Weekly Vulnerabilities Reports > February 10 to 16, 2014

Overview

137 new vulnerabilities reported during this period, including 31 critical vulnerabilities and 18 high severity vulnerabilities. This weekly summary report vulnerabilities in 106 products from 63 vendors including Microsoft, Redhat, IBM, Cisco, and SAP. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Improper Input Validation", and "Information Exposure".

  • 112 reported vulnerabilities are remotely exploitables.
  • 11 reported vulnerabilities have public exploit available.
  • 34 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 127 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 32 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 26 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

31 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-02-14 CVE-2013-5400 IBM Credentials Management vulnerability in IBM Platform Symphony 5.2/6.1.0/6.1.1

An unspecified servlet in IBM Platform Symphony Developer Edition (DE) 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain "local environment" access via unknown vectors.

10.0
2014-02-12 CVE-2014-0501 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500.

10.0
2014-02-12 CVE-2014-0500 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0501.

10.0
2014-02-12 CVE-2014-0294 Microsoft Code Injection vulnerability in Microsoft Forefront Protection 2010

Microsoft Forefront Protection 2010 for Exchange Server does not properly parse e-mail content, which might allow remote attackers to execute arbitrary code via a crafted message, aka "RCE Vulnerability."

10.0
2014-02-15 CVE-2013-4737 Qualcomm Permissions, Privileges, and Access Controls vulnerability in Qualcomm Quic Mobile Station Modem Kernel 3.10

The CONFIG_STRICT_MEMORY_RWX implementation for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly consider certain memory sections, which makes it easier for attackers to bypass intended access restrictions by leveraging the presence of RWX memory at a fixed location.

9.3
2014-02-14 CVE-2014-0322 Microsoft USE After Free vulnerability in Microsoft Internet Explorer 10/9

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014.

9.3
2014-02-12 CVE-2014-0290 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0267 and CVE-2014-0289.

9.3
2014-02-12 CVE-2014-0289 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0267 and CVE-2014-0290.

9.3
2014-02-12 CVE-2014-0288 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0273, and CVE-2014-0274.

9.3
2014-02-12 CVE-2014-0287 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0281.

9.3
2014-02-12 CVE-2014-0286 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0275 and CVE-2014-0285.

9.3
2014-02-12 CVE-2014-0285 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0275 and CVE-2014-0286.

9.3
2014-02-12 CVE-2014-0284 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/9

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-02-12 CVE-2014-0283 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 9

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-02-12 CVE-2014-0281 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0287.

9.3
2014-02-12 CVE-2014-0280 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 6/7/8

Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-02-12 CVE-2014-0279 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 8

Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0277 and CVE-2014-0278.

9.3
2014-02-12 CVE-2014-0278 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 8

Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0277 and CVE-2014-0279.

9.3
2014-02-12 CVE-2014-0277 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 8

Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0278 and CVE-2014-0279.

9.3
2014-02-12 CVE-2014-0276 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer 8/9

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-02-12 CVE-2014-0275 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0285 and CVE-2014-0286.

9.3
2014-02-12 CVE-2014-0274 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0273, and CVE-2014-0288.

9.3
2014-02-12 CVE-2014-0273 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0274, and CVE-2014-0288.

9.3
2014-02-12 CVE-2014-0272 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/8/9

Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-02-12 CVE-2014-0271 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer and Vbscript

The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 5.6 through 5.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."

9.3
2014-02-12 CVE-2014-0270 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0273, CVE-2014-0274, and CVE-2014-0288.

9.3
2014-02-12 CVE-2014-0269 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-02-12 CVE-2014-0267 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0289 and CVE-2014-0290.

9.3
2014-02-12 CVE-2014-0263 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a large 2D geometric figure that is encountered with Internet Explorer, aka "Microsoft Graphics Component Memory Corruption Vulnerability."

9.3
2014-02-12 CVE-2014-0257 Microsoft Improper Input Validation vulnerability in Microsoft .Net Framework

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine whether it is safe to execute a method, which allows remote attackers to execute arbitrary code via (1) a crafted web site or (2) a crafted .NET Framework application that exposes a COM server endpoint, aka "Type Traversal Vulnerability."

9.3
2014-02-11 CVE-2014-0980 Poster Software Buffer Errors vulnerability in Poster Software Publish IT 3.6D

Buffer overflow in Poster Software PUBLISH-iT 3.6d allows remote attackers to execute arbitrary code via a crafted PUI file.

9.3

18 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-02-15 CVE-2012-6638 Linux Resource Management Errors vulnerability in Linux Kernel

The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663.

7.8
2014-02-12 CVE-2014-0254 Microsoft Improper Input Validation vulnerability in Microsoft Windows 8, Windows RT and Windows Server 2012

The IPv6 implementation in Microsoft Windows 8, Windows Server 2012, and Windows RT does not properly validate packets, which allows remote attackers to cause a denial of service (system hang) via crafted ICMPv6 Router Advertisement packets, aka "TCP/IP Version 6 (IPv6) Denial of Service Vulnerability."

7.8
2014-02-10 CVE-2013-4736 Codeaurora Numeric Errors vulnerability in Codeaurora Android-Msm

Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (system crash) via a large number of commands in an ioctl call, related to (1) camera_v1/gemini/msm_gemini_sync.c, (2) camera_v2/gemini/msm_gemini_sync.c, (3) camera_v2/jpeg_10/msm_jpeg_sync.c, (4) gemini/msm_gemini_sync.c, (5) jpeg_10/msm_jpeg_sync.c, and (6) mercury/msm_mercury_sync.c.

7.8
2014-02-15 CVE-2012-2663 Netfilter Unspecified vulnerability in Netfilter Iptables

extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets.

7.5
2014-02-15 CVE-2011-2500 Linux NFS Permissions, Privileges, and Access Controls vulnerability in Linux-Nfs Nfs-Utils

The host_reliable_addrinfo function in support/export/hostname.c in nfs-utils before 1.2.4 does not properly use DNS to verify access to NFS exports, which allows remote attackers to mount filesystems by establishing crafted DNS A and PTR records.

7.5
2014-02-14 CVE-2013-5351 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview

Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file.

7.5
2014-02-14 CVE-2014-1921 Parcimonie Project Race Condition vulnerability in Parcimonie Project Parcimonie 0.61/0.63/0.71

parcimonie before 0.8.1, when using a large keyring, sleeps for the same amount of time between fetches, which allows attackers to correlate key fetches via unspecified vectors.

7.5
2014-02-14 CVE-2013-6742 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Sametime

The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 do not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

7.5
2014-02-14 CVE-2013-5014 Symantec XML External Entity Injection vulnerability in Symantec Endpoint Protection Manager

The management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

7.5
2014-02-14 CVE-2013-3983 IBM Improper Input Validation vulnerability in IBM Sametime

The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 does not validate URLs in Cookie headers before using them in redirects, which has unspecified impact and remote attack vectors.

7.5
2014-02-13 CVE-2014-0729 Cisco SQL Injection vulnerability in Cisco Unified Communications Manager

SQL injection vulnerability in the Enterprise Mobility Application (EMApp) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05302.

7.5
2014-02-13 CVE-2014-0728 Cisco SQL Injection vulnerability in Cisco Unified Communications Manager

SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05313.

7.5
2014-02-13 CVE-2014-0727 Cisco SQL Injection vulnerability in Cisco Unified Communications Manager

SQL injection vulnerability in the CallManager Interactive Voice Response (CMIVR) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05318.

7.5
2014-02-13 CVE-2014-0726 Cisco SQL Injection vulnerability in Cisco Unified Communications Manager

SQL injection vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05326.

7.5
2014-02-11 CVE-2013-3294 Exponentcms SQL Injection vulnerability in Exponentcms Exponent CMS

Multiple SQL injection vulnerabilities in Exponent CMS before 2.2.0 release candidate 1 allow remote attackers to execute arbitrary SQL commands via the (1) src or (2) username parameter to index.php.

7.5
2014-02-14 CVE-2013-6441 Linuxcontainers Permissions, Privileges, and Access Controls vulnerability in Linuxcontainers LXC

The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.

7.2
2014-02-14 CVE-2013-2829 Matrikonopc Improper Input Validation vulnerability in Matrikonopc Scada Dnp3 OPC Server 1.2.0/1.2.2.0

MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed DNP3 packet.

7.1
2014-02-12 CVE-2014-0266 Microsoft Information Exposure vulnerability in Microsoft products

The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to bypass the Same Origin Policy via a web page that is visited in Internet Explorer, aka "MSXML Information Disclosure Vulnerability."

7.1

77 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-02-14 CVE-2014-1680 Bandisoft Unspecified vulnerability in Bandisoft Bandizip

Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory.

6.9
2014-02-15 CVE-2013-6167 Mozilla Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Firefox

Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response.

6.8
2014-02-15 CVE-2013-6166 Google Cross-Site Request Forgery (CSRF) vulnerability in Google Chrome

Google Chrome before 29 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response.

6.8
2014-02-14 CVE-2014-0813 Phpmyfaq Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq

Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings.

6.8
2014-02-14 CVE-2013-3988 IBM Improper Input Validation vulnerability in IBM Sametime

The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors.

6.8
2014-02-11 CVE-2013-1980 Extended Module Player Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Extended Module Player Project Extended Module Player

Buffer overflow in the get_dsmp function in loaders/masi_load.c in libxmp before 4.1.0 allows remote attackers to execute arbitrary code via a crafted MASI file.

6.8
2014-02-10 CVE-2012-3406 GNU
Redhat
Canonical
Permissions, Privileges, and Access Controls vulnerability in multiple products

The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.

6.8
2014-02-14 CVE-2013-5015 Symantec SQL Injection vulnerability in Symantec Endpoint Protection Manager and Protection Center

SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.5
2014-02-11 CVE-2014-1459 Doorgets SQL Injection vulnerability in Doorgets CMS 3.0/4.0

SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the _position_down_id parameter.

6.5
2014-02-11 CVE-2014-1401 Auracms SQL Injection vulnerability in Auracms

Multiple SQL injection vulnerabilities in AuraCMS 2.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search parameter to mod/content/content.php or (2) CLIENT_IP, (3) X_FORWARDED_FOR, (4) X_FORWARDED, (5) FORWARDED_FOR, or (6) FORWARDED HTTP header to index.php.

6.5
2014-02-11 CVE-2013-5012 Symantec SQL Injection vulnerability in Symantec web Gateway

Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.5
2014-02-14 CVE-2013-6492 Ryan Ohara Permissions, Privileges, and Access Controls vulnerability in Ryan Ohara Piranha 0.8.6

The Piranha Configuration Tool in Piranha 0.8.6 does not properly restrict access to webpages, which allows remote attackers to bypass authentication and read or modify the LVS configuration via an HTTP POST request.

5.8
2014-02-14 CVE-2012-1100 Redhat Improper Authentication vulnerability in Redhat Jboss Operations Network

Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and earlier, when LDAP authentication is enabled and the LDAP bind account credentials are invalid, allows remote attackers to login to LDAP-based accounts via an arbitrary password in a login request.

5.8
2014-02-14 CVE-2012-0062 Redhat Improper Authentication vulnerability in Redhat Jboss Operations Network

Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 allows remote attackers to hijack agent sessions via an agent registration request without a security token.

5.8
2014-02-14 CVE-2012-0052 Redhat Improper Input Validation vulnerability in Redhat Jboss Operations Network

Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name.

5.8
2014-02-14 CVE-2013-6728 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Dashboard Framework 6.1.5/7.0.1

The charting component in IBM WebSphere Dashboard Framework (WDF) 6.1.5 and 7.0.1 allows remote attackers to view or delete image files by leveraging incorrect security constraints for a temporary directory.

5.8
2014-02-14 CVE-2013-6722 IBM Arbitrary File Upload vulnerability in IBM WebSphere Portal

Unrestricted file upload vulnerability in the Registration/Edit My Profile portlet in IBM WebSphere Portal 7.x before 7.0.0.2 CF27 and 8.x through 8.0.0.1 CF09 allows remote attackers to cause a denial of service or modify data via unspecified vectors.

5.8
2014-02-10 CVE-2011-4093 Oracle
Armin Burgmeier
Opensuse
Opensuse Project
Integer Overflow OR Wraparound vulnerability in multiple products

Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided.

5.8
2014-02-10 CVE-2011-4092 Ubuntu Developers Improper Input Validation vulnerability in Ubuntu Developers Obby

obby (aka libobby) does not verify SSL server certificates, which allows remote attackers to spoof servers via an arbitrary certificate.

5.8
2014-02-15 CVE-2011-3590 Redhat Cryptographic Issues vulnerability in Redhat Kexec-Tools

The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, includes all of root's SSH private keys within a vmcore file, which allows context-dependent attackers to obtain sensitive information by inspecting the file content.

5.7
2014-02-15 CVE-2011-3589 Redhat Cryptographic Issues vulnerability in Redhat Kexec-Tools

The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, uses world-readable permissions for vmcore files, which allows local users to obtain sensitive information by inspecting the file content, as demonstrated by a search for a root SSH key.

5.7
2014-02-15 CVE-2011-3588 Redhat Cryptographic Issues vulnerability in Redhat Kexec-Tools

The SSH configuration in the Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, disables the StrictHostKeyChecking option, which allows man-in-the-middle attackers to spoof kdump servers, and obtain sensitive core information, by using an arbitrary SSH key.

5.7
2014-02-10 CVE-2014-1213 Sophos Permissions, Privileges, and Access Controls vulnerability in Sophos Scanning Engine and Sophos Anti-Virus

Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9.7.x before 9.7.9, 10.0.x before 10.0.11, and 10.3.x before 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of service (resource consumption, CPU consumption, and eventual crash) or spoof "ready for update" messages by performing certain operations on mutexes or events including (1) DataUpdateRequest, (2) MmfMutexSAV-****, (3) MmfMutexSAV-Info, (4) ReadyForUpdateSAV-****, (5) ReadyForUpdateSAV-Info, (6) SAV-****, (7) SAV-Info, (8) StateChange, (9) SuspendedSAV-****, (10) SuspendedSAV-Info, (11) UpdateComplete, (12) UpdateMutex, (13) UpdateRequest, or (14) SophosALMonSessionInstance, as demonstrated by triggering a ReadyForUpdateSAV event and modifying the UpdateComplete, UpdateMutex, and UpdateRequest objects.

5.6
2014-02-14 CVE-2014-1219 Broadcom Improper Input Validation vulnerability in Broadcom 2E web Option R8.1.2

CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID session token in place of the entire token, which allows remote attackers to hijack sessions by changing characters at the end of this substring, as demonstrated by terminating a session via a modified SSNID parameter to web2edoc/close.htm.

5.1
2014-02-15 CVE-2012-1171 PHP Information Exposure vulnerability in PHP

The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.

5.0
2014-02-14 CVE-2014-1963 SAP Unspecified vulnerability in SAP Netweaver 7.20

Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors.

5.0
2014-02-14 CVE-2014-1962 SAP Information Exposure vulnerability in SAP Customer Relationship Management 7.02

Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain sensitive information via unspecified vectors, related to an XML External Entity (XXE) issue.

5.0
2014-02-14 CVE-2014-1961 SAP Unspecified vulnerability in SAP Netweaver

Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors.

5.0
2014-02-14 CVE-2014-1960 SAP Permissions, Privileges, and Access Controls vulnerability in SAP Netweaver and Netweaver Solution Manager

The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors.

5.0
2014-02-14 CVE-2013-6440 Internet2
Shibboleth
Information Exposure vulnerability in multiple products

The (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter, and (4) SAML Decrypter in Shibboleth OpenSAML-Java before 2.6.1 set the expandEntityReferences property to true, which allows remote attackers to conduct XML external entity (XXE) attacks via a crafted XML DOCTYPE declaration.

5.0
2014-02-14 CVE-2014-1467 Blackberry Credentials Management vulnerability in Blackberry products

BlackBerry Enterprise Service 10 before 10.2.1, Universal Device Service 6, Enterprise Server Express for Domino through 5.0.4, Enterprise Server Express for Exchange through 5.0.4, Enterprise Server for Domino through 5.0.4 MR6, Enterprise Server for Exchange through 5.0.4 MR6, and Enterprise Server for GroupWise through 5.0.4 MR6 log cleartext credentials during exception handling, which might allow context-dependent attackers to obtain sensitive information by reading a log file.

5.0
2014-02-14 CVE-2013-3978 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Sametime

The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 does not send the appropriate HTTP response headers to prevent unwanted caching by a web browser, which allows remote attackers to obtain sensitive information by leveraging an unattended workstation.

5.0
2014-02-13 CVE-2014-0725 Cisco Improper Authentication vulnerability in Cisco Unified Communications Manager

Cisco Unified Communications Manager (UCM) does not require authentication for reading WAR files, which allows remote attackers to obtain sensitive information via unspecified access to a "file storage location," aka Bug ID CSCum05337.

5.0
2014-02-13 CVE-2014-0722 Cisco Improper Authentication vulnerability in Cisco Unified Communications Manager

The log4jinit web application in Cisco Unified Communications Manager (UCM) does not properly validate authentication, which allows remote attackers to cause a denial of service (performance degradation) via unspecified use of this application, aka Bug ID CSCum05347.

5.0
2014-02-12 CVE-2014-0253 Microsoft Improper Input Validation vulnerability in Microsoft .Net Framework

Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote attackers to cause a denial of service (ASP.NET daemon hang) via crafted HTTP requests that trigger persistent resource consumption for a (1) stale or (2) closed connection, as exploited in the wild in February 2014, aka "POST Request DoS Vulnerability."

5.0
2014-02-10 CVE-2013-2055 Apache Information Disclosure vulnerability in Apache Wicket

Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x before 1.5.11, and 6.x before 6.8.0 allows remote attackers to obtain sensitive information via vectors that cause raw HTML templates to be rendered without being processed and reading the information that is outside of wicket:panel markup.

5.0
2014-02-10 CVE-2011-4610 Redhat Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat products

JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service (infinite loop) via vectors related to a crafted UTF-8 and a "surrogate pair character" that is "at the boundary of an internal buffer."

5.0
2014-02-10 CVE-2012-3405 GNU
Redhat
Canonical
Numeric Errors vulnerability in multiple products

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404.

5.0
2014-02-10 CVE-2012-3404 GNU
Redhat
Canonical
Numeric Errors vulnerability in multiple products

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.

5.0
2014-02-10 CVE-2012-2328 Standards Based Linux Instrumentation Project
Opensuse
Cryptographic Issues vulnerability in multiple products

internal/cimxml/sax/NodeFactory.java in Standards-Based Linux Instrumentation for Manageability (SBLIM) Common Information Model (CIM) Client (aka sblim-cim-client2) before 2.1.12 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML file.

5.0
2014-02-10 CVE-2011-4091 Opensuse
Oracle
Armin Burgmeier
Improper Authentication vulnerability in multiple products

The libobby server in inc/server.hpp in libnet6 (aka net6) before 1.3.14 does not perform authentication before checking the user name, which allows remote attackers to obtain sensitive information such as server-usage patterns by a particular user and color preferences.

5.0
2014-02-15 CVE-2011-2909 Linux Information Exposure vulnerability in Linux Kernel

The do_devinfo_ioctl function in drivers/staging/comedi/comedi_fops.c in the Linux kernel before 3.1 allows local users to obtain sensitive information from kernel memory via a copy of a short string.

4.9
2014-02-14 CVE-2014-1253 Apple Buffer Errors vulnerability in Apple Boot Camp 5.0

AppleMNT.sys in Apple Boot Camp 5 before 5.1 allows local users to cause a denial of service (kernel memory corruption) or possibly have unspecified other impact via a malformed header in a Portable Executable (PE) file.

4.7
2014-02-15 CVE-2011-1836 Ecryptfs Permissions, Privileges, and Access Controls vulnerability in Ecryptfs Ecryptfs-Utils and Ecryptfs Utils

utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process.

4.6
2014-02-15 CVE-2011-1831 Ecryptfs Permissions, Privileges, and Access Controls vulnerability in Ecryptfs Ecryptfs-Utils and Ecryptfs Utils

utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.

4.6
2014-02-14 CVE-2014-1950 XEN Resource Management Errors vulnerability in XEN

Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen 4.1.x through 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xc_cpumap_alloc function, which allows local users with access to management functions to cause a denial of service (heap corruption) and possibly gain privileges via unspecified vectors.

4.6
2014-02-10 CVE-2012-0064 X
Xkeyboard Config Project
Permissions, Privileges, and Access Controls vulnerability in multiple products

xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB debugging functions by default, which allows physically proximate attackers to bypass an X screen lock via keyboard combinations that break the input grab.

4.6
2014-02-15 CVE-2011-1835 Ecryptfs Credentials Management vulnerability in Ecryptfs Ecryptfs-Utils and Ecryptfs Utils

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps.

4.4
2014-02-10 CVE-2014-1876 Oracle Link Following vulnerability in Oracle Openjdk 1.6.0/1.7.0/1.8.0

The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log.

4.4
2014-02-10 CVE-2013-6024 F5 Information Exposure vulnerability in F5 products

The Edge Client components in F5 BIG-IP APM 10.x, 11.x, 12.x, 13.x, and 14.x, BIG-IP Edge Gateway 10.x and 11.x, and FirePass 7.0.0 allow attackers to obtain sensitive information from process memory via unspecified vectors.

4.4
2014-02-10 CVE-2011-4930 Condor Project
Redhat
Fedoraproject
USE of Externally-Controlled Format String vulnerability in multiple products

Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.

4.4
2014-02-14 CVE-2013-7326 Vtiger Cross-Site Scripting vulnerability in Vtiger CRM 5.4.0

Cross-site scripting (XSS) vulnerability in vTiger CRM 5.4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) return_url parameter to modules\com_vtiger_workflow\savetemplate.php, or unspecified vectors to (2) deletetask.php, (3) edittask.php, (4) savetask.php, or (5) saveworkflow.php.

4.3
2014-02-14 CVE-2013-7032 Livezilla Cross-Site Scripting vulnerability in Livezilla

Multiple cross-site scripting (XSS) vulnerabilities in the web based operator client in LiveZilla before 5.1.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name of an uploaded file or (2) customer name in a resource created from an uploaded file, a different vulnerability than CVE-2013-7003.

4.3
2014-02-14 CVE-2013-4499 Bean Project Cross-Site Scripting vulnerability in Bean Project Bean

Cross-site scripting (XSS) vulnerability in the Bean module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via the bean title.

4.3
2014-02-14 CVE-2014-0814 Phpmyfaq Cross-Site Scripting vulnerability in PHPmyfaq

Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-02-14 CVE-2014-0332 Sonicwall Cross-Site Scripting vulnerability in Sonicwall Analyzer and Global Management System

Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action.

4.3
2014-02-14 CVE-2014-1965 SAP Cross-Site Scripting vulnerability in SAP Netweaver

Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP.

4.3
2014-02-14 CVE-2014-1964 SAP Cross-Site Scripting vulnerability in SAP products

Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error.

4.3
2014-02-14 CVE-2014-0032 Apache Improper Input Validation vulnerability in Apache Subversion

The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the "svn ls http://svn.example.com" command.

4.3
2014-02-14 CVE-2013-4415 Redhat Cross-Site Scripting vulnerability in Redhat Network Satellite 5.6

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) whereCriteria variable in a software channels search; (2) end_year, (3) start_hour, (4) end_am_pm, (5) end_day, (6) end_hour, (7) end_minute, (8) end_month, (9) end_year, (10) optionScanDateSearch, (11) result_filter, (12) search_string, (13) show_as, (14) start_am_pm, (15) start_day, (16) start_hour, (17) start_minute, (18) start_month, (19) start_year, or (20) whereToSearch variable in an scap audit results search; (21) end_minute, (22) end_month, (23) end_year, (24) errata_type_bug, (25) errata_type_enhancement, (26) errata_type_security, (27) fineGrained, (28) list_1892635924_sortdir, (29) optionIssueDateSearch, (30) start_am_pm, (31) start_day, (32) start_hour, (33) start_minute, (34) start_month, (35) start_year, or (36) view_mode variable in an errata search; or (37) fineGrained variable in a systems search, related to PAGE_SIZE_LABEL_SELECTED.

4.3
2014-02-14 CVE-2014-0855 IBM Cross-Site Scripting vulnerability in IBM Connections Portlets 4.0/4.5/4.5.1

Multiple cross-site scripting (XSS) vulnerabilities in IBM Connections Portlets 4.x before 4.5.1 FP1 for IBM WebSphere Portal 7.0.0.2 and 8.0.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-02-13 CVE-2014-0723 Cisco Cross-Site Scripting vulnerability in Cisco Unified Communications Manager

Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum05343.

4.3
2014-02-12 CVE-2013-2585 Atmail Cross-Site Scripting vulnerability in Atmail

Cross-site scripting (XSS) vulnerability in Atmail Webmail Server 6.6.x before 6.6.3 and 7.0.x before 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php/mail/viewmessage/getattachment/folder/INBOX/uniqueId/<MessageID>/filenameOriginal/.

4.3
2014-02-12 CVE-2013-6229 Atmail Cross-Site Scripting vulnerability in Atmail 7.0.2

Multiple cross-site scripting (XSS) vulnerabilities in Atmail Webmail Server 7.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) filter parameter to index.php/mail/mail/listfoldermessages/searching/true/selectFolder/INBOX/resultContext/searchResultsTab5 or (2) mailId[] parameter to index.php/mail/mail/movetofolder/fromFolder/INBOX/toFolder/INBOX.Trash.

4.3
2014-02-12 CVE-2014-0295 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft .Net Framework 2.0/3.5.1

VsaVb7rt.dll in Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in February 2014, aka "VSAVB7RT ASLR Vulnerability."

4.3
2014-02-12 CVE-2014-0293 Microsoft Information Exposure vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."

4.3
2014-02-12 CVE-2014-0268 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 8 through 11 does not properly restrict file installation and registry-key creation, which allows remote attackers to bypass the Mandatory Integrity Control protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."

4.3
2014-02-11 CVE-2014-1237 I Doit Cross-Site Scripting vulnerability in I-Doit

Cross-site scripting (XSS) vulnerability in synetics i-doit pro before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the call parameter.

4.3
2014-02-11 CVE-2013-3933 Maxxmarketing Cross-Site Scripting vulnerability in Maxxmarketing Joomshopping

Cross-site scripting (XSS) vulnerability in the JoomShopping (com_joomshopping) component before 4.3.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the user_name parameter to index.php.

4.3
2014-02-11 CVE-2013-2639 Ctera Cross-Site Scripting vulnerability in Ctera Cloud Storage OS 3.2.29.0/3.2.42.0

Cross-site scripting (XSS) vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a project folder.

4.3
2014-02-11 CVE-2013-1413 I Doit Cross-Site Scripting vulnerability in I-Doit 0.9.9/1.0/1.0.2

Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-02-11 CVE-2013-5013 Symantec Cross-Site Scripting vulnerability in Symantec web Gateway

Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.2 allow remote attackers to inject arbitrary web script or HTML via (1) vectors involving PHP scripts and (2) unspecified other vectors.

4.3
2014-02-10 CVE-2014-1931 Visibility Software Information Exposure vulnerability in Visibility Software Cyber Recruiter

The user login page in Visibility Software Cyber Recruiter before 8.1.00 generates different responses for invalid password-retrieval attempts depending on which data elements are incorrect, which might allow remote attackers to obtain account-related information via a series of requests.

4.3
2014-02-10 CVE-2014-1930 Visibility Software Information Exposure vulnerability in Visibility Software Cyber Recruiter

Visibility Software Cyber Recruiter before 8.1.00 does not use the appropriate combination of HTTPS transport and response headers to prevent access to (1) AppSelfService.aspx and (2) AgencyPortal.aspx in the browser history, which allows remote attackers to obtain sensitive information by leveraging an unattended workstation.

4.3
2014-02-10 CVE-2010-4777 Perl Improper Input Validation vulnerability in Perl 5.10/5.12.0/5.14.0

The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash.

4.3
2014-02-13 CVE-2014-0724 Cisco Improper Input Validation vulnerability in Cisco Unified Communications Manager

The bulk administration interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to bypass authentication and read arbitrary files by using an unspecified prompt, aka Bug ID CSCum05340.

4.0
2014-02-10 CVE-2013-2214 Nagios Permissions, Privileges, and Access Controls vulnerability in Nagios

status.cgi in Nagios 4.0 before 4.0 beta4 and 3.x before 3.5.1 does not properly restrict access to certain users that are a contact for a service, which allows remote authenticated users to obtain sensitive information about hostnames via the servicegroup (1) overview, (2) summary, or (3) grid style in status.cgi.

4.0

11 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-02-15 CVE-2011-1837 Ecryptfs Permissions, Privileges, and Access Controls vulnerability in Ecryptfs Ecryptfs-Utils and Ecryptfs Utils

The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors.

3.6
2014-02-14 CVE-2013-1871 Redhat Cross-Site Scripting vulnerability in Redhat Network Satellite 5.6

Cross-site scripting (XSS) vulnerability in account/EditAddress.do in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary web script or HTML via the type parameter.

3.5
2014-02-14 CVE-2012-6149 Redhat Cross-Site Scripting vulnerability in Redhat Network Satellite 5.6

Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) content values of a note in a system.addNote XML-RPC call.

3.5
2014-02-14 CVE-2013-6743 IBM Cross-Site Scripting vulnerability in IBM Sametime

Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IMG element.

3.5
2014-02-15 CVE-2012-1088 Iproute2 Project Link Following vulnerability in Iproute2 Project Iproute2 3.0.0/3.1.0/3.2.0

iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by (1) configure or (2) examples/dhcp-client-script.

3.3
2014-02-14 CVE-2014-1948 Openstack Credentials Management vulnerability in Openstack Image Registry and Delivery Service (Glance) 2013.2/2013.2.1

OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading the log.

2.6
2014-02-15 CVE-2013-0346 Apache Permissions, Privileges, and Access Controls vulnerability in Apache Tomcat

** DISPUTED ** Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file.

2.1
2014-02-15 CVE-2012-6108 HP Permissions, Privileges, and Access Controls vulnerability in HP Linux Imaging and Printing Project

HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses world-writable permissions for /var/log/hp and /var/log/hp/tmp, which allows local users to delete log files via standard filesystem operations.

2.1
2014-02-15 CVE-2011-1834 Ecryptfs Permissions, Privileges, and Access Controls vulnerability in Ecryptfs Ecryptfs-Utils and Ecryptfs Utils

utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call.

2.1
2014-02-15 CVE-2011-1832 Ecryptfs Permissions, Privileges, and Access Controls vulnerability in Ecryptfs Ecryptfs-Utils and Ecryptfs Utils

utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.

2.1
2014-02-14 CVE-2014-0018 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat products

Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the Modular Service Container (MSC) service registry, which allows local users to modify the server via a crafted deployment.

1.9