Weekly Vulnerabilities Reports > January 27 to February 2, 2014

Overview

78 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 14 high severity vulnerabilities. This weekly summary report vulnerabilities in 89 products from 55 vendors including IBM, Debian, Google, Cisco, and Redhat. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", and "Improper Input Validation".

  • 69 reported vulnerabilities are remotely exploitables.
  • 7 reported vulnerabilities have public exploit available.
  • 32 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 65 reported vulnerabilities are exploitable by an anonymous user.
  • IBM has the most reported vulnerabilities, with 15 reported vulnerabilities.
  • Adobe has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

6 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-01-30 CVE-2013-1376 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621.

10.0
2014-01-28 CVE-2014-1681 Google Security vulnerability in Google Chrome

Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.102 have unknown impact and attack vectors, related to 12 "security fixes [that were not] either contributed by external researchers or particularly interesting."

10.0
2014-01-28 CVE-2013-6838 Enghouseinteractive
Openvz
Cryptographic Issues vulnerability in Enghouseinteractive IVR PRO 9.0.3

An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro (VIP2000) 9.0.3 (rel903), when using OpenVZ and fallback customization, uses the same SSH private key across different customers' installations, which allows remote attackers to gain privileges by leveraging knowledge of this key.

10.0
2014-02-01 CVE-2013-6724 IBM Unspecified vulnerability in IBM Spss Samplepower 3.0.1.0

Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 IF1 allows remote attackers to execute arbitrary code via a crafted ComboList property value.

9.3
2014-01-31 CVE-2013-4979 Ideamk Buffer Errors vulnerability in Ideamk EPS Viewer 3.2

Buffer overflow in the gldll32.dll module in EPS Viewer 3.2 and earlier allows remote attackers to execute arbitrary code via a crafted EPS file.

9.3
2014-01-30 CVE-2013-7246 Daum Communications Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Daum Communications Daumgame Activex Control 1.1.0.4/1.1.0.5

Buffer overflow in the IconCreate method in an ActiveX control in the DaumGame ActiveX plugin 1.1.0.4 and 1.1.0.5 allows remote attackers to execute arbitrary code via a long string, as exploited in the wild in January 2014.

9.3

14 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-01-31 CVE-2014-0001 Mariadb
Redhat
Oracle
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.

7.5
2014-01-31 CVE-2014-1204 Tableausoftware SQL Injection vulnerability in Tableausoftware Tableau Server

SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

7.5
2014-01-30 CVE-2012-3000 F5 SQL Injection vulnerability in F5 products

Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter.

7.5
2014-01-30 CVE-2014-0838 IBM Multiple Security vulnerability in IBM QRadar Security Information and Event Manager

The AutoUpdate package before 6.4 for IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to execute arbitrary console commands by leveraging control of the server.

7.5
2014-01-29 CVE-2013-4887 Springsignage SQL Injection vulnerability in Springsignage Xibo 1.4.2

SQL injection vulnerability in index.php in Digital Signage Xibo 1.4.2 allows remote attackers to execute arbitrary SQL commands via the displayid parameter.

7.5
2014-01-29 CVE-2014-1692 Openbsd Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openbsd Openssh

The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

7.5
2014-01-29 CVE-2014-0810 Justsystems Remote Code Execution vulnerability in JustSystems Sanshiro Products

Unspecified vulnerability in JustSystems Sanshiro 2007 before update 3, 2008 before update 5, 2009 before update 6, and 2010 before update 6, and Sanshiro Viewer before 2.0.2.0, allows remote attackers to execute arbitrary code via a crafted document.

7.5
2014-01-29 CVE-2013-6749 IBM Buffer Errors vulnerability in IBM Lotus Quickr for Domino 8.5.1

Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6748.

7.5
2014-01-29 CVE-2013-6748 IBM Buffer Errors vulnerability in IBM Lotus Quickr for Domino 8.5.1

Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6749.

7.5
2014-01-29 CVE-2013-2974 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Application Dependency Discovery Manager

The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration privileges, and consequently create or delete reports or conduct SQL injection attacks, via crafted parameters to the BIRT reporting URL.

7.5
2014-01-28 CVE-2013-6650 Debian
Google
Opensuse
Improper Input Validation vulnerability in multiple products

The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handling of "popular pages."

7.5
2014-01-28 CVE-2013-6649 Google
Debian
Opensuse
Resource Management Errors vulnerability in Google Chrome

Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image.

7.5
2014-01-28 CVE-2013-7135 Detlef Pilzecker Permissions, Privileges, and Access Controls vulnerability in Detlef Pilzecker Proc::Adaemon-Run Perl 0.14

The Proc::Daemon module 0.14 for Perl uses world-writable permissions for a file that stores a process ID, which allows local users to have an unspecified impact by modifying this file.

7.2
2014-01-27 CVE-2013-6747 IBM Improper Input Validation vulnerability in IBM products

IBM GSKit 7.x before 7.0.4.48 and 8.x before 8.0.50.16, as used in IBM Security Directory Server (ISDS) and Tivoli Directory Server (TDS), allows remote attackers to cause a denial of service (application crash or hang) via a malformed X.509 certificate chain.

7.1

47 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-02-01 CVE-2014-0831 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Financial Transaction Manager 2.0.0.0/2.0.0.1/2.0.0.2

Cross-site request forgery (CSRF) vulnerability in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that modify configuration data.

6.8
2014-01-30 CVE-2014-0835 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Qradar Security Information and Event Manager

Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to hijack the authentication of administrators for requests that modify console Auto Update settings.

6.8
2014-01-29 CVE-2014-1683 Skybluecanvas USE of Externally-Controlled Format String vulnerability in Skybluecanvas

The bashMail function in cms/data/skins/techjunkie/fragments/contacts/functions.php in SkyBlueCanvas CMS before 1.1 r248-04, when the pid parameter is 4, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) name, (2) email, (3) subject, or (4) message parameter to index.php.

6.8
2014-01-29 CVE-2013-4889 Springsignage Cross-Site Request Forgery (CSRF) vulnerability in Springsignage Xibo 1.4.2

Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Digital Signage Xibo 1.4.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new administrator via the AddUser action or (2) conduct cross-site scripting (XSS) attacks, as demonstrated by CVE-2013-4888.

6.8
2014-01-29 CVE-2013-4898 Webhive
Socialengine
Unspecified vulnerability in Webhive Timeline 4.2.5

Unrestricted file upload vulnerability in the user profile page feature in the Timeline Plugin 4.2.5p9 for SocialEngine allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in public/temporary/timeline/.

6.5
2014-01-29 CVE-2013-4662 Civicrm SQL Injection vulnerability in Civicrm

The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to the "second layer" of the API, related to contact.getquick.

6.5
2014-01-29 CVE-2013-2747 Courion Permissions, Privileges, and Access Controls vulnerability in Courion Access Risk Management Suite 8.0

The password reset feature in Courion Access Risk Management Suite Version 8 Update 9 allows remote authenticated users to bypass intended Internet Explorer usage restrictions and execute arbitrary commands by using keyboard shortcuts to navigate the file system and open a command prompt.

6.5
2014-01-29 CVE-2013-6931 Cybozu SQL Injection vulnerability in Cybozu Garoon 3.7.0/3.7.1/3.7.2

SQL injection vulnerability in the API in Cybozu Garoon 3.7.x before 3.7.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6929.

6.5
2014-01-29 CVE-2013-6930 Cybozu SQL Injection vulnerability in Cybozu Garoon

SQL injection vulnerability in the page-navigation implementation in Cybozu Garoon 2.0.0 through 2.0.6, 2.1.0 through 2.1.3, 2.5.0 through 2.5.4, 3.0.0 through 3.0.3, 3.5.0 through 3.5.5, and 3.7.x before 3.7.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6929.

6.5
2014-01-30 CVE-2014-1610 Mediawiki Improper Input Validation vulnerability in Mediawiki

MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5, and 1.19.x before 1.19.11, when DjVu or PDF file upload support is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the page parameter to includes/media/DjVu.php; (2) the w parameter (aka width field) to thumb.php, which is not properly handled by includes/media/PdfHandler_body.php; and possibly unspecified vectors in (3) includes/media/Bitmap.php and (4) includes/media/ImageHandler.php.

6.0
2014-02-01 CVE-2014-0833 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Financial Transaction Manager 2.0.0.0/2.0.0.1/2.0.0.2

The OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intended access restrictions via an unspecified process step.

5.5
2014-02-02 CVE-2013-7301 Craig Drummond Permissions, Privileges, and Access Controls vulnerability in Craig Drummond Cantata

Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue.

5.0
2014-02-02 CVE-2013-7300 Craig Drummond Path Traversal vulnerability in Craig Drummond Cantata

Absolute path traversal vulnerability in cantata before 1.2.2 allows local users to read arbitrary files via a full pathname in a request to the internal httpd server.

5.0
2014-02-01 CVE-2013-7177 Fail2Ban Improper Input Validation vulnerability in Fail2Ban

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.

5.0
2014-02-01 CVE-2013-7176 Fail2Ban Improper Input Validation vulnerability in Fail2Ban

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.

5.0
2014-02-01 CVE-2013-4043 IBM Information Exposure vulnerability in IBM Spss Collaboration and Deployment Services

The server in IBM SPSS Collaboration and Deployment Services 4.x before 4.2.1.3 IF3, 5.x before 5.0 FP3, and 6.x before 6.0 IF1 allows remote attackers to read arbitrary files via an unspecified HTTP request.

5.0
2014-01-31 CVE-2013-6143 Schneider Electric Improper Input Validation vulnerability in Schneider-Electric Telvent Sage 3030 Firmware C3413500001D3P4/C3413500001F0Pb

The Schneider Electric Telvent SAGE 3030 RTU with firmware C3413-500-001D3_P4 and C3413-500-001F0_PB allows remote attackers to cause a denial of service (temporary outage and CPU consumption) via malformed DNP3 traffic.

5.0
2014-01-31 CVE-2014-0757 3S Software Resource Management Errors vulnerability in 3S-Software Codesys Runtime Toolkit

Smart Software Solutions (3S) CoDeSys Runtime Toolkit before 2.4.7.44 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.

5.0
2014-01-31 CVE-2013-6727 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Sametime 8.5.2.0/8.5.2.1/9.0.0.0

The Connect client in IBM Sametime 8.5.2 through 8.5.2.1 and 9.0 before HF1 does not properly restrict unsigned Java plugins, which allows remote attackers to obtain sensitive information via unspecified vectors.

5.0
2014-01-29 CVE-2013-6141 OP5 Information Disclosure vulnerability in op5 Monitor

Unspecified vulnerability in op5 Monitor before 6.1.3 allows attackers to read arbitrary files via unknown vectors related to lack of authorization.

5.0
2014-01-28 CVE-2012-5192 Bitweaver Path Traversal vulnerability in Bitweaver

Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and earlier allows remote attackers to read arbitrary files via "''%2F" (dot dot encoded slash) sequences in the overlay_type parameter.

5.0
2014-01-29 CVE-2013-4661 Civicrm Permissions, Privileges, and Access Controls vulnerability in Civicrm

CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly enforce role-based access control (RBAC) restrictions for default custom searches, which allows remote authenticated users with the "access CiviCRM" permission to bypass intended access restrictions, as demonstrated by accessing custom contribution data without having the "access CiviContribute" permission.

4.9
2014-01-29 CVE-2014-0682 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Webex Meetings Server

Cisco WebEx Meetings Server allows remote authenticated users to bypass authorization checks and (1) join arbitrary meetings, or (2) terminate a meeting without having a host role, via a crafted URL, aka Bug ID CSCuj42346.

4.9
2014-02-02 CVE-2013-0234 Elgg Cross-Site Scripting vulnerability in Elgg

Cross-site scripting (XSS) vulnerability in the Twitter widget in Elgg before 1.7.17 and 1.8.x before 1.8.13 allows remote attackers to inject arbitrary web script or HTML via the params[twitter_username] parameter to action/widgets/save.

4.3
2014-02-02 CVE-2013-6491 Openstack
Redhat
Cryptographic Issues vulnerability in multiple products

The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network.

4.3
2014-02-01 CVE-2014-0812 Kent WEB
Microsoft
Cross-Site Scripting vulnerability in Kent-Web Joyful Note 2.8

Cross-site scripting (XSS) vulnerability in KENT-WEB Joyful Note 2.8 and earlier, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-01-31 CVE-2013-6235 Steve Souza Cross-Site Scripting vulnerability in Steve Souza Java Application Monitor

Multiple cross-site scripting (XSS) vulnerabilities in JAMon (Java Application Monitor) 2.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) listenertype or (2) currentlistener parameter to mondetail.jsp or ArraySQL parameter to (3) mondetail.jsp, (4) jamonadmin.jsp, (5) sql.jsp, or (6) exceptions.jsp.

4.3
2014-01-30 CVE-2013-7303 Spip Cross-Site Scripting vulnerability in Spip

Multiple cross-site scripting (XSS) vulnerabilities in (1) squelettes-dist/formulaires/inscription.php and (2) prive/forms/editer_auteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13 allow remote attackers to inject arbitrary web script or HTML via the author name field.

4.3
2014-01-30 CVE-2014-1837 Stackideas Cross-Site Scripting vulnerability in Stackideas Komento

Cross-site scripting (XSS) vulnerability in the StackIdeas Komento (com_komento) component before 1.7.4 for Joomla! allows remote attackers to inject arbitrary web script or HTML via vectors related to "checking new comments."

4.3
2014-01-30 CVE-2014-1612 Media5 Cross-Site Scripting vulnerability in Media5 products

Cross-site scripting (XSS) vulnerability in login.esp in the Web Management Interface in Media5 Mediatrix 4402 VoIP Gateway with firmware Dgw 1.1.13.186 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter.

4.3
2014-01-30 CVE-2014-1611 Anonymous Posting Project
Drupal
Cross-Site Scripting vulnerability in Anonymous Posting Project Anonymous Posting 7.X1.2/7.X1.3

Cross-site scripting (XSS) vulnerability in the Anonymous Posting module 7.x-1.2 and 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via the contact name field.

4.3
2014-01-30 CVE-2014-0793 Stackideas
Joomla
Cross-Site Scripting vulnerability in Stackideas Komento 1.7.0/1.7.1/1.7.2

Multiple cross-site scripting (XSS) vulnerabilities in the StackIdeas Komento (com_komento) component before 1.7.3 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website or (2) latitude parameter in a comment to the default URI.

4.3
2014-01-30 CVE-2013-3090 Belkin Cross-Site Scripting vulnerability in Belkin N300

Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to inject arbitrary web script or HTML via the Guest Access PSK field to wireless_guest2_print.stm or other unspecified vectors.

4.3
2014-01-30 CVE-2013-3087 Belkin Cross-Site Scripting vulnerability in Belkin N900

Multiple cross-site scripting (XSS) vulnerabilities in Belkin N900 router allow remote attackers to inject arbitrary web script or HTML via the (1) ssid2 parameter to wl_channel.html or (2) guest_psk parameter to wl_guest.html.

4.3
2014-01-30 CVE-2013-3084 Belkin Cross-Site Scripting vulnerability in Belkin F5D8236-4 V2

Multiple cross-site scripting (XSS) vulnerabilities in Belkin Model F5D8236-4 v2 router allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-01-30 CVE-2014-0837 IBM Cryptographic Issues vulnerability in IBM Qradar Security Information and Event Manager

The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

4.3
2014-01-30 CVE-2014-0836 IBM Cross-Site Scripting vulnerability in IBM Qradar Security Information and Event Manager

Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

4.3
2014-01-29 CVE-2013-7318 Algosec Cross-Site Scripting vulnerability in Algosec Firewall Analyzer 6.4

Cross-site scripting (XSS) vulnerability in BusinessFlow/login in AlgoSec Firewall Analyzer 6.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter.

4.3
2014-01-29 CVE-2013-5092 Algosec Cross-Site Scripting vulnerability in Algosec Firewall Analyzer 6.1

Cross-site scripting (XSS) vulnerability in afa/php/Login.php in AlgoSec Firewall Analyzer 6.1-b86 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

4.3
2014-01-29 CVE-2013-5005 Tripwire Cross-Site Scripting vulnerability in Tripwire Enterprise 7.0

Multiple cross-site scripting (XSS) vulnerabilities in ajaxRequest/methodCall.do in Tripwire Enterprise 8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) m_target_class_name, (2) m_target_method_name, or (3) m_request_context_params parameters.

4.3
2014-01-29 CVE-2013-4888 Springsignage Cross-Site Scripting vulnerability in Springsignage Xibo 1.4.2

Cross-site scripting (XSS) vulnerability in index.php in Digital Signage Xibo 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the layout parameter in the layout page.

4.3
2014-01-29 CVE-2012-6086 Zabbix Cryptographic Issues vulnerability in Zabbix

libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

4.3
2014-01-29 CVE-2014-0681 Cisco Cross-Site Scripting vulnerability in Cisco Identity Services Engine Software

Cross-site scripting (XSS) vulnerability in Cisco Identity Services Engine (ISE) 1.2 patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via a report containing a crafted URL that is not properly handled during generation of report-output pages, aka Bug ID CSCui15064.

4.3
2014-01-29 CVE-2014-0680 Cisco Cross-Site Scripting vulnerability in Cisco Identity Services Engine

Cross-site scripting (XSS) vulnerability in the HTTP control interface in the NAC Web Agent component in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCui15038.

4.3
2014-01-28 CVE-2013-5094 Mcafee Cross-Site Scripting vulnerability in Mcafee vulnerability Manager 7.5

Cross-site scripting (XSS) vulnerability in index.exp in McAfee Vulnerability Manager 7.5 allows remote attackers to inject arbitrary web script or HTML via the cert_cn cookie parameter.

4.3
2014-02-02 CVE-2014-0015 Haxx Improper Authentication vulnerability in Haxx Curl and Libcurl

cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.

4.0
2014-02-01 CVE-2014-0830 IBM Path Traversal vulnerability in IBM Financial Transaction Manager

Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 and 2.1 before 2.1.0.1 allows remote authenticated users to read arbitrary files via a modified pathname.

4.0

11 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-02-01 CVE-2014-0832 IBM Cross-Site Scripting vulnerability in IBM Financial Transaction Manager 2.0.0.0/2.0.0.1/2.0.0.2

Multiple cross-site scripting (XSS) vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted text value.

3.5
2014-01-30 CVE-2013-0177 Apache Cross-Site Scripting vulnerability in Apache Ofbiz

Multiple cross-site scripting (XSS) vulnerabilities in widget/screen/ModelScreenWidget.java in Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.05, 11.04.01, and possibly 09.04.x allow remote authenticated users to inject arbitrary web script or HTML via the (1) Screenlet.title or (2) Image.alt Widget attribute, as demonstrated by the parentPortalPageId parameter to exampleext/control/ManagePortalPages.

3.5
2014-01-28 CVE-2014-1640 Debian Link Following vulnerability in Debian Axiom 201007011.1

axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename.

3.3
2014-01-28 CVE-2014-1639 Debian Link Following vulnerability in Debian Syncevolution

syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename.

3.3
2014-01-28 CVE-2014-1638 Debian Link Following vulnerability in Debian Localepurge

(1) debian/postrm and (2) debian/localepurge.config in localepurge before 0.7.3.2 use tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename.

3.3
2014-01-28 CVE-2014-1624 Python Link Following vulnerability in Python Pyxdg 0.25

Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called.

3.3
2014-02-02 CVE-2012-3427 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Enterprise Application Platform 5.1.2

EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services (AWS) credentials by reading files in the directory.

2.1
2014-02-02 CVE-2013-4331 Robert Ancell Permissions, Privileges, and Access Controls vulnerability in Robert Ancell Lightdm

Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.

2.1
2014-01-31 CVE-2013-4383 Dennis Bruecke
Drupal
Cross-Site Scripting vulnerability in Dennis Bruecke Jquery Countdown 7.X1.0

Cross-site scripting (XSS) vulnerability in the jQuery Countdown module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors.

2.1
2014-01-28 CVE-2014-1604 Python Unspecified vulnerability in Python Rply 0.7.0

The parser cache functionality in parsergenerator.py in RPLY (aka python-rply) before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-*.json file with a predictable name.

2.1
2014-01-28 CVE-2014-0647 Starbucks
Apple
Credentials Management vulnerability in Starbucks 2.6.1

The Starbucks 2.6.1 application for iOS stores sensitive information in plaintext in the Crashlytics log file (/Library/Caches/com.crashlytics.data/com.starbucks.mystarbucks/session.clslog), which allows attackers to discover usernames, passwords, and e-mail addresses via an application that reads session.clslog.

2.1