Weekly Vulnerabilities Reports > September 9 to 15, 2013

Overview

111 new vulnerabilities reported during this period, including 56 critical vulnerabilities and 9 high severity vulnerabilities. This weekly summary report vulnerabilities in 86 products from 34 vendors including Microsoft, Adobe, Apple, Citrix, and IBM. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", and "Numeric Errors".

  • 99 reported vulnerabilities are remotely exploitables.
  • 4 reported vulnerabilities have public exploit available.
  • 18 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 104 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 49 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 41 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

56 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2013-09-12 CVE-2013-2940 Citrix Security vulnerability in Citrix Cloudportal Services Manager 10.0

Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.

10.0
2013-09-12 CVE-2013-2939 Citrix Security vulnerability in Citrix Cloudportal Services Manager 10.0

Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.

10.0
2013-09-12 CVE-2013-2938 Citrix Security vulnerability in Citrix Cloudportal Services Manager 10.0

Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.

10.0
2013-09-12 CVE-2013-2937 Citrix Information Disclosure vulnerability in Citrix Cloudportal Services Manager 10.0

Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, related to debugging messages, a different vulnerability than other CVEs listed in CTX137162.

10.0
2013-09-12 CVE-2013-2936 Citrix Security vulnerability in Citrix Cloudportal Services Manager 10.0

Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.

10.0
2013-09-12 CVE-2013-2935 Citrix Security vulnerability in Citrix Cloudportal Services Manager 10.0

Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.

10.0
2013-09-12 CVE-2013-2934 Citrix Permissions, Privileges, and Access Controls vulnerability in Citrix Cloudportal Services Manager 10.0

Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 does not properly restrict access to web services, which has unspecified impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.

10.0
2013-09-12 CVE-2013-2933 Citrix Security vulnerability in Citrix Cloudportal Services Manager 10.0

Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162.

10.0
2013-09-12 CVE-2013-5324 Adobe
Apple
Microsoft
Linux
Google
Buffer Errors vulnerability in Adobe Air, AIR SDK and Flash Player

Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3361, CVE-2013-3362, and CVE-2013-3363.

10.0
2013-09-12 CVE-2013-3363 Adobe
Apple
Microsoft
Linux
Google
Buffer Errors vulnerability in Adobe Air, AIR SDK and Flash Player

Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3361, CVE-2013-3362, and CVE-2013-5324.

10.0
2013-09-12 CVE-2013-3362 Adobe
Apple
Microsoft
Linux
Google
Buffer Errors vulnerability in Adobe Air, AIR SDK and Flash Player

Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3361, CVE-2013-3363, and CVE-2013-5324.

10.0
2013-09-12 CVE-2013-3361 Adobe
Apple
Microsoft
Linux
Google
Buffer Errors vulnerability in Adobe Air, AIR SDK and Flash Player

Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3362, CVE-2013-3363, and CVE-2013-5324.

10.0
2013-09-12 CVE-2013-3360 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3359.

10.0
2013-09-12 CVE-2013-3359 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3360.

10.0
2013-09-12 CVE-2013-3358 Adobe
Apple
Microsoft
Numeric Errors vulnerability in Adobe Acrobat and Acrobat Reader

Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3357.

10.0
2013-09-12 CVE-2013-3357 Adobe
Apple
Microsoft
Numeric Errors vulnerability in Adobe Acrobat and Acrobat Reader

Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3358.

10.0
2013-09-12 CVE-2013-3356 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3353.

10.0
2013-09-12 CVE-2013-3355 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3354.

10.0
2013-09-12 CVE-2013-3354 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3355.

10.0
2013-09-12 CVE-2013-3353 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3356.

10.0
2013-09-12 CVE-2013-3352 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3354 and CVE-2013-3355.

10.0
2013-09-12 CVE-2013-3351 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Multiple stack-based buffer overflows in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code via unspecified vectors.

10.0
2013-09-11 CVE-2013-1330 Microsoft Improper Input Validation vulnerability in Microsoft products

The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code by leveraging an unassigned workflow, aka "MAC Disabled Vulnerability."

10.0
2013-09-10 CVE-2013-4983 Sophos OS Command Injection vulnerability in Sophos web Appliance Firmware

The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.

10.0
2013-09-09 CVE-2013-5715 Gomlab Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gomlab GOM Player

Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors.

10.0
2013-09-10 CVE-2013-3658 Vmware Path Traversal vulnerability in VMWare ESX and Esxi

Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors.

9.4
2013-09-11 CVE-2013-3870 Microsoft Resource Management Errors vulnerability in Microsoft Outlook 2007/2010

Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."

9.3
2013-09-11 CVE-2013-3863 Microsoft Buffer Errors vulnerability in Microsoft Windows Server 2003 and Windows XP

Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via a crafted OLE object in a file, aka "OLE Property Vulnerability."

9.3
2013-09-11 CVE-2013-3858 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3849.

9.3
2013-09-11 CVE-2013-3857 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1 and SP2, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3856 Microsoft Buffer Errors vulnerability in Microsoft Word and Word Viewer

Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3855 Microsoft Buffer Errors vulnerability in Microsoft Office Compatibility Pack, Word and Word Viewer

Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3854 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office and Word

Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3853.

9.3
2013-09-11 CVE-2013-3853 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office and Word

Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3854.

9.3
2013-09-11 CVE-2013-3852 Microsoft Buffer Errors vulnerability in Microsoft Office Compatibility Pack, Word and Word Viewer

Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1; Office Compatibility Pack SP3; and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3851 Microsoft Buffer Errors vulnerability in Microsoft Office Compatibility Pack, Word and Word Viewer

Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3850 Microsoft Buffer Errors vulnerability in Microsoft Office Compatibility Pack, Word and Word Viewer

Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3849 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3858.

9.3
2013-09-11 CVE-2013-3848 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3849, and CVE-2013-3858.

9.3
2013-09-11 CVE-2013-3847 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3848, CVE-2013-3849, and CVE-2013-3858.

9.3
2013-09-11 CVE-2013-3845 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer 8/9

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3209 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/9

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3206, and CVE-2013-3207.

9.3
2013-09-11 CVE-2013-3208 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/8/9

Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3207 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/9

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3206, and CVE-2013-3209.

9.3
2013-09-11 CVE-2013-3206 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/9

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3207, and CVE-2013-3209.

9.3
2013-09-11 CVE-2013-3205 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 6/7/8

Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3204 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3203 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/9

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3206, CVE-2013-3207, and CVE-2013-3209.

9.3
2013-09-11 CVE-2013-3202 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3201 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/9

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3203, CVE-2013-3206, CVE-2013-3207, and CVE-2013-3209.

9.3
2013-09-11 CVE-2013-3158 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Excel 2003/2007

Microsoft Excel 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3157 Microsoft Buffer Errors vulnerability in Microsoft Access 2007/2010/2013

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3155.

9.3
2013-09-11 CVE-2013-3156 Microsoft Buffer Errors vulnerability in Microsoft Access 2007/2010/2013

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access File Format Memory Corruption Vulnerability."

9.3
2013-09-11 CVE-2013-3155 Microsoft Buffer Errors vulnerability in Microsoft Access 2007/2010/2013

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3157.

9.3
2013-09-10 CVE-2013-3934 Kingsoft Buffer Errors vulnerability in Kingsoft Office 2012 and Writer 2012

Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows remote attackers to execute arbitrary code via a long font name in a WPS file.

9.3
2013-09-09 CVE-2013-2803 Prosoft Technology Cryptographic Issues vulnerability in Prosoft-Technology Radiolinx Controlscape 6.00

ProSoft RadioLinx ControlScape before 6.00.040 uses a deficient PRNG algorithm and seeding strategy for passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack.

9.3

9 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2013-09-09 CVE-2013-2793 Trianglemicroworks Buffer Errors vulnerability in Trianglemicroworks products

Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.

7.8
2013-09-12 CVE-2013-2601 Citrix Unspecified vulnerability in Citrix Xenclient XT 2.1.2/3.0.0/3.1.3

The NDVM in Citrix XenClient XT before 2.1.3 and 3.x before 3.1.4 allows remote attackers to execute arbitrary commands by using the UIVM to create a network connection.

7.5
2013-09-12 CVE-2013-5723 SAP SQL Injection vulnerability in SAP Netweaver 7.30

SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "ABAD0_DELETE_DERIVATION_TABLE."

7.5
2013-09-12 CVE-2013-4339 Wordpress Improper Input Validation vulnerability in Wordpress

WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.

7.5
2013-09-12 CVE-2013-4338 Wordpress Code Injection vulnerability in Wordpress

wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.

7.5
2013-09-10 CVE-2013-5673 Indianic
Wordpress
SQL Injection vulnerability in Indianic Testimonial Plugin 2.2

SQL injection vulnerability in testimonial.php in the IndiaNIC Testimonial plugin 2.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the custom_query parameter in a testimonial_add action to wp-admin/admin-ajax.php.

7.5
2013-09-10 CVE-2013-3657 Vmware Buffer Errors vulnerability in VMWare ESX and Esxi

Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors.

7.5
2013-09-10 CVE-2013-4984 Sophos Permissions, Privileges, and Access Controls vulnerability in Sophos web Appliance

The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument.

7.2
2013-09-09 CVE-2013-2791 Matrikonopc Buffer Errors vulnerability in Matrikonopc Scada Dnp3 OPC Server 1.2.0

MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service (master-station daemon crash) via a malformed DNP3 TCP packet from the IP address of an outstation.

7.1

42 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2013-09-12 CVE-2013-5740 Intel Unspecified vulnerability in Intel products

Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment (MLE) is invoked, allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors.

6.9
2013-09-11 CVE-2013-3862 Microsoft Resource Management Errors vulnerability in Microsoft Windows 7 and Windows Server 2008

Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager (SCM), aka "Service Control Manager Double Free Vulnerability."

6.9
2013-09-11 CVE-2013-3859 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Office and Pinyin IME

Microsoft Pinyin IME 2010, when used in conjunction with Microsoft Office 2010 SP1, does not properly restrict configuration options, which allows local users to gain privileges by starting Internet Explorer from the IME toolbar, aka "Chinese IME Vulnerability."

6.9
2013-09-10 CVE-2013-4169 Gnome Link Following vulnerability in Gnome Display Manager

GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/.

6.9
2013-09-13 CVE-2013-5493 Cisco Improper Input Validation vulnerability in Cisco products

The diagnostic module in the firmware on Cisco Virtualization Experience Client 6000 devices allows local users to bypass intended access restrictions and execute arbitrary commands via unspecified vectors, aka Bug ID CSCug68407.

6.8
2013-09-10 CVE-2013-5672 Indianic
Wordpress
Cross-Site Request Forgery (CSRF) vulnerability in Indianic Testimonial Plugin 2.2

Multiple cross-site request forgery (CSRF) vulnerabilities in the IndiaNIC Testimonial plugin 2.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) add a testimonial via an iNIC_testimonial_save action; (2) add a listing template via an iNIC_testimonial_save_listing_template action; (3) add a widget template via an iNIC_testimonial_save_widget action; insert cross-site scripting (XSS) sequences via the (4) project_name, (5) project_url, (6) client_name, (7) client_city, (8) client_state, (9) description, (10) tags, (11) video_url, or (12) is_featured, (13) title, (14) widget_title, (15) no_of_testimonials, (16) filter_by_country, (17) filter_by_tags, or (18) widget_template parameter to wp-admin/admin-ajax.php.

6.8
2013-09-09 CVE-2013-4062 IBM Cryptographic Issues vulnerability in IBM Rational Policy Tester

IBM Rational Policy Tester 8.5 before 8.5.0.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof Jazz Team servers, obtain sensitive information, and modify the client-server data stream via a crafted certificate.

6.8
2013-09-12 CVE-2013-4329 XEN Permissions, Privileges, and Access Controls vulnerability in XEN

The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service via a DMA instruction.

6.5
2013-09-12 CVE-2013-3446 Cisco Improper Input Validation vulnerability in Cisco Digital Media Manager

Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849.

5.8
2013-09-12 CVE-2013-3039 IBM Improper Authentication vulnerability in IBM Rational Requirements Composer

IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has unspecified impact and remote attack vectors.

5.4
2013-09-12 CVE-2013-3038 IBM Credentials Management vulnerability in IBM Rational Requirements Composer

Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for remote attackers to discover credentials via unknown vectors.

5.4
2013-09-13 CVE-2013-5492 Cisco Cryptographic Issues vulnerability in Cisco Socialminer

administration.jsp in Cisco SocialMiner allows remote attackers to obtain sensitive information by sniffing the network for HTTP client-server traffic, aka Bug ID CSCuh76780.

5.0
2013-09-13 CVE-2013-5489 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Socialminer

The gadget implementation in Cisco SocialMiner does not properly restrict the content of GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuh74125.

5.0
2013-09-12 CVE-2013-5216 Capasystems Path Traversal vulnerability in Capasystems Performance Guard

Directory traversal vulnerability in logreader/uploadreader.jsp in CapaSystems Performance Guard before 6.2.102 allows remote attackers to read arbitrary files via unspecified vectors.

5.0
2013-09-12 CVE-2013-5488 Cisco Improper Input Validation vulnerability in Cisco products

Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969.

5.0
2013-09-11 CVE-2013-3160 Microsoft Information Exposure vulnerability in Microsoft Office, Word and Word Viewer

Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, and Word Viewer allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka "XML External Entities Resolution Vulnerability."

5.0
2013-09-11 CVE-2013-0081 Microsoft Improper Input Validation vulnerability in Microsoft products

Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of service (W3WP process hang) via a crafted URL, aka "SharePoint Denial of Service Vulnerability."

5.0
2013-09-10 CVE-2013-4283 Fedoraproject Improper Input Validation vulnerability in Fedoraproject 389 Directory Server

ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attackers to cause a denial of service (server crash) via a crafted Distinguished Name (DN) in a MOD operation request.

5.0
2013-09-10 CVE-2013-5700 Bitcoin Numeric Errors vulnerability in Bitcoin Bitcoin-Qt and Bitcoin Core

The Bloom Filter implementation in bitcoind and Bitcoin-Qt 0.8.x before 0.8.4rc1 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted sequence of messages.

5.0
2013-09-09 CVE-2013-5642 Digium Improper Input Validation vulnerability in Digium Asterisk, Asterisk Digiumphones and Certified Asterisk

The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1.8.x before 1.8.23.1, 10.x before 10.12.3, and 11.x before 11.5.1; Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.3-digiumphones allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and daemon crash) via an invalid SDP that defines a media description before the connection description in a SIP request.

5.0
2013-09-09 CVE-2013-5641 Digium Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Digium Asterisk and Certified Asterisk

The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1.8.17.x through 1.8.22.x, 1.8.23.x before 1.8.23.1, and 11.x before 11.5.1 and Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and daemon crash) via an ACK with SDP to a previously terminated channel.

5.0
2013-09-09 CVE-2013-4900 Twilightcms Path Traversal vulnerability in Twilightcms Twilight CMS 5.17

Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.

5.0
2013-09-12 CVE-2013-3036 IBM Improper Input Validation vulnerability in IBM Rational Requirements Composer

Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

4.9
2013-09-09 CVE-2013-2794 Trianglemicroworks Buffer Errors vulnerability in Trianglemicroworks products

Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line.

4.9
2013-09-12 CVE-2013-3037 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Rational Requirements Composer

Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for local users to gain privileges via unknown vectors.

4.4
2013-09-13 CVE-2013-5649 Juniper Cross-Site Scripting vulnerability in Juniper IVE OS

Multiple cross-site scripting (XSS) vulnerabilities in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.1 before 7.1r15, 7.2 before 7.2r11, 7.3 before 7.3r6, and 7.4 before 7.4r3 allow (1) remote attackers to inject arbitrary web script or HTML via vectors involving login pages, and allow (2) remote authenticated users to inject arbitrary web script or HTML via vectors involving a support page.

4.3
2013-09-13 CVE-2013-5482 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Prime LAN Management Solution

Cisco Prime LAN Management Solution (LMS) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCug77823.

4.3
2013-09-13 CVE-2013-4705 Opera Cross-Site Scripting vulnerability in Opera Browser

Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows remote attackers to inject arbitrary web script or HTML by leveraging UTF-8 encoding.

4.3
2013-09-12 CVE-2013-4308 Liquidthreads Project
Mediawiki
Cross-Site Scripting vulnerability in Liquidthreads Project Liquidthreads 2.0/2.1

Cross-site scripting (XSS) vulnerability in pages/TalkpageHistoryView.php in the LiquidThreads (LQT) extension 2.x and possibly 3.x for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allows remote attackers to inject arbitrary web script or HTML via a thread subject.

4.3
2013-09-12 CVE-2013-5738 Wordpress Improper Input Validation vulnerability in Wordpress

The get_allowed_mime_types function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfiltered_html capability for uploads of .htm and .html files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file.

4.3
2013-09-12 CVE-2013-4307 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

Multiple cross-site scripting (XSS) vulnerabilities in repo/includes/EntityView.php in the Wikibase extension for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allow (1) remote attackers to inject arbitrary web script or HTML via a label in the "In other languages" section or (2) remote administrators to inject arbitrary web script or HTML via a description.

4.3
2013-09-11 CVE-2013-3180 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted POST request, aka "POST XSS Vulnerability."

4.3
2013-09-11 CVE-2013-3179 Microsoft Cross-Site Scripting vulnerability in Microsoft products

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."

4.3
2013-09-11 CVE-2013-3159 Microsoft Improper Input Validation vulnerability in Microsoft Excel 2003/2007/2010

Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer; and Microsoft Office Compatibility Pack SP3 allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka "XML External Entities Resolution Vulnerability."

4.3
2013-09-11 CVE-2013-3137 Microsoft Information Exposure vulnerability in Microsoft Frontpage 2003

Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka "XML Disclosure Vulnerability."

4.3
2013-09-10 CVE-2013-4298 Imagemagick Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Imagemagick

The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image.

4.3
2013-09-10 CVE-2013-4703 Cybozu Cross-Site Scripting vulnerability in Cybozu Office

Cross-site scripting (XSS) vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2013-09-09 CVE-2013-5716 Gomlab Improper Input Validation vulnerability in Gomlab GOM Player

Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file.

4.3
2013-09-09 CVE-2013-5714 Videowhisper
Wordpress
Cross-Site Scripting vulnerability in Videowhisper Live Streaming Integration Plugin

Multiple cross-site scripting (XSS) vulnerabilities in ls/htmlchat.php in the VideoWhisper Live Streaming Integration plugin 4.25.3 and possibly earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) message parameter.

4.3
2013-09-09 CVE-2013-4899 Twilightcms Cross-Site Scripting vulnerability in Twilightcms Twilight CMS 5.17

Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the gallery/ page.

4.3
2013-09-09 CVE-2013-2992 IBM Improper Input Validation vulnerability in IBM Websphere Commerce 7.0.0.4/7.0.0.5/7.0.0.6

The Search component in IBM WebSphere Commerce 7.0 FP4 through FP6, in certain search-term association configurations, allows remote attackers to cause a denial of service via a crafted query.

4.3
2013-09-09 CVE-2013-4061 IBM Improper Authentication vulnerability in IBM Rational Policy Tester

IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check authorization for changes to the set of authentication hosts, which allows remote authenticated users to perform spoofing attacks involving an HTTP redirect via unspecified vectors.

4.0

4 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2013-09-12 CVE-2013-5739 Wordpress Cross-Site Scripting vulnerability in Wordpress

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.

3.5
2013-09-12 CVE-2013-4340 Wordpress Permissions, Privileges, and Access Controls vulnerability in Wordpress

wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter.

3.5
2013-09-09 CVE-2013-3031 IBM Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Soliddb

A SQL stored procedure in the Universal Cache component in IBM solidDB 6.0.x before 6.0.1070, 6.3.x before 6.3.0.56, 6.5.x before 6.5.0.12, and 7.0.x before 7.0.0.4 allows remote authenticated users to cause a denial of service (uninitialized-memory access and daemon crash) via a call that includes named arguments and default parameter values, but does not include all of the expected arguments.

3.5
2013-09-12 CVE-2013-5724 Debian Permissions, Privileges, and Access Controls vulnerability in Debian PHPbb3

Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations.

2.1