Weekly Vulnerabilities Reports > February 24 to March 2, 2014
Overview
110 new vulnerabilities reported during this period, including 17 critical vulnerabilities and 21 high severity vulnerabilities. This weekly summary report vulnerabilities in 82 products from 43 vendors including Apple, Cisco, Google, IBM, and HP. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Input Validation", and "Cryptographic Issues".
- 94 reported vulnerabilities are remotely exploitables.
- 3 reported vulnerabilities have public exploit available.
- 30 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 86 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 25 reported vulnerabilities.
- Apple has the most reported critical vulnerabilities, with 9 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
17 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-03-02 | CVE-2014-0862 | IBM | Unspecified vulnerability in IBM Rational Collaborative Lifecycle Management Unspecified vulnerability in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x before 3.0.1.6 iFix 2 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
2014-02-27 | CVE-2014-2075 | Tibco | Improper Authentication vulnerability in Tibco products TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK 1.0.0 do not properly enforce administrative authentication requirements, which allows remote attackers to execute arbitrary commands via unspecified vectors. | 10.0 |
2014-02-26 | CVE-2013-3712 | Suse | Cryptographic Issues vulnerability in Suse Studio Extension for System Z and Studio Onsite SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors. | 10.0 |
2014-02-26 | CVE-2013-4841 | HP | Remote Code Execution vulnerability in HP products Unspecified vulnerability in dbd_manager in LeftHand OS before 11.0 in HP StoreVirtual 4000 and StoreVirtual VSA Software (formerly LeftHand Virtual SAN Appliance) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1509. | 10.0 |
2014-03-01 | CVE-2014-2262 | SAS | Buffer Errors vulnerability in SAS Base SAS 9.2/9.3/9.4 Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS 9.3 TS1M1 and TS1M2, and SAS 9.4 TS1M0 allows user-assisted remote attackers to execute arbitrary code via a crafted SAS program. | 9.3 |
2014-02-27 | CVE-2014-1251 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file. | 9.3 |
2014-02-27 | CVE-2014-1250 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file. | 9.3 |
2014-02-27 | CVE-2014-1249 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image. | 9.3 |
2014-02-27 | CVE-2014-1248 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file. | 9.3 |
2014-02-27 | CVE-2014-1247 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file. | 9.3 |
2014-02-27 | CVE-2014-1246 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file. | 9.3 |
2014-02-27 | CVE-2014-1245 | Apple | Numeric Errors vulnerability in Apple Quicktime Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file. | 9.3 |
2014-02-27 | CVE-2014-1244 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. | 9.3 |
2014-02-27 | CVE-2014-1243 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file. | 9.3 |
2014-02-24 | CVE-2014-0758 | Iconics | Improper Input Validation vulnerability in Iconics Genesis32 An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8.04, and 8.05 allows remote attackers to execute arbitrary programs via a crafted HTML document. | 9.3 |
2014-02-24 | CVE-2013-2817 | Mitsubishielectric | Code Injection vulnerability in Mitsubishielectric Mc-Worx Suite 8.02 An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click. | 9.3 |
2014-02-27 | CVE-2014-0679 | Cisco | Improper Input Validation vulnerability in Cisco Prime Infrastructure Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 allows remote authenticated users to execute arbitrary commands with root privileges via an unspecified URL, aka Bug ID CSCum71308. | 9.0 |
21 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-03-02 | CVE-2014-2033 | Bluecoat | Permissions, Privileges, and Access Controls vulnerability in Bluecoat Proxysgos The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials. | 7.9 |
2014-03-02 | CVE-2014-2264 | Synology | Information Exposure vulnerability in Synology Diskstation Manager 4.33810 The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session. | 7.8 |
2014-02-26 | CVE-2013-2824 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogic SCADA 7.20 through 7.20SR1 do not properly handle exceptions, which allows remote attackers to cause a denial of service via a crafted packet. | 7.8 |
2014-02-24 | CVE-2014-1966 | Siemens | Unspecified vulnerability in Siemens Ruggedcom Rugged Operating System The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 for RS950G, ROS 3.12 before 3.12.4, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (device outage) via crafted packets. | 7.8 |
2014-03-01 | CVE-2014-1912 | Python Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. | 7.5 |
2014-03-01 | CVE-2013-2498 | Simplehrm | SQL Injection vulnerability in Simplehrm 2.2/2.3 SQL injection vulnerability in the login page in flexycms/modules/user/user_manager.php in SimpleHRM 2.3, 2.2, and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to index.php/user/setLogin. | 7.5 |
2014-02-27 | CVE-2014-1854 | Adrotateplugin | SQL Injection vulnerability in Adrotateplugin Adrotate SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter. | 7.5 |
2014-02-27 | CVE-2014-1597 | I Doit | SQL Injection vulnerability in I-Doit SQL injection vulnerability in the CMDB web application in synetics i-doit pro before 1.2.5 and i-doit open allows remote attackers to execute arbitrary SQL commands via the objID parameter to the default URI. | 7.5 |
2014-02-27 | CVE-2014-1262 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption. | 7.5 |
2014-02-27 | CVE-2014-1261 | Apple | Numeric Errors vulnerability in Apple mac OS X Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font. | 7.5 |
2014-02-27 | CVE-2014-1256 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages. | 7.5 |
2014-02-27 | CVE-2014-1255 | Apple | Improper Input Validation vulnerability in Apple mac OS X Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the free function, which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages. | 7.5 |
2014-02-26 | CVE-2013-6204 | HP | Remote Code Execution vulnerability in HP Application Information Optimizer The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004. | 7.5 |
2014-02-26 | CVE-2013-6203 | HP | Remote Code Execution vulnerability in HP Application Information Optimizer The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-1656. | 7.5 |
2014-02-24 | CVE-2013-6661 | Unspecified vulnerability in Google Chrome Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors. | 7.5 | |
2014-02-24 | CVE-2013-6658 | Resource Management Errors vulnerability in Google Chrome Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) running JavaScript code during execution of the updateWidgetPositions function or (2) making a call into a plugin during execution of the updateWidgetPositions function. | 7.5 | |
2014-02-24 | CVE-2013-6655 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM events during interaction between JavaScript and layout. | 7.5 | |
2014-02-24 | CVE-2013-6654 | Improper Input Validation vulnerability in Google Chrome The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which allows remote attackers to cause a denial of service (incorrect cast) or possibly have unspecified other impact via unknown vectors. | 7.5 | |
2014-02-24 | CVE-2013-6653 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to the color chooser. | 7.5 | |
2014-02-24 | CVE-2013-6652 | Google Microsoft | Path Traversal vulnerability in Google Chrome Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for .. | 7.5 |
2014-02-27 | CVE-2014-0816 | Norman | Permissions, Privileges, and Access Controls vulnerability in Norman Security Suite 10.0/10.1/8.0 Unspecified vulnerability in Norman Security Suite 10.1 and earlier allows local users to gain privileges via unknown vectors. | 7.2 |
59 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-02-28 | CVE-2014-0774 | Schneider Electric | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Schneider-Electric products Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file. | 6.9 |
2014-02-28 | CVE-2014-0759 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Floating License Manager 1.0.0/1.4.0 Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character. | 6.9 |
2014-03-02 | CVE-2014-2089 | Ilias | Code Injection vulnerability in Ilias 4.4.1 ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via an e-mail attachment that leads to creation of a .php file with a certain client_id pathname. | 6.8 |
2014-02-27 | CVE-2014-2103 | Cisco | Improper Input Validation vulnerability in Cisco Intrusion Prevention System Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309. | 6.8 |
2014-02-27 | CVE-2014-1270 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269. | 6.8 |
2014-02-27 | CVE-2014-1269 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270. | 6.8 |
2014-02-27 | CVE-2014-1268 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270. | 6.8 |
2014-02-27 | CVE-2014-1260 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document. | 6.8 |
2014-02-27 | CVE-2014-1259 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename. | 6.8 |
2014-02-27 | CVE-2014-1258 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image. | 6.8 |
2014-02-27 | CVE-2014-1254 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document. | 6.8 |
2014-02-27 | CVE-2014-0747 | Cisco | Improper Input Validation vulnerability in Cisco Unified Communications Manager The Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493. | 6.8 |
2014-02-27 | CVE-2014-0745 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Contact Center Express Editor Software Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability subsystem in Cisco Unified Contact Center Express (Unified CCX) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCum95502. | 6.8 |
2014-02-27 | CVE-2014-0740 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) interface in the OS Administration component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to hijack the authentication of administrators for requests that make administrative changes, aka Bug ID CSCun00701. | 6.8 |
2014-02-24 | CVE-2013-6202 | HP | Cross-Site Request Forgery (CSRF) vulnerability in HP Service Manager Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code. | 6.8 |
2014-03-02 | CVE-2014-2088 | Ilias | Unspecified vulnerability in Ilias 4.4.1 Unrestricted file upload vulnerability in ilias.php in ILIAS 4.4.1 allows remote authenticated users to execute arbitrary PHP code by using a .php filename in an upload_files action to the uploadFiles command, and then accessing the .php file via a direct request to a certain client_id pathname. | 6.5 |
2014-03-01 | CVE-2014-2059 | Jenkins | Path Traversal vulnerability in Jenkins Directory traversal vulnerability in the CLI job creation (hudson/cli/CreateJobCommand.java) in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary files via the job name. | 6.5 |
2014-02-27 | CVE-2014-0821 | Cybozu | SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6930 and CVE-2013-6931. | 6.5 |
2014-02-24 | CVE-2013-6659 | Cryptographic Issues vulnerability in Google Chrome The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user's expectations, by initiating a TLS renegotiation. | 6.4 | |
2014-02-24 | CVE-2013-6657 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. | 6.4 | |
2014-02-26 | CVE-2014-2205 | Mcafee | Permissions, Privileges, and Access Controls vulnerability in Mcafee Epolicy Orchestrator The Import and Export Framework in McAfee ePolicy Orchestrator (ePO) before 4.6.7 Hotfix 940148 allows remote authenticated users with permissions to add dashboards to read arbitrary files by importing a crafted XML file, related to an XML External Entity (XXE) issue. | 6.3 |
2014-02-27 | CVE-2014-0742 | Cisco | Improper Input Validation vulnerability in Cisco Unified Communications Manager The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464. | 6.2 |
2014-02-27 | CVE-2014-0741 | Cisco | Cryptographic Issues vulnerability in Cisco Unified Communications Manager The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461. | 6.2 |
2014-02-27 | CVE-2014-1967 | 7Andi FS CO | Cryptographic Issues vulnerability in 7Andi-Fs.Co Denny'S 1.0.1/1.0.2/2.0.0 The Denny's application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
2014-02-26 | CVE-2011-2941 | Redhat | Improper Input Validation vulnerability in Redhat Jboss Enterprise Portal Platform Open redirect vulnerability in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the initialURI parameter. | 5.8 |
2014-02-28 | CVE-2014-1878 | Icinga Nagios | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service (segmentation fault) via a long message to cmd.cgi. | 5.0 |
2014-02-27 | CVE-2014-0333 | Libpng | Numeric Errors vulnerability in Libpng The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero. | 5.0 |
2014-02-27 | CVE-2014-0743 | Cisco | Improper Authentication vulnerability in Cisco Unified Communications Manager The Certificate Authority Proxy Function (CAPF) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and modify registered-device information via crafted data, aka Bug ID CSCum95468. | 5.0 |
2014-02-26 | CVE-2013-7332 | Microsoft | Resource Management Errors vulnerability in Microsoft Windows 8 and Windows 8.1 The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | 5.0 |
2014-02-26 | CVE-2014-0842 | IBM | Credentials Management vulnerability in IBM Rational Focal Point The account-creation functionality in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 places the new user's default password within the creation page, which allows remote attackers to obtain sensitive information by reading the HTML source code. | 5.0 |
2014-02-24 | CVE-2013-6660 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathnames via a crafted web site. | 5.0 | |
2014-02-24 | CVE-2013-6656 | Information Exposure vulnerability in Google Chrome The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors. | 5.0 | |
2014-02-27 | CVE-2014-0817 | Cybozu | Permissions, Privileges, and Access Controls vulnerability in Cybozu Garoon Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 does not properly manage sessions, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors. | 4.9 |
2014-02-27 | CVE-2014-1265 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock. | 4.6 |
2014-02-26 | CVE-2014-2096 | Catfish Project | Local Privilege Escalation vulnerability in Catfish Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0 allows local users to gain privileges via a Trojan horse bin/catfish.py under the current working directory. | 4.6 |
2014-02-26 | CVE-2014-2095 | Catfish Project | Local Privilege Escalation vulnerability in Catfish Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, when a Fedora package such as 0.8.2-1 is not used, allows local users to gain privileges via a Trojan horse bin/catfish.pyc under the current working directory. | 4.6 |
2014-02-26 | CVE-2014-2094 | Catfish Project | Local Privilege Escalation vulnerability in Catfish Untrusted search path vulnerability in Catfish through 0.4.0.3, when a Fedora package such as 0.4.0.2-2 is not used, allows local users to gain privileges via a Trojan horse catfish.pyc in the current working directory. | 4.6 |
2014-02-26 | CVE-2014-2093 | Catfish Project | Unspecified vulnerability in Catfish Project Catfish Untrusted search path vulnerability in Catfish through 0.4.0.3 allows local users to gain privileges via a Trojan horse catfish.py in the current working directory. | 4.6 |
2014-03-02 | CVE-2014-2092 | Cmsmadesimple | Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 1.11.10 Cross-site scripting (XSS) vulnerability in lib/filemanager/ImageManager/editorFrame.php in CMS Made Simple 1.11.10 allows remote attackers to inject arbitrary web script or HTML via the action parameter, a different issue than CVE-2014-0334. | 4.3 |
2014-03-02 | CVE-2014-2104 | Cisco | Cross-Site Scripting vulnerability in Cisco Unified Communications Domain Manager 9.0(.1) Multiple cross-site scripting (XSS) vulnerabilities in the Business Voice Services Manager (BVSM) page in Cisco Unified Communications Domain Manager 9.0(.1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCum78536, CSCum78526, CSCum69809, and CSCum63113. | 4.3 |
2014-03-02 | CVE-2013-4054 | IBM | Path Traversal vulnerability in IBM Websphere MQ 7.5/7.5.0.1/7.5.0.2 Directory traversal vulnerability in WMQ Telemetry in IBM WebSphere MQ 7.5 before 7.5.0.3 allows remote attackers to read arbitrary files via a crafted URI. | 4.3 |
2014-03-01 | CVE-2014-2080 | Modx | Cross-Site Scripting vulnerability in Modx Revolution Cross-site scripting (XSS) vulnerability in manager/templates/default/header.tpl in ModX Revolution before 2.2.11 allows remote attackers to inject arbitrary web script or HTML via the "a" parameter. | 4.3 |
2014-03-01 | CVE-2014-1888 | Buddypress Wordpress | Cross-Site Scripting vulnerability in Buddypress Cross-site scripting (XSS) vulnerability in the BuddyPress plugin before 1.9.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the name field to groups/create/step/group-details. | 4.3 |
2014-03-01 | CVE-2014-1695 | Otrs | Cross-Site Scripting vulnerability in Otrs Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML email. | 4.3 |
2014-03-01 | CVE-2014-1456 | Openwebanalytics | Cross-Site Scripting vulnerability in Openwebanalytics Open web Analytics Cross-site scripting (XSS) vulnerability in the login page in Open Web Analytics (OWA) before 1.5.6 allows remote attackers to inject arbitrary web script or HTML via the owa_user_id parameter to index.php. | 4.3 |
2014-02-27 | CVE-2014-2231 | I Doit | Cross-Site Scripting vulnerability in I-Doit Cross-site scripting (XSS) vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title. | 4.3 |
2014-02-27 | CVE-2014-2035 | Interworx | Cross-Site Scripting vulnerability in Interworx web Control Panel Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.13 build 574 allows remote attackers to inject arbitrary web script or HTML via the i parameter. | 4.3 |
2014-02-27 | CVE-2014-1223 | Telligent | Cross-Site Scripting vulnerability in Telligent Evolution Cross-site scripting (XSS) vulnerability in controlpanel/loading.aspx in Telligent Evolution before 6.1.19.36103, 7.x before 7.1.12.36162, 7.5.x, and 7.6.x before 7.6.7.36651 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 4.3 |
2014-02-27 | CVE-2014-1968 | Riken | Cross-Site Scripting vulnerability in Riken Xoonips Cross-site scripting (XSS) vulnerability in the XooNIps module 3.47 and earlier for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-02-27 | CVE-2014-1263 | Apple | Cryptographic Issues vulnerability in Apple mac OS X curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport/Darwinssl backend, as used in in Apple OS X 10.9.x before 10.9.2, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate. | 4.3 |
2014-02-26 | CVE-2012-2134 | Martin Nagy | Resource Management Errors vulnerability in Martin Nagy Bind-Dyndb-Ldap The handle_connection_error function in ldap_helper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service (infinite loop and named server hang) via a non-alphabet character in the base DN in an LDAP search DNS query. | 4.3 |
2014-02-26 | CVE-2011-4580 | Redhat | Cross-Site Scripting vulnerability in Redhat Jboss Enterprise Portal Platform Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-02-26 | CVE-2013-7331 | Microsoft | Information Exposure vulnerability in Microsoft Internet Explorer The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014. | 4.3 |
2014-02-25 | CVE-2013-6047 | Ikiwiki Hosting Project | Cross-Site Scripting vulnerability in Ikiwiki Hosting Project Ikiwiki Hosting Multiple cross-site scripting (XSS) vulnerabilities in the site creation interface in ikiwiki-hosting before 0.20131025 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-02-27 | CVE-2014-2102 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Contact Center Express Editor Software Cisco Unified Contact Center Express (Unified CCX) does not properly restrict the content of the CCMConfig page, which allows remote authenticated users to obtain sensitive information by examining this content, aka Bug ID CSCum95575. | 4.0 |
2014-02-27 | CVE-2014-0820 | Cybozu | Path Traversal vulnerability in Cybozu Garoon Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors. | 4.0 |
2014-02-27 | CVE-2014-0746 | Cisco | Information Exposure vulnerability in Cisco Unified Contact Center Express Editor Software The disaster recovery system (DRS) in Cisco Unified Contact Center Express (Unified CCX) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCum95536. | 4.0 |
2014-02-26 | CVE-2013-6731 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Netezza Performance Portal 2.0/2.0.0.1/2.0.0.2 IBM Netezza Performance Portal 2.x before 2.0.0.3 allows remote authenticated users to change arbitrary passwords via an HTTP POST request. | 4.0 |
2014-02-26 | CVE-2014-0839 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Rational Focal Point IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to modify data via vectors involving a direct object reference. | 4.0 |
13 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-02-27 | CVE-2014-1257 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X CFNetwork in Apple OS X through 10.8.5 does not remove session cookies upon a Safari reset action, which allows physically proximate attackers to bypass intended access restrictions by leveraging an unattended workstation. | 3.6 |
2014-03-02 | CVE-2014-2091 | Atutor | Cross-Site Scripting vulnerability in Atutor 2.1.1 Cross-site scripting (XSS) vulnerability in mods/_standard/forums/admin/forum_add.php in ATutor 2.1.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the title parameter in an add_forum action. | 3.5 |
2014-03-02 | CVE-2014-2090 | Ilias | Cross-Site Scripting vulnerability in Ilias 4.4.1 Multiple cross-site scripting (XSS) vulnerabilities in ilias.php in ILIAS 4.4.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) tar, (2) tar_val, or (3) title parameter. | 3.5 |
2014-03-02 | CVE-2014-0334 | Cmsmadesimple | Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple allow remote authenticated users to inject arbitrary web script or HTML via (1) the group parameter to admin/addgroup.php, (2) the htmlblob parameter to admin/addhtmlblob.php, the (3) title or (4) url parameter to admin/addbookmark.php, (5) the stylesheet_name parameter to admin/copystylesheet.php, (6) the template_name parameter to admin/copytemplate.php, the (7) title or (8) url parameter to admin/editbookmark.php, (9) the template parameter to admin/listtemplates.php, or (10) the css_name parameter to admin/listcss.php, a different issue than CVE-2014-2092. | 3.5 |
2014-03-01 | CVE-2014-2067 | Jenkins | Cross-Site Scripting vulnerability in Jenkins Cross-site scripting (XSS) vulnerability in java/hudson/model/Cause.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to inject arbitrary web script or HTML via a "remote cause note." | 3.5 |
2014-02-28 | CVE-2014-0874 | IBM | Cross-Site Scripting vulnerability in IBM Content Navigator 2.0.0/2.0.1/2.0.2 Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter. | 3.5 |
2014-02-27 | CVE-2014-0858 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Content Navigator 2.0.0/2.0.1/2.0.2 IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to bypass intended access restrictions and conduct deleteAction attacks via a modified URL. | 3.5 |
2014-02-26 | CVE-2014-0853 | IBM | Cross-Site Scripting vulnerability in IBM Rational Focal Point Multiple cross-site scripting (XSS) vulnerabilities in the (1) ForwardController and (2) AttributeEditor scripts in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2014-02-26 | CVE-2014-0843 | IBM | Cross-Site Scripting vulnerability in IBM Rational Focal Point Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by uploading a file. | 3.5 |
2014-02-26 | CVE-2014-0840 | IBM | Cross-Site Scripting vulnerability in IBM Rational Focal Point Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2014-02-27 | CVE-2014-1264 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Finder in Apple OS X before 10.9.2 does not ensure ACL integrity after the viewing of file ACL information, which allows local users to bypass intended access restrictions in opportunistic circumstances via standard filesystem operations on a file with a damaged ACL. | 3.3 |
2014-02-26 | CVE-2011-1749 | Linux NFS | Improper Input Validation vulnerability in Linux-Nfs Nfs-Utils The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. | 3.3 |
2014-02-26 | CVE-2014-0058 | Redhat | Cryptographic Issues vulnerability in Redhat Jboss Enterprise Application Platform The security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the log files. | 1.9 |