316 | Ritecms | Cross-Site Request Forgery (CSRF) vulnerability in Ritecms 1.0.0 Cross-site request forgery (CSRF) vulnerability in RiteCMS 1.0.0 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via an edit user action to cms/index.php. | 6.8 |
2013-08-19 | CVE-2013-4852 | Winscp Debian Opensuse Putty Simon Tatham | Numeric Errors vulnerability in multiple products Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow. | 6.8 |
2013-08-19 | CVE-2013-4206 | Simon Tatham Putty | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication. | 6.8 |
2013-08-19 | CVE-2013-5313 | Bigtreecms | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS 4.0 Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/update.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to hijack the authentication of administrators for requests that modify arbitrary user accounts via an edit user action. | 6.8 |
2013-08-19 | CVE-2013-4881 | Bigtreecms | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS 4.0 Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/create.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create an administrative user via an add user action to index.php. | 6.8 |
2013-08-23 | CVE-2013-3369 | Bestpractical | Security Bypass vulnerability in Request Tracker Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote authenticated users with the permissions to view the administration pages to execute arbitrary private components via unspecified vectors. | 6.0 |
2013-08-23 | CVE-2012-4733 | Bestpractical | Credentials Management vulnerability in Bestpractical RT Request Tracker (RT) 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors. | 6.0 |
2013-08-21 | CVE-2013-4230 | Monster Menus Module Project Drupal | Permissions, Privileges, and Access Controls vulnerability in Monster Menus Module Project Monster Menus The mm_webform submodule in the Monster Menus module 6.x-6.x before 6.x-6.61 and 7.x-1.x before 7.x-1.13 for Drupal does not properly restrict access to webform submissions, which allows remote authenticated users with the "Who can read data submitted to this webform" permission to delete arbitrary submissions via unspecified vectors. | 6.0 |
2013-08-23 | CVE-2013-1909 | Redhat Apache | Improper Input Validation vulnerability in multiple products The Python client in Apache Qpid before 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
2013-08-21 | CVE-2013-4700 | Yahoo | Cryptographic Issues vulnerability in Yahoo Japan Shopping 1.4 The Yahoo! Japan Shopping application 1.4 and earlier for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
2013-08-21 | CVE-2013-4699 | Yahoo | Cryptographic Issues vulnerability in Yahoo Yafuoku! 4.3.0 The Yahoo! Japan Yafuoku! application 4.3.0 and earlier for iOS and Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
2013-08-20 | CVE-2013-4962 | Puppet | Credentials Management vulnerability in Puppet Enterprise The reset password page in Puppet Enterprise before 3.0.1 does not force entry of the current password, which allows attackers to modify user passwords by leveraging session hijacking, an unattended workstation, or other vectors. | 5.8 |
2013-08-20 | CVE-2013-4955 | Puppet | Improper Input Validation vulnerability in Puppet Enterprise Open redirect vulnerability in the login page in Puppet Enterprise before 3.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the service parameter. | 5.8 |
2013-08-20 | CVE-2013-4762 | Puppet | Improper Input Validation vulnerability in Puppet Enterprise Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, which might allow remote attackers to hijack sessions by obtaining an old session ID. | 5.8 |
2013-08-20 | CVE-2013-4761 | Puppet Puppetlabs | Remote Code Execution vulnerability in RETIRED: Puppet Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service. | 5.1 |
2013-08-23 | CVE-2013-3373 | Bestpractical | Code Injection vulnerability in Bestpractical RT CRLF injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a MIME header. | 5.0 |
2013-08-22 | CVE-2013-2801 | Osisoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Osisoft PI Interface The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows remote attackers to cause a denial of service (instance shutdown and data-collection outage) via crafted C37.118 configuration packets that trigger an invalid read operation. | 5.0 |
2013-08-22 | CVE-2013-2800 | Osisoft | Resource Management Errors vulnerability in Osisoft PI Interface The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows remote attackers to cause a denial of service (memory consumption or memory corruption, instance shutdown, and data-collection outage) via crafted C37.118 configuration packets. | 5.0 |
2013-08-21 | CVE-2013-3016 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Portal IBM WebSphere Portal 6.1, 7.0, and 8.0 allows remote attackers to access the user directory via a crafted request for a servlet, related to the serveServletsByClassnameEnabled setting. | 5.0 |
2013-08-20 | CVE-2013-4967 | Puppet | Credentials Management vulnerability in Puppet Enterprise Puppet Enterprise before 3.0.1 allows remote attackers to obtain the database password via vectors related to how the password is "seeded as a console parameter," External Node Classifiers, and the lack of access control for /nodes. | 5.0 |
2013-08-20 | CVE-2013-4964 | Puppet | Permissions, Privileges, and Access Controls vulnerability in Puppet Enterprise Puppet Enterprise before 3.0.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | 5.0 |
2013-08-20 | CVE-2013-4961 | Puppet | Information Exposure vulnerability in Puppet Enterprise Puppet Enterprise before 3.0.1 includes version information for the Apache and Phusion Passenger products in its HTTP response headers, which allows remote attackers to obtain sensitive information. | 5.0 |
2013-08-20 | CVE-2013-4130 | Spice Project Canonical | Resource Management Errors vulnerability in multiple products The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error. | 5.0 |
2013-08-19 | CVE-2013-2175 | Debian Canonical Redhat Haproxy | Improper Input Validation vulnerability in multiple products HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service (negative array index usage and crash) via an HTTP header with a certain number of values, related to the MAX_HDR_HISTORY variable. | 5.0 |
2013-08-19 | CVE-2013-2145 | Canonical Opensuse Perlmonks | Improper Input Validation vulnerability in multiple products The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/. | 4.4 |
2013-08-25 | CVE-2012-6589 | Myrephp | Cross-Site Scripting vulnerability in Myrephp Myre Business Directory Cross-site scripting (XSS) vulnerability in search.php in MYRE Business Directory allows remote attackers to inject arbitrary web script or HTML via the look parameter. | 4.3 |
2013-08-25 | CVE-2012-6587 | Myrephp | Cross-Site Scripting vulnerability in Myrephp Myre Vacation Rental Cross-site scripting (XSS) vulnerability in vacation/1_mobile/alert_members.php in MYRE Vacation Rental Software allows remote attackers to inject arbitrary web script or HTML via the link_idd parameter in a login action. | 4.3 |
2013-08-25 | CVE-2012-6585 | Myrephp | Cross-Site Scripting vulnerability in Myrephp Myre Realty Manager Cross-site scripting (XSS) vulnerability in search.php in MYRE Realty Manager allows remote attackers to inject arbitrary web script or HTML via the cat_id1 parameter. | 4.3 |
2013-08-23 | CVE-2013-3374 | Bestpractical | Information Disclosure vulnerability in Request Tracker Unspecified vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information (user preferences and caches) via unknown vectors, related to a "limited session re-use." | 4.3 |
2013-08-23 | CVE-2013-3372 | Bestpractical | Cross-Site Scripting vulnerability in Bestpractical RT Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject multiple Content-Disposition HTTP headers and possibly conduct cross-site scripting (XSS) attacks via unspecified vectors. | 4.3 |
2013-08-23 | CVE-2013-3371 | Bestpractical | Cross-Site Scripting vulnerability in Bestpractical RT Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 3.8.3 through 3.8.16 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary web script or HTML via the filename of an attachment. | 4.3 |
2013-08-23 | CVE-2013-5570 | Axel Jung Typo3 | Cross-Site Scripting vulnerability in Axel Jung JS CSS Optimizer Cross-site scripting (XSS) vulnerability in the Javascript and CSS Optimizer extension before 1.1.14 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-08-21 | CVE-2013-2967 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Application Server Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-08-20 | CVE-2013-2157 | Openstack | Improper Authentication vulnerability in Openstack Keystone OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password. | 4.3 |
2013-08-20 | CVE-2013-5323 | Stanislas Rolland Typo3 | Cross-Site Scripting vulnerability in Stanislas Rolland Static Info Tables Cross-site scripting (XSS) vulnerability in the Static Info Tables (static_info_tables) extension before 2.3.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-08-20 | CVE-2013-5320 | Sourcetreesolutions | Cross-Site Scripting vulnerability in Sourcetreesolutions Mojoportal Cross-site scripting (XSS) vulnerability in Forums/EditPost.aspx in mojoPortal before 2.3.9.8 allows remote attackers to inject arbitrary web script or HTML via the txtSubject parameter. | 4.3 |
2013-08-20 | CVE-2013-5319 | Atlassian | Cross-Site Scripting vulnerability in Atlassian Jira Cross-site scripting (XSS) vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via the name parameter to secure/admin/user/DeleteUser!default.jspa. | 4.3 |
2013-08-20 | CVE-2013-4653 | Alcatel Lucent | Cross-Site Scripting vulnerability in Alcatel-Lucent products Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message Delivery System (AMDS) before 6.7, Omnitouch 8460 Advanced Communication Server before 9.1, and OmniTouch 8400 Instant Communications Suite before 6.7.3 (1) allow remote attackers to inject arbitrary web script or HTML via a crafted URL that results in a reflected XSS or (2) allow user-assisted remote attackers to inject arbitrary web script or HTML via a user's personal bookmark entry that results in a stored XSS via unspecified vectors. | 4.3 |
2013-08-19 | CVE-2013-5029 | Opensuse Phpmyadmin | Improper Input Validation vulnerability in multiple products phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php. | 4.3 |
2013-08-19 | CVE-2013-4207 | Putty Simon Tatham | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206. | 4.3 |
2013-08-19 | CVE-2013-4174 | OWS Drupal | Cross-Site Scripting vulnerability in OWS Scald 7.X1.0 Multiple cross-site scripting (XSS) vulnerabilities in the Scald module 7.x-1.x before 7.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via the (1) flash_uri, (2) flash_width, or (3) flash_height in the scald_flash_scald_prerender function in providers/scald_flash/scald_flash.module; or the (4) caption in the scald_image_scald_prerender function in providers/scald_image/scald_image.module. | 4.3 |
2013-08-19 | CVE-2013-2136 | Apache | Cross-Site Scripting vulnerability in Apache Cloudstack Multiple cross-site scripting (XSS) vulnerabilities in Apache CloudStack before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Physical network name to the Zone wizard; (2) New network name, (3) instance name, or (4) group to the Instance wizard; (5) unspecified "multi-edit fields;" and (6) unspecified "list view" edit fields related to global settings. | 4.3 |
2013-08-19 | CVE-2013-5314 | S9Y | Cross-Site Scripting vulnerability in S9Y Serendipity Cross-site scripting (XSS) vulnerability in serendipity_admin_image_selector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipity[htmltarget] parameter. | 4.3 |
2013-08-19 | CVE-2013-5312 | Vastal | Cross-Site Scripting vulnerability in Vastal PHPvid 1.2.3 Multiple cross-site scripting (XSS) vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to browse_videos.php or the (2) cat parameter to groups.php. | 4.3 |
2013-08-22 | CVE-2013-2979 | IBM | Path Traversal vulnerability in IBM products Directory traversal vulnerability in IBM Optim Performance Manager 4.1.1 and IBM InfoSphere Optim Performance Manager 5.x before 5.2 allows remote authenticated users to read arbitrary files via a crafted URL. | 4.0 |
2013-08-20 | CVE-2013-4155 | Openstack | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openstack products OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is older than expected. | 4.0 |
22 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-08-20 | CVE-2013-4956 | Puppet Puppetlabs | Permissions, Privileges, and Access Controls vulnerability in multiple products Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if those permissions were used when the modules were originally built, which might allow local users to read or modify those modules depending on the original permissions. | 3.6 |
2013-08-22 | CVE-2013-2299 | Advantech | Cross-Site Scripting vulnerability in Advantech Webaccess 5.0/6.0/7.0 Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) before 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2013-08-21 | CVE-2013-4005 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Application Server Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified fields. | 3.5 |
2013-08-21 | CVE-2013-4004 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Application Server Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 8.0 before 8.0.0.7 and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2013-08-21 | CVE-2013-0597 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Application Server Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0, when OAuth is used, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2013-08-20 | CVE-2013-5317 | Ritecms | Cross-Site Scripting vulnerability in Ritecms 1.0.0 Cross-site scripting (XSS) vulnerability in RiteCMS 1.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the mode parameter to cms/index.php. | 3.5 |
2013-08-23 | CVE-2013-3368 | Bestpractical | Link Following vulnerability in Bestpractical RT bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with predictable name. | 3.3 |
2013-08-19 | CVE-2013-0167 | Redhat | Denial of Service vulnerability in Red Hat Enterprise Virtualization Hypervisor VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via guestInfo dictionaries with "unexpected fields." | 2.7 |
2013-08-23 | CVE-2013-5587 | Bestpractical | Cross-Site Scripting vulnerability in Bestpractical RT Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 4.x before 4.0.13, when MakeClicky is configured, allows remote attackers to inject arbitrary web script or HTML via a URL in a ticket. | 2.6 |
2013-08-20 | CVE-2012-6582 | Spambot Module Project Drupal | Cross-Site Scripting vulnerability in Spambot Module Project Spambot Cross-site scripting (XSS) vulnerability in the Spambot module 6.x-3.x before 6.x-3.2 and 7.x-1.x before 7.x-1.1 for Drupal allows certain remote attackers to inject arbitrary web script or HTML via a stopforumspam.com API response, which is logged by the watchdog. | 2.6 |
2013-08-19 | CVE-2013-5315 | OWS Drupal | Cross-Site Scripting vulnerability in OWS Scald 6.X1.0/6.X1.X/7.X1.0 Cross-site scripting (XSS) vulnerability in the Resource Manager in the MEE submodule (mee.module) in the Scald module 6.x-1.x before 6.x-1.0-beta3 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the atom title, a different vector than CVE-2013-4174. | 2.6 |
2013-08-25 | CVE-2013-4218 | Intel | Cryptographic Issues vulnerability in Intel Wimax Network Service 1.5.0/1.5.2 The InitMethodAndPassword function in InfraStack/OSAgnostic/WiMax/Agents/Supplicant/Source/SupplicantAgent.c in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses the same RSA private key in supplicant_key.pem on all systems, which allows local users to obtain sensitive information via unspecified decryption operations. | 2.1 |
2013-08-25 | CVE-2013-4217 | Intel | Cryptographic Issues vulnerability in Intel Wimax Network Service 1.5.0/1.5.2 The OSAL_Crypt_SetEncryptedPassword function in InfraStack/OSDependent/Linux/OSAL/Services/wimax_osal_crypt_services.c in the OSAL crypt module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices logs a cleartext password during certain attempts to set a password, which allows local users to obtain sensitive information by reading a log file. | 2.1 |
2013-08-25 | CVE-2013-4216 | Intel | Permissions, Privileges, and Access Controls vulnerability in Intel Wimax Network Service 1.5.0/1.5.2 The Trace_OpenLogFile function in InfraStack/OSDependent/Linux/InfraStackModules/TraceModule/TraceModule.c in the Trace module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses world-writable permissions for wimaxd.log, which allows local users to cause a denial of service (data corruption) by modifying this file. | 2.1 |
2013-08-23 | CVE-2011-4607 | Putty | Buffer Errors vulnerability in Putty 0.59/0.60/0.61 PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory. | 2.1 |
2013-08-23 | CVE-2012-6583 | Imagemenu Project Drupal | Cross-Site Scripting vulnerability in Imagemenu Project Imagemenu Cross-site scripting (XSS) vulnerability in the Imagemenu module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "administer imagemenu" permission to inject arbitrary web script or HTML via an image file name. | 2.1 |
2013-08-21 | CVE-2013-4229 | Monster Menus Module Project Drupal | Cross-Site Scripting vulnerability in Monster Menus Module Project Monster Menus Cross-site scripting (XSS) vulnerability in the Monster Menus module 7.x-1.x before 7.x-1.12 for Drupal allows remote authenticated users with permissions to add pages to inject arbitrary web script or HTML via a title in the page settings. | 2.1 |
2013-08-20 | CVE-2013-4959 | Puppet | Information Exposure vulnerability in Puppet Enterprise Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the "no-cache" setting, which might allow local users to obtain sensitive information such as (1) host name, (2) MAC address, and (3) SSH keys via the web browser cache. | 2.1 |
2013-08-19 | CVE-2013-4208 | Putty Simon Tatham | Information Exposure vulnerability in multiple products The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys. | 2.1 |
2013-08-21 | CVE-2013-2976 | IBM | Information Exposure vulnerability in IBM Websphere Application Server The Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via unspecified vectors. | 1.9 |
2013-08-19 | CVE-2013-4242 | Canonical Debian Gnupg Opensuse | Information Exposure vulnerability in multiple products GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. | 1.9 |
2013-08-19 | CVE-2013-2162 | Canonical | Race Condition vulnerability in Canonical Ubuntu Linux Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as credentials. | 1.9 |