Weekly Vulnerabilities Reports > January 6 to 12, 2014
Overview
80 new vulnerabilities reported during this period, including 13 critical vulnerabilities and 13 high severity vulnerabilities. This weekly summary report vulnerabilities in 87 products from 48 vendors including Cisco, Atmail, Google, XEN, and Conceptronic. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Path Traversal", and "Permissions, Privileges, and Access Controls".
- 67 reported vulnerabilities are remotely exploitables.
- 8 reported vulnerabilities have public exploit available.
- 33 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 71 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 13 reported vulnerabilities.
- Atmail has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
13 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2014-01-12 | CVE-2014-0659 | Cisco | OS Command Injection vulnerability in Cisco products The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685. | 10.0 |
| 2014-01-12 | CVE-2013-5034 | Atmail | Security vulnerability in Atmail Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vulnerability than CVE-2013-5031, CVE-2013-5032, and CVE-2013-5033. | 10.0 |
| 2014-01-12 | CVE-2013-5033 | Atmail | Security vulnerability in Atmail Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vulnerability than CVE-2013-5031, CVE-2013-5032, and CVE-2013-5034. | 10.0 |
| 2014-01-12 | CVE-2013-5032 | Atmail | Security vulnerability in Atmail Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vulnerability than CVE-2013-5031, CVE-2013-5033, and CVE-2013-5034. | 10.0 |
| 2014-01-12 | CVE-2013-5031 | Atmail | Security vulnerability in Atmail Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vulnerability than CVE-2013-5032, CVE-2013-5033, and CVE-2013-5034. | 10.0 |
| 2014-01-10 | CVE-2014-1236 | Graphviz | Buffer Errors vulnerability in Graphviz 2.34.0 Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a "badly formed number" and a "long digit list." | 10.0 |
| 2014-01-10 | CVE-2013-7282 | Nisuta | Improper Authentication vulnerability in Nisuta products The management web interface on the Nisuta NS-WIR150NE router with firmware 5.07.41 and Nisuta NS-WIR300N router with firmware 5.07.36_NIS01 allows remote attackers to bypass authentication via a "Cookie: :language=en" HTTP header. | 10.0 |
| 2014-01-09 | CVE-2013-6955 | Synology | Permissions, Privileges, and Access Controls vulnerability in Synology Diskstation Manager webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPLOAD X-TMP-FILE HTTP header. | 10.0 |
| 2014-01-07 | CVE-2013-6884 | CRU INC | Credentials Management vulnerability in Cru-Inc products The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges. | 10.0 |
| 2014-01-07 | CVE-2013-6881 | CRU INC | OS Command Injection vulnerability in Cru-Inc products CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the forensic imaging task. | 10.0 |
| 2014-01-10 | CVE-2014-0978 | Graphviz | Buffer Errors vulnerability in Graphviz 2.34.0 Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file. | 9.3 |
| 2014-01-09 | CVE-2013-6462 | X | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in X Libxfont Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file. | 9.3 |
| 2014-01-09 | CVE-2013-7283 | Libreswan | Race Condition vulnerability in Libreswan 3.6 Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd temporary file. | 9.3 |
13 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2014-01-11 | CVE-2014-0618 | Juniper | Denial of Service vulnerability in Juniper Junos Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R before 12.1R7, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on SRX Series service gateways, when used as a UAC enforcer and captive portal is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted HTTP message. | 7.8 |
| 2014-01-10 | CVE-2014-1408 | Conceptronic | Credentials Management vulnerability in Conceptronic C54Apm and C54Apm Firmware The Conceptronic C54APM access point with runtime code 1.26 has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via an HTTP request, as demonstrated by stored XSS attacks. | 7.8 |
| 2014-01-09 | CVE-2013-7174 | Qnap | Path Traversal vulnerability in Qnap QTS 4.0/4.0.3 Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS before 4.1.0 allows remote attackers to read arbitrary files via a full pathname in the f parameter. | 7.8 |
| 2014-01-07 | CVE-2011-1763 | XEN | Unspecified vulnerability in XEN The get_free_port function in Xen allows local authenticated DomU users to cause a denial of service or possibly gain privileges via unspecified vectors involving a new event channel port. | 7.7 |
| 2014-01-10 | CVE-2013-6321 | IBM | SQL Injection vulnerability in IBM products SQL injection vulnerability in IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite (aka Atlas Policy Suite) allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2014-01-09 | CVE-2013-7139 | Cynthia Fridsma | SQL Injection vulnerability in Cynthia Fridsma Horizon Quick Content Management System SQL injection vulnerability in download.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote to execute arbitrary SQL commands via the category parameter. | 7.5 |
| 2014-01-09 | CVE-2013-5359 | Buffer Errors vulnerability in Google Picasa 3.9.0 Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file with a certain size. | 7.5 | |
| 2014-01-09 | CVE-2013-5358 | Buffer Errors vulnerability in Google Picasa 3.9.0 Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags. | 7.5 | |
| 2014-01-09 | CVE-2013-5357 | Buffer Errors vulnerability in Google Picasa 3.9.0 Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag. | 7.5 | |
| 2014-01-09 | CVE-2013-5349 | Buffer Errors vulnerability in Google Picasa 3.9.0 Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size. | 7.5 | |
| 2014-01-08 | CVE-2013-7278 | Naxtech | SQL Injection vulnerability in Naxtech CMS Afroditi 1.0 SQL injection vulnerability in Naxtech CMS Afroditi 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to default.asp. | 7.5 |
| 2014-01-10 | CVE-2013-5009 | Symantec | Improper Authentication vulnerability in Symantec Endpoint Protection The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges by leveraging access to a limited-admin account. | 7.4 |
| 2014-01-10 | CVE-2013-5011 | Symantec | Path Traversal vulnerability in Symantec Endpoint Protection Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory. | 7.2 |
47 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2014-01-12 | CVE-2013-6028 | Atmail | Cross-Site Request Forgery (CSRF) vulnerability in Atmail Multiple cross-site request forgery (CSRF) vulnerabilities in Atmail Webmail Server before 7.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts, (2) modify user accounts, (3) delete user accounts, or (4) stop the product's service. | 6.8 |
| 2014-01-10 | CVE-2014-0664 | Cisco | Resource Management Errors vulnerability in Cisco Unity Connection The server in Cisco Unity Connection allows remote authenticated users to cause a denial of service (CPU consumption) via unspecified IMAP commands, aka Bug ID CSCul49976. | 6.8 |
| 2014-01-08 | CVE-2014-0621 | Technicolor | Cross-Site Request Forgery (CSRF) vulnerability in Technicolor Tc7200 and Tc7200 Firmware Multiple cross-site request forgery (CSRF) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to hijack the authentication of administrators for requests that (1) perform a factory reset via a request to goform/system/factory, (2) disable advanced options via a request to goform/advanced/options, (3) remove ip-filters via the IpFilterAddressDelete1 parameter to goform/advanced/ip-filters, or (4) remove firewall settings via the cbFirewall parameter to goform/advanced/firewall. | 6.8 |
| 2014-01-10 | CVE-2010-5291 | Amberdms | Permissions, Privileges, and Access Controls vulnerability in Amberdms Billing System Amberdms Billing System (ABS) before 1.4.1 does not properly implement blacklisting after detection of invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. | 6.4 |
| 2014-01-10 | CVE-2013-6334 | IBM | Improper Input Validation vulnerability in IBM products IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite (aka Atlas Policy Suite) do not properly validate sessions, which allows remote attackers to bypass intended access restrictions, and visit PolicyAtlas/ResponseDraftServlet (aka the Compliance Questionnaire Save Draft servlet), via unspecified vectors. | 6.4 |
| 2014-01-07 | CVE-2011-1780 | XEN | Improper Input Validation vulnerability in XEN 3.0.3 The instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service (host crash) by replacing the instruction that causes the VM to exit in one thread with a different instruction in a different thread. | 6.1 |
| 2014-01-12 | CVE-2014-0805 | Skyarts | Path Traversal vulnerability in Skyarts Neofiler 2.4.2/5.4.3 Directory traversal vulnerability in the NeoFiler application 5.4.3 and earlier, NeoFiler Free application 5.4.3 and earlier, and NeoFiler Lite application 2.4.2 and earlier for Android allows attackers to overwrite or create arbitrary files via unspecified vectors. | 5.8 |
| 2014-01-12 | CVE-2014-0804 | Cgene | Path Traversal vulnerability in Cgene Security File Manager 1.0.6 Directory traversal vulnerability in the CGENE Security File Manager Pro application 1.0.6 and earlier, and Security File Manager Trial application 1.0.6 and earlier, for Android allows attackers to overwrite or create arbitrary files via unspecified vectors. | 5.8 |
| 2014-01-12 | CVE-2014-0803 | Yuichiro Okuyama | Path Traversal vulnerability in Yuichiro Okuyama Tetra Filer and Tetra Filer Free Directory traversal vulnerability in the tetra filer application 2.3.1 and earlier for Android 4.0.3, tetra filer free application 2.3.1 and earlier for Android 4.0.3, tetra filer application 1.5.1 and earlier for Android before 4.0.3, and tetra filer free application 1.5.1 and earlier for Android before 4.0.3 allows attackers to overwrite or create arbitrary files via unspecified vectors. | 5.8 |
| 2014-01-12 | CVE-2014-0802 | Aokitaka | Path Traversal vulnerability in Aokitaka ZIP With Pass and ZIP With Pass PRO Directory traversal vulnerability in the aokitaka ZIP with Pass application 4.5.7 and earlier, and ZIP with Pass Pro application 6.3.8 and earlier, for Android allows attackers to overwrite or create arbitrary files via unspecified vectors. | 5.8 |
| 2014-01-10 | CVE-2014-1405 | Conceptronic | Improper Input Validation vulnerability in Conceptronic C54Apm and C54Apm Firmware Multiple open redirect vulnerabilities on the Conceptronic C54APM access point with runtime code 1.26 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the submit-url parameter in a Refresh action to goform/formWlSiteSurvey or (2) the wlan-url parameter to goform/formWlanSetup. | 5.8 |
| 2014-01-07 | CVE-2011-1166 | XEN | Improper Input Validation vulnerability in XEN Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables. | 5.5 |
| 2014-01-10 | CVE-2014-0658 | Cisco | Improper Input Validation vulnerability in Cisco products Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID CSCul24898. | 5.4 |
| 2014-01-12 | CVE-2013-6954 | Libpng | Denial of Service vulnerability in libpng 'png_read_transform_info()' Function NULL Pointer Dereference The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c. | 5.0 |
| 2014-01-09 | CVE-2013-7138 | Horizon Quick Content Management System Project | Path Traversal vulnerability in Horizon Quick Content Management System Project Horizon Quick Content Management System Directory traversal vulnerability in lib/functions/d-load.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2014-01-09 | CVE-2014-0752 | Ecava | Permissions, Privileges, and Access Controls vulnerability in Ecava Integraxor The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL. | 5.0 |
| 2014-01-08 | CVE-2013-7097 | 7Mediaws | Path Traversal vulnerability in 7Mediaws Edutrac Directory traversal vulnerability in 7 Media Web Solutions eduTrac before 1.1.2 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2014-01-07 | CVE-2013-6419 | Openstack | Information Exposure vulnerability in Openstack Havana 2013.2.1/Havana1 Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by (1) api/metadata/handler.py in Nova and (2) the neutron-metadata-agent (agent/metadata/agent.py) in Neutron. | 5.0 |
| 2014-01-07 | CVE-2013-4564 | Libreswan | Numeric Errors vulnerability in Libreswan 3.6 Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet. | 5.0 |
| 2014-01-08 | CVE-2014-0651 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Context Directory Agent The administrative interface in Cisco Context Directory Agent (CDA) does not properly enforce authorization requirements, which allows remote authenticated users to obtain administrative access by hijacking a session, aka Bug ID CSCuj45347. | 4.9 |
| 2014-01-10 | CVE-2013-5010 | Symantec | Permissions, Privileges, and Access Controls vulnerability in Symantec Endpoint Protection The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local users to bypass intended policy restrictions and access files or directories via unspecified vectors. | 4.6 |
| 2014-01-07 | CVE-2011-1936 | XEN | Denial-Of-Service vulnerability in Xen Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest crash) via unspecified vectors. | 4.6 |
| 2014-01-11 | CVE-2013-3713 | Opensuse | Information Exposure vulnerability in Opensuse 13.1 The image creation configuration in aaa_base before 16.26.1 for openSUSE 13.1 KDE adds the root user to the "users" group when installing from a live image, which allows local users to obtain sensitive information and possibly have other unspecified impacts, as demonstrated by reading /etc/shadow. | 4.4 |
| 2014-01-12 | CVE-2013-6017 | Atmail | Cross-Site Scripting vulnerability in Atmail Cross-site scripting (XSS) vulnerability in Atmail Webmail Server before 7.2 allows remote attackers to inject arbitrary web script or HTML via the body of an e-mail message, as demonstrated by the SRC attribute of an IFRAME element. | 4.3 |
| 2014-01-10 | CVE-2014-0977 | Sixapart | Cross-Site Scripting vulnerability in Sixapart Movabletype Cross-site scripting (XSS) vulnerability in the Rich Text Editor in Movable Type 5.0x, 5.1x before 5.161, 5.2.x before 5.2.9, and 6.0.x before 6.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2014-01-10 | CVE-2014-1407 | Conceptronic | Cross-Site Scripting vulnerability in Conceptronic C54Apm and C54Apm Firmware Multiple cross-site scripting (XSS) vulnerabilities on the Conceptronic C54APM access point with runtime code 1.26 allow remote attackers to inject arbitrary web script or HTML via (1) the submit-url parameter in a Refresh action to goform/formWlSiteSurvey or (2) the wlan-url parameter to goform/formWlanSetup. | 4.3 |
| 2014-01-10 | CVE-2014-1406 | Conceptronic | Improper Input Validation vulnerability in Conceptronic C54Apm and C54Apm Firmware CRLF injection vulnerability in goform/formWlSiteSurvey on the Conceptronic C54APM access point with runtime code 1.26 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the submit-url parameter in a Refresh action. | 4.3 |
| 2014-01-10 | CVE-2014-0663 | Cisco | Cross-Site Scripting vulnerability in Cisco Secure Access Control System Cross-site scripting (XSS) vulnerability in the web framework in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum03625. | 4.3 |
| 2014-01-10 | CVE-2013-7289 | Aphpkb | Cross-Site Scripting vulnerability in Aphpkb Multiple cross-site scripting (XSS) vulnerabilities in register.php in Andy's PHP Knowledgebase (Aphpkb) before 0.95.8 allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, (3) email, or (4) username parameter. | 4.3 |
| 2014-01-10 | CVE-2013-7288 | Mybb | Cross-Site Scripting vulnerability in Mybb Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via vectors related to Yahoo video URLs. | 4.3 |
| 2014-01-10 | CVE-2013-6974 | Cisco | Cross-Site Scripting vulnerability in Cisco Secure Access Control System Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud89431. | 4.3 |
| 2014-01-09 | CVE-2013-6923 | Seagate | Cross-Site Scripting vulnerability in Seagate Blackarmor NAS 220 and Blackarmor NAS 220 Firmware Multiple cross-site scripting (XSS) vulnerabilities in Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to inject arbitrary web script or HTML via the (1) fullname parameter to admin/access_control_user_edit.php or (2) workname parameter to admin/network_workgroup_domain.php. | 4.3 |
| 2014-01-09 | CVE-2013-6997 | Open Xchange | Cross-Site Scripting vulnerability in Open-Xchange Appsuite Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange (OX) AppSuite 7.4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an HTML email with crafted CSS code containing wildcards or (2) office documents containing "crafted hyperlinks with script URL handlers." | 4.3 |
| 2014-01-08 | CVE-2014-0655 | Cisco | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332. | 4.3 |
| 2014-01-08 | CVE-2014-0654 | Cisco | Improper Input Validation vulnerability in Cisco Context Directory Agent Cisco Context Directory Agent (CDA) allows remote attackers to modify the cache via a replay attack involving crafted RADIUS accounting messages, aka Bug ID CSCuj45383. | 4.3 |
| 2014-01-08 | CVE-2014-0653 | Cisco | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340. | 4.3 |
| 2014-01-08 | CVE-2014-0652 | Cisco | Cross-Site Scripting vulnerability in Cisco Context Directory Agent Cross-site scripting (XSS) vulnerability in the Mappings page in Cisco Context Directory Agent (CDA) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuj45358. | 4.3 |
| 2014-01-08 | CVE-2013-6982 | Cisco | Improper Input Validation vulnerability in Cisco Nx-Os The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote attackers to cause a denial of service (peer reset) via a crafted message, aka Bug ID CSCuj03174. | 4.3 |
| 2014-01-08 | CVE-2014-1232 | Foliovision Wordpress | Cross-Site Scripting vulnerability in Foliovision Foliopress Wysiwyg Cross-site scripting (XSS) vulnerability in the Foliopress WYSIWYG plugin before 2.6.8.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2014-01-08 | CVE-2014-0620 | Technicolor | Cross-Site Scripting vulnerability in Technicolor Tc7200 and Tc7200 Firmware Multiple cross-site scripting (XSS) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to inject arbitrary web script or HTML via the (1) ADDNewDomain parameter to parental/website-filters.asp or (2) VmTracerouteHost parameter to goform/status/diagnostics-route. | 4.3 |
| 2014-01-08 | CVE-2013-7280 | Hansotools | Buffer Errors vulnerability in Hansotools Hanso Player 2.1.0/2.5.0 Buffer overflow in HansoTools Hanso Player 2.1.0, 2.5.0, and earlier allows remote attackers to cause a denial of service (crash) via a long string in a .m3u file. | 4.3 |
| 2014-01-08 | CVE-2013-7279 | Anthony Mills Wordpress | Cross-Site Scripting vulnerability in Anthony Mills S3 Video 0.98/0.981/0.982 Cross-site scripting (XSS) vulnerability in views/video-management/preview_video.php in the S3 Video plugin before 0.983 for WordPress allows remote attackers to inject arbitrary web script or HTML via the base parameter. | 4.3 |
| 2014-01-08 | CVE-2013-7277 | Aphpkb | Cross-Site Scripting vulnerability in Aphpkb Multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP Knowledgebase (Aphpkb) before 0.95.8 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP Referer header to saa.php, (2) username parameter to login.php, or (3) keyword_list parameter to keysearch.php. | 4.3 |
| 2014-01-08 | CVE-2013-7276 | Recommend TO A Friend Project Wordpress | Cross-Site Scripting vulnerability in Recommend TO A Friend Project Recommend TO A Friend 2.0.2 Cross-site scripting (XSS) vulnerability in inc/raf_form.php in the Recommend to a friend plugin 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the current_url parameter. | 4.3 |
| 2014-01-08 | CVE-2013-7275 | Mybb | Cross-Site Scripting vulnerability in Mybb Cross-site scripting (XSS) vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via the editor parameter in a smilie list popup. | 4.3 |
| 2014-01-08 | CVE-2014-0657 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Communications Manager The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540. | 4.0 |
| 2014-01-08 | CVE-2014-0656 | Cisco | Improper Input Validation vulnerability in Cisco Context Directory Agent Cisco Context Directory Agent (CDA) allows remote authenticated users to trigger the omission of certain user-interface data via crafted field values, aka Bug ID CSCuj45353. | 4.0 |
7 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2014-01-10 | CVE-2013-4460 | Mantisbt | Cross-Site Scripting vulnerability in Mantisbt Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name. | 3.5 |
| 2014-01-08 | CVE-2013-7274 | Wallpaperscript | Cross-Site Scripting vulnerability in Wallpaperscript 3.5.0082 Cross-site scripting (XSS) vulnerability in Wallpaper Script 3.5.0082 allows remote authenticated users to inject arbitrary web script or HTML via the title field in a wallpaper file upload. | 3.5 |
| 2014-01-10 | CVE-2014-1234 | Paratrooper Newrelic Project | Information Exposure vulnerability in Paratrooper-Newrelic Project Paratrooper-Newrelic 1.0.1 The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process. | 2.1 |
| 2014-01-10 | CVE-2014-1233 | Tobias Maier | Information Exposure vulnerability in Tobias Maier Paratrooper-Pingdom 1.0.0 The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtain the App-Key, username, and password values by listing the curl process. | 2.1 |
| 2014-01-07 | CVE-2013-6480 | Apache | Information Exposure vulnerability in Apache Libcloud Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM. | 2.1 |
| 2014-01-07 | CVE-2013-4969 | Puppetlabs Puppet Debian Canonical | Link Following vulnerability in multiple products Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files. | 2.1 |
| 2014-01-10 | CVE-2010-5292 | Amberdms | Information Exposure vulnerability in Amberdms Billing System Amberdms Billing System (ABS) before 1.4.1, when a multi-instance installation is configured, might allow local users to obtain sensitive information by reading the cache in between runs of the include/cron/services_usage.php cron job. | 1.9 |