Weekly Vulnerabilities Reports > December 9 to 15, 2013
Overview
148 new vulnerabilities reported during this period, including 24 critical vulnerabilities and 18 high severity vulnerabilities. This weekly summary report vulnerabilities in 172 products from 62 vendors including Cisco, Microsoft, Ffmpeg, Canonical, and Fedoraproject. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Input Validation", and "Information Exposure".
- 133 reported vulnerabilities are remotely exploitables.
- 11 reported vulnerabilities have public exploit available.
- 34 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 133 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 20 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 8 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
24 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-12-14 | CVE-2013-7105 | Fujitsu | Buffer Errors vulnerability in Fujitsu Interstage Application Server and Interstage Studio Buffer overflow in the Interstage HTTP Server log functionality, as used in Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1, and 10.0.0; and Interstage Studio 9.0.0, 9.1.0, 9.2.0, and 10.0.0, has unspecified impact and attack vectors related to "ihsrlog/rotatelogs." | 10.0 |
2013-12-13 | CVE-2013-7095 | SAP | Unspecified vulnerability in SAP Customer Relationship Management 7.02 The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue. | 10.0 |
2013-12-12 | CVE-2013-2751 | Netgear | Code Injection vulnerability in Netgear Raidiator Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the "forgot password workflow." | 10.0 |
2013-12-12 | CVE-2013-6810 | EMC | Code Injection vulnerability in EMC Connectrix Manager 11.2.1/12.0.1/12.0.3 The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition (CMCNE), HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file. | 10.0 |
2013-12-11 | CVE-2013-6671 | Mozilla Canonical Redhat Suse Opensuse Fedoraproject | Code Injection vulnerability in multiple products The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | 10.0 |
2013-12-11 | CVE-2013-5618 | Mozilla Fedoraproject Suse Opensuse Canonical Redhat | USE After Free vulnerability in multiple products Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection. | 10.0 |
2013-12-11 | CVE-2013-5613 | Mozilla Fedoraproject Suse Opensuse Redhat Canonical | USE After Free vulnerability in multiple products Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function. | 10.0 |
2013-12-11 | CVE-2013-5610 | Mozilla Oracle Fedoraproject Canonical Opensuse Suse | Out-Of-Bounds Write vulnerability in multiple products Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
2013-12-11 | CVE-2013-5609 | Mozilla Fedoraproject Suse Opensuse Canonical Redhat | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
2013-12-11 | CVE-2013-5334 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5333. | 10.0 |
2013-12-11 | CVE-2013-5333 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5334. | 10.0 |
2013-12-10 | CVE-2013-3623 | Supermicro | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Supermicro Intelligent Platform Management Firmware 2.24/2.26 Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter. | 10.0 |
2013-12-13 | CVE-2013-4988 | Icofx | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Icofx Stack-based buffer overflow in IcoFX 2.5 and earlier allows remote attackers to execute arbitrary code via a long idCount value in an ICONDIR structure in an ICO file. | 9.3 |
2013-12-11 | CVE-2013-5332 | Adobe Apple Microsoft Linux | Code Injection vulnerability in Adobe Air, AIR SDK and Flash Player Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 9.3 |
2013-12-11 | CVE-2013-5331 | Adobe Apple Microsoft Linux | Code Injection vulnerability in Adobe Air, AIR SDK and Flash Player Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow remote attackers to execute arbitrary code via crafted .swf content that leverages an unspecified "type confusion," as exploited in the wild in December 2013. | 9.3 |
2013-12-11 | CVE-2013-5056 | Microsoft | USE After Free vulnerability in Microsoft products Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that is visited with Internet Explorer, aka "Use-After-Free Vulnerability in Microsoft Scripting Runtime Object Library." | 9.3 |
2013-12-11 | CVE-2013-5052 | Microsoft | Buffer Errors vulnerability in Microsoft Internet Explorer 7 Microsoft Internet Explorer 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 9.3 |
2013-12-11 | CVE-2013-5051 | Microsoft | Buffer Errors vulnerability in Microsoft Internet Explorer 10/11 Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 9.3 |
2013-12-11 | CVE-2013-5049 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 9.3 |
2013-12-11 | CVE-2013-5048 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-5047. | 9.3 |
2013-12-11 | CVE-2013-5047 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-5048. | 9.3 |
2013-12-14 | CVE-2013-7104 | Mcafee | OS Command Injection vulnerability in Mcafee Email Gateway 7.6 McAfee Email Gateway 7.6 allows remote authenticated administrators to execute arbitrary commands by specifying them in the value attribute in a (1) Command or (2) Script XML element. | 9.0 |
2013-12-14 | CVE-2013-7103 | Mcafee | OS Command Injection vulnerability in Mcafee Email Gateway 7.6 McAfee Email Gateway 7.6 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the value attribute in a (1) TestFile XML element or the (2) hostname. | 9.0 |
2013-12-10 | CVE-2013-3622 | Supermicro | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Supermicro Intelligent Platform Management Firmware 2.24/2.26 Buffer overflow in logout.cgi in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allows remote authenticated users to execute arbitrary code via the SID parameter. | 9.0 |
18 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-12-14 | CVE-2013-6271 | Permissions, Privileges, and Access Controls vulnerability in Google Android Android 4.0 through 4.3 allows attackers to bypass intended access restrictions and remove device locks via a crafted application that invokes the updateUnlockMethodAndFinish method in the com.android.settings.ChooseLockGeneric class with the PASSWORD_QUALITY_UNSPECIFIED option. | 8.8 | |
2013-12-10 | CVE-2013-7043 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Scientific Atlanta DPR2320R2 routers with software 2.0.2r1262-090417 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via the Password parameter to goform/RgSecurity; (2) reboot the device via the Restart parameter to goform/restart; (3) modify Wi-Fi settings, as demonstrated by the WpaPreSharedKey parameter to goform/wlanSecurity; or (4) modify parental controls via the ParentalPassword parameter to goform/RgParentalBasic. | 8.3 |
2013-12-13 | CVE-2013-7096 | SAP | SQL Injection vulnerability in SAP EMR Unwired Multiple SQL injection vulnerabilities in SAP EMR Unwired allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-12-13 | CVE-2013-7094 | SAP | SQL Injection vulnerability in SAP Netweaver 7.30 SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-12-13 | CVE-2013-6839 | Instantsoft | SQL Injection vulnerability in Instantsoft Instantcms 1.10.3 SQL injection vulnerability in InstantSoft InstantCMS 1.10.3 and earlier allows remote attackers to execute arbitrary SQL commands via the orderby parameter to catalog/[id]. | 7.5 |
2013-12-12 | CVE-2013-6421 | Projectsprouts | Code Injection vulnerability in Projectsprouts Sprout 0.7.246 The unpack_zip function in archive_unpacker.rb in the sprout gem 0.7.246 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a (1) filename or (2) path. | 7.5 |
2013-12-12 | CVE-2013-6054 | Uclouvain | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Uclouvain Openjpeg Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and remote vectors, a different vulnerability than CVE-2013-6045. | 7.5 |
2013-12-12 | CVE-2013-6045 | Uclouvain | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Uclouvain Openjpeg Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
2013-12-11 | CVE-2013-5619 | Opensuse Suse Mozilla Canonical Fedoraproject Oracle | Integer Overflow OR Wraparound vulnerability in multiple products Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. | 7.5 |
2013-12-11 | CVE-2013-5616 | Mozilla Fedoraproject Suse Opensuse Redhat Canonical | USE After Free vulnerability in multiple products Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners. | 7.5 |
2013-12-11 | CVE-2013-5615 | Mozilla Canonical Suse Opensuse Fedoraproject | The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors. | 7.5 |
2013-12-09 | CVE-2013-6985 | Enorth | SQL Injection vulnerability in Enorth Webpublisher CMS 5.0 SQL injection vulnerability in m_worklog/log_searchday.jsp in Enorth Webpublisher CMS, possibly 5.0 and earlier, allows remote attackers to execute arbitrary SQL commands via the thisday parameter. | 7.5 |
2013-12-09 | CVE-2013-5354 | Sharetronix | SQL Injection vulnerability in Sharetronix 3.1.1 Multiple SQL injection vulnerabilities in Sharetronix 3.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) fb_user_id or (2) tw_user_id parameter to signup. | 7.5 |
2013-12-09 | CVE-2013-1349 | Os4Ed | Code Injection vulnerability in Os4Ed Opensis Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter. | 7.5 |
2013-12-09 | CVE-2011-4351 | Ffmpeg | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
2013-12-11 | CVE-2013-3902 | Microsoft | Resource Management Errors vulnerability in Microsoft Windows 7 and Windows Server 2008 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1 and Windows 7 SP1 on 64-bit platforms allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability." Per: http://technet.microsoft.com/en-us/security/bulletin/ms13-101 "Affected Software Windows 7 for 32-bit Systems Service Pack 1 (2893984)" | 7.2 |
2013-12-11 | CVE-2013-3899 | Microsoft | Improper Input Validation vulnerability in Microsoft Windows Server 2003 and Windows XP win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate addresses, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability." | 7.2 |
2013-12-13 | CVE-2013-6958 | Juniper | Denial of Service vulnerability in Juniper Netscreen-5200, Netscreen-5400 and Screenos Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet. | 7.1 |
95 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-12-11 | CVE-2013-5058 | Microsoft | Integer Overflow OR Wraparound vulnerability in Microsoft products Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges via a crafted application, aka "Win32k Integer Overflow Vulnerability." Per: http://technet.microsoft.com/en-us/security/bulletin/ms13-101 "Win32k Integer Overflow Vulnerability - CVE-2013-5058 A denial of service vulnerability exists in the way that the Win32k.sys kernel-mode driver handles objects in memory. | 6.9 |
2013-12-11 | CVE-2013-3878 | Microsoft | Buffer Errors vulnerability in Microsoft Windows Server 2003 and Windows XP Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges by operating an LRPC server that sends a crafted LPC port message, aka "LRPC Client Buffer Overrun Vulnerability." | 6.9 |
2013-12-10 | CVE-2013-6840 | Siemens | Permissions, Privileges, and Access Controls vulnerability in Siemens Comos Siemens COMOS before 9.2.0.8.1, 10.0 before 10.0.3.1.40, and 10.1 before 10.1.0.0.2 allows local users to gain database privileges via unspecified vectors. | 6.9 |
2013-12-14 | CVE-2013-6710 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Training Center Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Training Center allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCul25567. | 6.8 |
2013-12-14 | CVE-2013-4000 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Cognos Command Center 10.0/10.1 Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Cognos Command Center before 10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) start or (2) stop services. | 6.8 |
2013-12-14 | CVE-2013-7069 | Beyondgrep | Code Injection vulnerability in Beyondgrep ACK ack 2.00 through 2.11_02 allows remote attackers to execute arbitrary code via a (1) --pager, (2) --regex, or (3) --output option in a .ackrc file in a directory to be searched. | 6.8 |
2013-12-13 | CVE-2013-6400 | XEN | Permissions, Privileges, and Access Controls vulnerability in XEN Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of service (host crash) or gain privileges via unspecified vectors. | 6.8 |
2013-12-13 | CVE-2012-5394 | Mediawiki | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki Cross-site request forgery (CSRF) vulnerability in the CentralAuth extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to hijack the authentication of users for requests that login via vectors involving image loading. | 6.8 |
2013-12-12 | CVE-2013-2752 | Netgear | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Raidiator Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users. | 6.8 |
2013-12-11 | CVE-2013-5059 | Microsoft | Code Injection vulnerability in Microsoft Office web Apps and Sharepoint Server Microsoft SharePoint Server 2010 SP1 and SP2 and 2013, and Office Web Apps 2013, allows remote attackers to execute arbitrary code via crafted page content, aka "SharePoint Page Content Vulnerabilities." | 6.8 |
2013-12-10 | CVE-2013-5447 | IBM | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Forms Viewer Stack-based buffer overflow in IBM Forms Viewer 4.x before 4.0.0.3 and 8.x before 8.0.1.1 allows remote attackers to execute arbitrary code via an XFDL form with a long fontname value. | 6.8 |
2013-12-09 | CVE-2013-6427 | HP | Code Injection vulnerability in HP Linux Imaging and Printing Project upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing (HPLIP) 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream. | 6.8 |
2013-12-09 | CVE-2013-6180 | EMC | Permissions, Privileges, and Access Controls vulnerability in EMC RSA Netwitness Nextgen and RSA Security Analytics EMC RSA Security Analytics (SA) 10.x before 10.3, and RSA NetWitness NextGen 9.8, does not ensure that SA Core requests originate from the SA REST UI, which allows remote attackers to bypass intended access restrictions by sending a Core request from a web browser or other unintended user agent. | 6.8 |
2013-12-09 | CVE-2013-5355 | Sharetronix | Cross-Site Request Forgery (CSRF) vulnerability in Sharetronix 3.1.1 Multiple cross-site request forgery (CSRF) vulnerabilities in Sharetronix 3.1.1 allow remote attackers to hijack the authentication of administrators for requests that (1) change configuration settings or (2) create new administrative users via unspecified vectors. | 6.8 |
2013-12-09 | CVE-2013-7024 | Ffmpeg | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not consider the component number in certain calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | 6.8 |
2013-12-09 | CVE-2013-7023 | Ffmpeg | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The ff_combine_frame function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data. | 6.8 |
2013-12-09 | CVE-2013-7022 | Ffmpeg | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 does not properly allocate memory for tiles, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data. | 6.8 |
2013-12-09 | CVE-2013-7021 | Ffmpeg | Resource Management Errors vulnerability in Ffmpeg The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 does not properly ensure the availability of FIFO content, which allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact via crafted data. | 6.8 |
2013-12-09 | CVE-2013-7020 | Ffmpeg Debian | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data. | 6.8 |
2013-12-09 | CVE-2013-7019 | Ffmpeg | Improper Input Validation vulnerability in Ffmpeg The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | 6.8 |
2013-12-09 | CVE-2013-7018 | Ffmpeg | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | 6.8 |
2013-12-09 | CVE-2013-7017 | Ffmpeg | Unspecified vulnerability in Ffmpeg libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via crafted JPEG2000 data. | 6.8 |
2013-12-09 | CVE-2013-7016 | Ffmpeg | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | 6.8 |
2013-12-09 | CVE-2013-7015 | Ffmpeg | Improper Input Validation vulnerability in Ffmpeg The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Flash Screen Video data. | 6.8 |
2013-12-09 | CVE-2013-7013 | Ffmpeg | Numeric Errors vulnerability in Ffmpeg The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 uses an incorrect ordering of arithmetic operations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data. | 6.8 |
2013-12-09 | CVE-2013-7012 | Ffmpeg | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not prevent attempts to use non-zero image offsets, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | 6.8 |
2013-12-09 | CVE-2013-7011 | Ffmpeg | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data. | 6.8 |
2013-12-09 | CVE-2013-7009 | Ffmpeg | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data. | 6.8 |
2013-12-09 | CVE-2013-7008 | Ffmpeg | Unspecified vulnerability in Ffmpeg The decode_slice_header function in libavcodec/h264.c in FFmpeg before 2.1 incorrectly relies on a certain droppable field, which allows remote attackers to cause a denial of service (deadlock) or possibly have unspecified other impact via crafted H.264 data. | 6.8 |
2013-12-09 | CVE-2013-1953 | Autotrace Project | Numeric Errors vulnerability in Autotrace Project Autotrace 0.31.1 Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which triggers a buffer overflow. | 6.8 |
2013-12-13 | CVE-2013-7092 | Mcafee | SQL Injection vulnerability in Mcafee Email Gateway 7.6 Multiple SQL injection vulnerabilities in /admin/cgi-bin/rpc/doReport/18 in McAfee Email Gateway 7.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) events_col, (2) event_id, (3) reason, (4) events_order, (5) emailstatus_order, or (6) emailstatus_col JSON keys. | 6.5 |
2013-12-13 | CVE-2013-7038 | GNU | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GNU Libmicrohttpd The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read. | 6.4 |
2013-12-11 | CVE-2013-5046 | Microsoft | Improper Input Validation vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 7 through 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability." | 6.2 |
2013-12-11 | CVE-2013-5045 | Microsoft | Improper Input Validation vulnerability in Microsoft Internet Explorer 10/11 Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability." | 6.2 |
2013-12-14 | CVE-2013-6971 | Cisco | Improper Input Validation vulnerability in Cisco Webex Training Center Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul57140. | 5.8 |
2013-12-14 | CVE-2013-6967 | Cisco | Improper Input Validation vulnerability in Cisco Webex Sales Center Open redirect vulnerability in the mobile-browser subsystem in Cisco WebEx Sales Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul36020. | 5.8 |
2013-12-14 | CVE-2013-6959 | Cisco | Improper Input Validation vulnerability in Cisco Webex Sales Center Open redirect vulnerability in Cisco WebEx Sales Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul25557. | 5.8 |
2013-12-14 | CVE-2013-7085 | Devscripts Devel Team | Improper Input Validation vulnerability in Devscripts Devel Team Devscripts 2.13.5 Uscan in devscripts 2.13.5, when USCAN_EXCLUSION is enabled, allows remote attackers to delete arbitrary files via a whitespace character in a filename. | 5.8 |
2013-12-14 | CVE-2013-6391 | Openstack Canonical Redhat | Improper Privilege Management vulnerability in multiple products The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2tokens API request. | 5.8 |
2013-12-11 | CVE-2013-5611 | Oracle Fedoraproject Canonical Suse Opensuse Opensuse Project Mozilla | Security Bypass vulnerability in Mozilla Firefox Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation. | 5.8 |
2013-12-09 | CVE-2013-6171 | Dovecot | Improper Authentication vulnerability in Dovecot checkpassword-reply in Dovecot before 2.2.7 performs setuid operations to a user who is authenticating, which allows local users to bypass authentication and access virtual email accounts by attaching to the process and using a restricted file descriptor to modify account information in the response to the dovecot-auth server. | 5.8 |
2013-12-13 | CVE-2013-7039 | GNU | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GNU Libmicrohttpd Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large value, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long URI in an authentication header. | 5.1 |
2013-12-14 | CVE-2013-6972 | Cisco | Information Exposure vulnerability in Cisco Webex Training Center Cisco WebEx Training Center allows remote attackers to discover session numbers, and bypass host approval for audio-conference attendance, by reading HTML source code, aka Bug ID CSCul57126. | 5.0 |
2013-12-14 | CVE-2013-6970 | Cisco | Information Exposure vulnerability in Cisco Webex Meeting Center Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information by reading verbose error messages within server responses, aka Bug ID CSCul35928. | 5.0 |
2013-12-14 | CVE-2013-6968 | Cisco | Information Exposure vulnerability in Cisco Webex Training Center Cisco WebEx Training Center provides different error messages for registration attempts depending on whether the e-mail address exists, which allows remote attackers to enumerate attendees via a series of requests, aka Bug ID CSCul36003. | 5.0 |
2013-12-14 | CVE-2013-6965 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Webex Training Center The registration component in Cisco WebEx Training Center provides the training-session URL before e-mail confirmation is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul36183. | 5.0 |
2013-12-14 | CVE-2013-6709 | Cisco | Information Exposure vulnerability in Cisco Webex Training Center The registration component in Cisco WebEx Training Center provides the training-session URL before payment is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul57111. | 5.0 |
2013-12-14 | CVE-2013-6411 | Openttd | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openttd The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map. | 5.0 |
2013-12-14 | CVE-2013-5107 | Rockmongo | Path Traversal vulnerability in Rockmongo Directory traversal vulnerability in RockMongo 1.1.5 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2013-12-14 | CVE-2013-1364 | Zabbix | Improper Authentication vulnerability in Zabbix The user.login function in Zabbix before 1.8.16 and 2.x before 2.0.5rc1 allows remote attackers to override LDAP configuration via the cnf parameter. | 5.0 |
2013-12-13 | CVE-2013-7093 | SAP | Improper Authentication vulnerability in SAP Network Interface Router 39.3 SAP Network Interface Router (SAProuter) 39.3 SP4 allows remote attackers to bypass authentication and modify the configuration via unspecified vectors. | 5.0 |
2013-12-13 | CVE-2013-6809 | Philippe Jounin | USE of Externally-Controlled Format String vulnerability in Philippe Jounin Tftpd32 Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field. | 5.0 |
2013-12-13 | CVE-2013-6048 | Munin Monitoring | Improper Input Validation vulnerability in Munin-Monitoring Munin The get_group_tree function in lib/Munin/Master/HTMLConfig.pm in Munin before 2.0.18 allows remote nodes to cause a denial of service (infinite loop and memory consumption in the munin-html process) via crafted multigraph data. | 5.0 |
2013-12-13 | CVE-2013-7091 | Zimbra | Path Traversal vulnerability in Synacor Zimbra Collaboration Suite Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. | 5.0 |
2013-12-12 | CVE-2013-6052 | Uclouvain | Information Exposure vulnerability in Uclouvain Openjpeg OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read. | 5.0 |
2013-12-12 | CVE-2013-1447 | Uclouvain | Unspecified vulnerability in Uclouvain Openjpeg OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other errors. | 5.0 |
2013-12-12 | CVE-2011-4971 | Memcached | Numeric Errors vulnerability in Memcached Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large body length value in a packet. | 5.0 |
2013-12-10 | CVE-2013-6708 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Cloud Portal 9.4 Cisco Cloud Portal 9.4 allows remote attackers to read files of unspecified types via a direct request, aka Bug IDs CSCuj08426 and CSCui60889. | 5.0 |
2013-12-11 | CVE-2013-3903 | Microsoft | Improper Input Validation vulnerability in Microsoft products Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to cause a denial of service (reboot) via a crafted TrueType font (TTF) file, aka "TrueType Font Parsing Vulnerability." | 4.7 |
2013-12-10 | CVE-2013-7042 | Novell | Permissions, Privileges, and Access Controls vulnerability in Novell Suse Lifecycle Management Server SUSE Lifecycle Management Server (SLMS) before 1.3.7 uses world-readable permissions for the secret keys, which allows local users to gain privileges via unspecified vectors. | 4.6 |
2013-12-14 | CVE-2013-6973 | Cisco | Information Exposure vulnerability in Cisco Webex Training Center Cisco WebEx Training Center allows remote attackers to discover registration IDs via a crafted URL, aka Bug ID CSCul57121. | 4.3 |
2013-12-14 | CVE-2013-6969 | Cisco | Improper Input Validation vulnerability in Cisco Webex Training Center The training-registration page in Cisco WebEx Training Center allows remote attackers to modify unspecified fields via unknown vectors, aka Bug ID CSCul35990. | 4.3 |
2013-12-14 | CVE-2013-6963 | Cisco | Cross-Site Scripting vulnerability in Cisco Webex Training Center Cross-site scripting (XSS) vulnerability in the registration component in Cisco WebEx Training Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36207. | 4.3 |
2013-12-14 | CVE-2013-6962 | Cisco | Cross-Site Scripting vulnerability in Cisco Webex Meeting Center Cross-site scripting (XSS) vulnerability in the mobile-browser subsystem in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36228. | 4.3 |
2013-12-14 | CVE-2013-6961 | Cisco | Cross-Site Scripting vulnerability in Cisco Webex Meeting Center Cross-site scripting (XSS) vulnerability in the Collaboration Partner Access Console (CPAC) in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36237. | 4.3 |
2013-12-14 | CVE-2013-6960 | Cisco | Cross-Site Scripting vulnerability in Cisco Webex Meeting Center Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meeting Center allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36248. | 4.3 |
2013-12-14 | CVE-2013-6711 | Cisco | Cross-Site Scripting vulnerability in Cisco Webex Sales Center Cross-site scripting (XSS) vulnerability in the product-creation administrative page in Cisco WebEx Sales Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul25540. | 4.3 |
2013-12-14 | CVE-2013-5438 | IBM | Cross-Site Scripting vulnerability in IBM Flex System Manager 1.1.0/1.3.0 Cross-site scripting (XSS) vulnerability in the web server in IBM Flex System Manager (FSM) 1.1.0 through 1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-12-14 | CVE-2013-4845 | HP | Cross-Site Scripting vulnerability in HP Officejet PRO 8500 and Officejet PRO 8500 Firmware Cross-site scripting (XSS) vulnerability on HP Officejet Pro 8500 (aka A909) All-in-One printers allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-12-14 | CVE-2013-4001 | IBM | Improper Authentication vulnerability in IBM Cognos Command Center 10.0/10.1 Session fixation vulnerability in IBM Cognos Command Center before 10.2 allows remote attackers to hijack web sessions via an authorization cookie. | 4.3 |
2013-12-14 | CVE-2013-4520 | Xmlsoft | Unspecified vulnerability in Xmlsoft Libxslt xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. | 4.3 |
2013-12-13 | CVE-2013-6359 | Munin Monitoring | Improper Input Validation vulnerability in Munin-Monitoring Munin Munin::Master::Node in Munin before 2.0.18 allows remote attackers to cause a denial of service (abort data collection for node) via a plugin that uses "multigraph" as a multigraph service name. | 4.3 |
2013-12-13 | CVE-2012-6151 | Apple Canonical NET Snmp | Resource Management Errors vulnerability in multiple products Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout. | 4.3 |
2013-12-13 | CVE-2013-6957 | Juniper | Cross-Site Scripting vulnerability in Juniper products Cross-site scripting (XSS) vulnerability in the web administrative component in Juniper IDP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the ACM web server. | 4.3 |
2013-12-13 | CVE-2013-6005 | Cybozu | Cross-Site Scripting vulnerability in Cybozu Dezie Cross-site scripting (XSS) vulnerability in Cybozu Dezie before 8.1.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Cancel button. | 4.3 |
2013-12-13 | CVE-2013-4569 | Mediawiki | Information Exposure vulnerability in Mediawiki The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3, when "Group changes by page in recent changes and watchlist" is enabled, allows remote attackers to obtain sensitive information (revision-deleted IPs) via the Recent Changes page. | 4.3 |
2013-12-13 | CVE-2013-4568 | Mediawiki | HTML Injection vulnerability in Mediawiki CSS Tags Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via certain non-ASCII characters in CSS, as demonstrated using variations of "expression" containing (1) full width characters or (2) IPA extensions, which are converted and rendered by Internet Explorer. | 4.3 |
2013-12-13 | CVE-2013-4567 | Mediawiki | HTML Injection vulnerability in Mediawiki CSS Tags Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via a \b (backspace) character in CSS. | 4.3 |
2013-12-12 | CVE-2013-1812 | Fedoraproject Janrain | Resource Management Errors vulnerability in multiple products The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack. | 4.3 |
2013-12-11 | CVE-2013-6673 | Fedoraproject Mozilla Suse Opensuse Canonical | Cryptographic Issues vulnerability in multiple products Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user. | 4.3 |
2013-12-11 | CVE-2013-6672 | Opensuse Suse Mozilla Linux Canonical Oracle Fedoraproject | Information Exposure vulnerability in multiple products Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations. | 4.3 |
2013-12-11 | CVE-2013-5614 | Mozilla Fedoraproject Oracle Canonical Redhat Opensuse Suse | Improper Restriction of Rendered UI Layers OR Frames vulnerability in multiple products Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site. | 4.3 |
2013-12-11 | CVE-2013-5612 | Mozilla Fedoraproject Oracle Canonical Redhat Opensuse Suse | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header. | 4.3 |
2013-12-11 | CVE-2013-5072 | Microsoft | Cross-Site Scripting vulnerability in Microsoft Exchange Server 2010/2013 Cross-site scripting (XSS) vulnerability in Outlook Web Access in Microsoft Exchange Server 2010 SP2 and SP3 and 2013 Cumulative Update 2 and 3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability." | 4.3 |
2013-12-11 | CVE-2013-5057 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft Office 2007/2010 hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted COM component on a web site that is visited with Internet Explorer, as exploited in the wild in December 2013, aka "HXDS ASLR Vulnerability." | 4.3 |
2013-12-11 | CVE-2013-5054 | Microsoft | Information Exposure vulnerability in Microsoft Office and Office 2013 RT Microsoft Office 2013 and 2013 RT allows remote attackers to discover authentication tokens via a crafted response to a file-open request for an Office file on a web site, as exploited in the wild in 2013, aka "Token Hijacking Vulnerability." | 4.3 |
2013-12-11 | CVE-2013-5042 | Microsoft | Cross-Site Scripting vulnerability in Microsoft products Cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR 1.1.x before 1.1.4 and 2.0.x before 2.0.1, and Visual Studio Team Foundation Server 2013, allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport protocol data, aka "SignalR XSS Vulnerability." | 4.3 |
2013-12-10 | CVE-2012-3047 | Cisco | Cross-Site Scripting vulnerability in Cisco products Cross-site scripting (XSS) vulnerability in the web-wizard setup page on Cisco Scientific Atlanta D20 and D30 cable modems allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-12-10 | CVE-2013-3710 | Novell | Cryptographic Issues vulnerability in Novell Suse Lifecycle Management Server SUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere. | 4.3 |
2013-12-10 | CVE-2013-6224 | Livezilla | Cross-Site Scripting vulnerability in Livezilla Multiple cross-site scripting (XSS) vulnerabilities in LiveZilla before 5.1.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) a name in the call administrator feature, (2) unspecified vectors to the admins visitor information panel, or (3) a text message in a chat session, which is saved in the archive section. | 4.3 |
2013-12-14 | CVE-2013-6428 | Openstack | Permissions, Privileges, and Access Controls vulnerability in Openstack Heat 2013.2/5.0.0 The ReST API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 allows remote authenticated users to bypass the tenant scoping restrictions via a modified tenant_id in the request path. | 4.0 |
2013-12-14 | CVE-2013-6426 | Openstack | Permissions, Privileges, and Access Controls vulnerability in Openstack Heat 2013.2/5.0.0 The cloudformation-compatible API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 does not properly enforce policy rules, which allows local in-instance users to bypass intended access restrictions and (1) create a stack via the CreateStack method or (2) update a stack via the UpdateStack method. | 4.0 |
2013-12-13 | CVE-2013-5676 | Sonarsource | Cryptographic Issues vulnerability in Sonarsource Jenkins Plugin The Jenkins Plugin for SonarQube 3.7 and earlier allows remote authenticated users to obtain sensitive information (cleartext passwords) by reading the value in the sonar.sonarPassword parameter from jenkins/configure. | 4.0 |
2013-12-12 | CVE-2013-4566 | MOD NSS Project Redhat | Permissions, Privileges, and Access Controls vulnerability in multiple products mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions. | 4.0 |
2013-12-09 | CVE-2013-6404 | Quassel IRC | Permissions, Privileges, and Access Controls vulnerability in Quassel-Irc Quassel IRC Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id.sql, and (3) 16/select_buffer_by_id.sql in core/SQL/PostgreSQL/. | 4.0 |
11 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-12-14 | CVE-2013-6964 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Webex Meeting Center Cisco WebEx Meeting Center allows remote authenticated users to bypass access control and inject content from a different WebEx site via unspecified vectors, aka Bug ID CSCul36197. | 3.5 |
2013-12-10 | CVE-2013-5404 | IBM | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element. | 3.5 |
2013-12-10 | CVE-2013-6237 | Islonline | Information Exposure vulnerability in Islonline ISL Desktop Plugin and ISL Light The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session. | 3.5 |
2013-12-09 | CVE-2013-7025 | Sonicwall | Cross-Site Scripting vulnerability in Sonicwall products Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp. | 3.5 |
2013-12-14 | CVE-2013-3043 | IBM | Path Traversal vulnerability in IBM products Directory traversal vulnerability in the client in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x and 4.x before 4.0.5 allows local users to read arbitrary files via vectors involving temporary files. | 2.1 |
2013-12-14 | CVE-2013-3042 | IBM | Path Traversal vulnerability in IBM products Directory traversal vulnerability in the server in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x and 4.x before 4.0.5 allows local users to read arbitrary files via vectors involving temporary files. | 2.1 |
2013-12-13 | CVE-2013-6956 | Juniper | Cross-Site Scripting vulnerability in Juniper IVE OS Cross-site scripting (XSS) vulnerability in the Secure Access Service Web rewriting feature in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r17, 7.3 before 7.3r8, 7.4 before 7.4r6, and 8.0 before 8.0r1, when web rewrite is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 2.1 |
2013-12-13 | CVE-2013-6394 | Percona Opensuse | Cryptographic Issues vulnerability in multiple products Percona XtraBackup before 2.1.6 uses a constant string for the initialization vector (IV), which makes it easier for local users to defeat cryptographic protection mechanisms and conduct plaintext attacks. | 2.1 |
2013-12-12 | CVE-2013-6986 | Zippyyum | Cryptographic Issues vulnerability in Zippyyum Subway Ordering for California 3.4 The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by password elements. | 2.1 |
2013-12-09 | CVE-2013-3929 | Cmsmadesimple | Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 1.11.9 Cross-site scripting (XSS) vulnerability in admin/editevent.php in CMS Made Simple (CMSMS) 1.11.9 allows remote authenticated users with the "Modify Events" permission to inject arbitrary web script or HTML via the handler parameter. | 2.1 |
2013-12-12 | CVE-2013-5763 | Oracle | Stack Buffer Overflow vulnerability in Oracle Fusion Middleware 8.4 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Maintenance. | 1.5 |