Weekly Vulnerabilities Reports > March 3 to 9, 2014

Overview

100 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 24 high severity vulnerabilities. This weekly summary report vulnerabilities in 77 products from 52 vendors including IBM, Google, Adobe, Cisco, and Wordpress. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "SQL Injection", "Resource Management Errors", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 95 reported vulnerabilities are remotely exploitables.
  • 8 reported vulnerabilities have public exploit available.
  • 47 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 72 reported vulnerabilities are exploitable by an anonymous user.
  • IBM has the most reported vulnerabilities, with 21 reported vulnerabilities.
  • Cisco has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

7 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-03-06 CVE-2014-0703 Cisco Race Condition vulnerability in Cisco products

Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote attackers to bypass intended access restrictions by connecting to an Aironet access point on which this server had been disabled ineffectively, aka Bug ID CSCuf66202.

10.0
2014-03-06 CVE-2014-0683 Cisco Credentials Management vulnerability in Cisco products

The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.

10.0
2014-03-05 CVE-2014-2206 Getgosoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Getgosoft Getgo Download Manager

Stack-based buffer overflow in GetGo Download Manager 4.9.0.1982, 4.8.2.1346, 4.4.5.502, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long HTTP Response Header.

10.0
2014-03-03 CVE-2013-4977 Hikvision Buffer Errors vulnerability in Hikvision Ds-2Cd7153-E and Ds-2Cd7153-E Firmware

Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and possibly other devices, allows remote attackers to cause a denial of service (device crash and reboot) and possibly execute arbitrary code via a long string in the Range header field in an RTSP transaction.

10.0
2014-03-03 CVE-2013-4710 Google Improper Input Validation vulnerability in Google Android

Android 3.0 through 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly implement the WebView class, which allows remote attackers to execute arbitrary methods of Java objects or cause a denial of service (reboot) via a crafted web page, as demonstrated by use of the WebView.addJavascriptInterface method, a related issue to CVE-2012-6636.

9.3
2014-03-03 CVE-2013-4981 Avtech Buffer Errors vulnerability in Avtech Avn801 DVR and Avn801 DVR Firmware

Buffer overflow in cgi-bin/user/Config.cgi in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the Network.SMTP.Receivers parameter.

9.0
2014-03-03 CVE-2013-4980 Avtech Buffer Errors vulnerability in Avtech Avn801 DVR and Avn801 DVR Firmware

Buffer overflow in the RTSP Packet Handler in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the URI in an RTSP SETUP request.

9.0

24 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-03-06 CVE-2014-0629 EMC Permissions, Privileges, and Access Controls vulnerability in EMC Documentum Taskspace 6.7

EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dm_world group and the dm_superusers_dynamic group, which allows remote authenticated users to obtain sensitive information and gain privileges in opportunistic circumstances by leveraging an incorrect group-addition implementation.

8.5
2014-03-06 CVE-2014-1911 Foscam Improper Authentication vulnerability in Foscam Fi8919W and Fi8919W Firmware

The Foscam FI8910W camera with firmware before 11.37.2.55 allows remote attackers to obtain sensitive video and image data via a blank username and password.

7.8
2014-03-06 CVE-2014-0707 Cisco Resource Management Errors vulnerability in Cisco products

Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet frame, aka Bug ID CSCuf80681.

7.8
2014-03-06 CVE-2014-0706 Cisco Resource Management Errors vulnerability in Cisco products

Cisco Wireless LAN Controller (WLC) devices 7.2 before 7.2.115.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet frame, aka Bug ID CSCue87929.

7.8
2014-03-06 CVE-2014-0701 Cisco Resource Management Errors vulnerability in Cisco Wireless LAN Controller Software

Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, 7.3, and 7.4 before 7.4.110.0 do not properly deallocate memory, which allows remote attackers to cause a denial of service (reboot) by sending WebAuth login requests at a high rate, aka Bug ID CSCuf52361.

7.8
2014-03-09 CVE-2014-2316 Zemanta
Wordpress
SQL Injection vulnerability in Zemanta Search Everything 7.0.2

SQL injection vulnerability in se_search_default in the Search Everything plugin before 7.0.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the s parameter to index.php.

7.5
2014-03-09 CVE-2014-1945 Opendocman SQL Injection vulnerability in Opendocman

SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the add_value parameter.

7.5
2014-03-06 CVE-2013-6201 HP Remote Code Execution vulnerability in HP Security Management System

Unspecified vulnerability in HP Security Management System 3.3.0, 3.5.0 before patch 1, and 3.6.0 before patch 2 allows remote attackers to execute arbitrary code via unknown vectors.

7.5
2014-03-05 CVE-2013-3478 Apptha SQL Injection vulnerability in Apptha Video Gallery Plugin 1.6/2.0

SQL injection vulnerability in Apptha WordPress Video Gallery 2.0, 1.6, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the playid parameter to index.php.

7.5
2014-03-05 CVE-2013-6668 Google Multiple Security vulnerability in Google Chrome

Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5
2014-03-05 CVE-2013-6667 Google Multiple Security vulnerability in Google Chrome Prior to 33.0.1750.146

Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.146 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5
2014-03-05 CVE-2013-6665 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome

Heap-based buffer overflow in the ResourceProvider::InitializeSoftware function in cc/resources/resource_provider.cc in Google Chrome before 33.0.1750.146 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large texture size that triggers improper memory allocation in the software renderer.

7.5
2014-03-05 CVE-2013-6664 Google Resource Management Errors vulnerability in Google Chrome

Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving FORM elements, as demonstrated by use of the speech-recognition feature.

7.5
2014-03-05 CVE-2013-6663 Google Resource Management Errors vulnerability in Google Chrome

Use-after-free vulnerability in the SVGImage::setContainerSize function in core/svg/graphics/SVGImage.cpp in the SVG implementation in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the resizing of a view.

7.5
2014-03-03 CVE-2014-2211 Posh Project SQL Injection vulnerability in Posh Project Posh

SQL injection vulnerability in portal/addtoapplication.php in POSH (aka Posh portal or Portaneo) 3.0 before 3.3.0 allows remote attackers to execute arbitrary SQL commands via the rssurl parameter.

7.5
2014-03-03 CVE-2014-2013 Artifex Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Artifex Mupdf

Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element.

7.5
2014-03-03 CVE-2014-1939 Google
Lenovo
Code Injection vulnerability in multiple products

java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at certain Android API levels.

7.5
2014-03-03 CVE-2014-1884 Apache
Microsoft
Adobe
Permissions, Privileges, and Access Controls vulnerability in multiple products

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2) with the XMLHttpRequest method by a crafted application.

7.5
2014-03-03 CVE-2014-1883 Adobe Permissions, Privileges, and Access Controls vulnerability in Adobe Phonegap

Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2) with the XMLHttpRequest method by a crafted application.

7.5
2014-03-03 CVE-2014-1882 Adobe
Apache
Permissions, Privileges, and Access Controls vulnerability in multiple products

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated by certain cordova.require calls.

7.5
2014-03-03 CVE-2014-1881 Apache
Adobe
Permissions, Privileges, and Access Controls vulnerability in multiple products

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler return value as an alternative to correct synchronization.

7.5
2014-03-03 CVE-2012-6637 Apache
Adobe
Improper Input Validation vulnerability in multiple products

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection mechanism via a domain name that contains an acceptable name as an initial substring.

7.5
2014-03-06 CVE-2014-0705 Cisco Resource Management Errors vulnerability in Cisco products

The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, aka Bug ID CSCuh74233.

7.1
2014-03-06 CVE-2014-0704 Cisco Resource Management Errors vulnerability in Cisco products

The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 before 7.0.250.0, 7.1, 7.2, and 7.3, when IGMPv3 Snooping is enabled, allows remote attackers to cause a denial of service (memory over-read and device restart) via a crafted field in an IGMPv3 message, aka Bug ID CSCuh33240.

7.1

55 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-03-09 CVE-2014-2317 Opendocman SQL Injection vulnerability in Opendocman

SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the table parameter.

6.8
2014-03-06 CVE-2014-0336 Serena Cross-Site Request Forgery (CSRF) vulnerability in Serena Dimensions CM 12.2

Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that use the user_new_master parameter to the adminconsole/ URI.

6.8
2014-03-03 CVE-2013-3260 Inmatrix Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Inmatrix Zoom Player

Heap-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 allows remote attackers to execute arbitrary code via a large biClrUsed value in a BMP file.

6.8
2014-03-03 CVE-2013-3259 Inmatrix Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Inmatrix Zoom Player

Stack-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 allows remote attackers to execute arbitrary code via a large biClrUsed value in a BMP file.

6.8
2014-03-03 CVE-2014-1886 Edinburghtour
Adobe
Permissions, Privileges, and Access Controls vulnerability in Edinburghtour Edinburgh BY BUS

The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number of "obscure Eastern European dating sites."

6.8
2014-03-03 CVE-2012-6636 Google Permissions, Privileges, and Access Controls vulnerability in Google Android API

The Android API before 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote attackers to execute arbitrary methods of Java objects by using the Java Reflection API within crafted JavaScript code that is loaded into the WebView component in an application targeted to API level 16 or earlier, a related issue to CVE-2013-4710.

6.8
2014-03-09 CVE-2013-2046 Owncloud SQL Injection vulnerability in Owncloud

SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4.5.x before 4.5.11 and 5.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.5
2014-03-09 CVE-2013-2045 Owncloud SQL Injection vulnerability in Owncloud

SQL injection vulnerability in lib/db.php in ownCloud Server 5.0.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.5
2014-03-09 CVE-2013-1893 Owncloud SQL Injection vulnerability in Owncloud

SQL injection vulnerability in addressbookprovider.php in ownCloud Server before 5.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, related to the contacts application.

6.5
2014-03-05 CVE-2014-2238 Mantisbt SQL Injection vulnerability in Mantisbt

SQL injection vulnerability in the manage configuration page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.16 allows remote authenticated administrators to execute arbitrary SQL commands via the filter_config_id parameter.

6.5
2014-03-05 CVE-2013-6331 IBM SQL Injection vulnerability in IBM Algo ONE

SQL injection vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6302.

6.5
2014-03-05 CVE-2013-6302 IBM SQL Injection vulnerability in IBM Algo ONE

SQL injection vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6331.

6.5
2014-03-09 CVE-2013-4966 Puppet Improper Authentication vulnerability in Puppet Enterprise

The master external node classification script in Puppet Enterprise before 3.2.0 does not verify the identity of consoles, which allows remote attackers to create arbitrary classifications on the master by spoofing a console.

6.4
2014-03-06 CVE-2014-1907 Videowhisper
Wordpress
Path Traversal vulnerability in Videowhisper Live Streaming Integration Plugin

Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a ..

6.4
2014-03-06 CVE-2012-6619 Mongodb Improper Input Validation vulnerability in Mongodb

The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service (crash) or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read.

6.4
2014-03-05 CVE-2014-2234 Apple Improper Input Validation vulnerability in Apple mac OS X

A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent (TEA) feature without terminating certain TLS/SSL handshakes as specified in the SSL_CTX_set_verify callback function's documentation, which allows remote attackers to bypass extra verification within a custom application via a crafted certificate chain that is acceptable to TEA but not acceptable to that application.

6.4
2014-03-03 CVE-2014-1885 Hsgroup
Adobe
Permissions, Privileges, and Access Controls vulnerability in Hsgroup Forzearmate

The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-storage resources, by leveraging control over any Google syndication advertising domain.

6.4
2014-03-06 CVE-2013-6719 IBM OS Command Injection vulnerability in IBM Tealeaf CX

delivery.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the testconn_host parameter.

6.0
2014-03-05 CVE-2014-2245 Cmsmadesimple SQL Injection vulnerability in Cmsmadesimple CMS Made Simple

SQL injection vulnerability in the News module in CMS Made Simple (CMSMS) before 1.11.10 allows remote authenticated users with the "Modify News" permission to execute arbitrary SQL commands via the sortby parameter to admin/moduleinterface.php.

6.0
2014-03-07 CVE-2014-1959 GNU Permissions, Privileges, and Access Controls vulnerability in GNU Gnutls

lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.

5.8
2014-03-07 CVE-2014-0092 GNU Cryptographic Issues vulnerability in GNU Gnutls

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

5.8
2014-03-07 CVE-2009-5138 GNU Permissions, Privileges, and Access Controls vulnerability in GNU Gnutls

GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates, a different vulnerability than CVE-2014-1959.

5.8
2014-03-05 CVE-2013-6666 Google Permissions, Privileges, and Access Controls vulnerability in Google Chrome

The PepperFlashRendererHost::OnNavigate function in renderer/pepper/pepper_flash_renderer_host.cc in Google Chrome before 33.0.1750.146 does not verify that all headers are Cross-Origin Resource Sharing (CORS) simple headers before proceeding with a PPB_Flash.Navigate operation, which might allow remote attackers to bypass intended CORS restrictions via an inappropriate header.

5.8
2014-03-06 CVE-2013-6720 IBM Path Traversal vulnerability in IBM Tealeaf CX

Directory traversal vulnerability in download.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to bypass intended access restrictions via a ..

5.5
2014-03-09 CVE-2013-4971 Puppet Permissions, Privileges, and Access Controls vulnerability in Puppet Enterprise

Puppet Enterprise before 3.2.0 does not properly restrict access to node endpoints in the console, which allows remote attackers to obtain sensitive information via unspecified vectors.

5.0
2014-03-06 CVE-2013-3706 Novell Path Traversal vulnerability in Novell Zenworks Configuration Management 11.2

Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a ..

5.0
2014-03-05 CVE-2013-5468 IBM Cryptographic Issues vulnerability in IBM Algo ONE

IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, does not encrypt login requests, which allows remote attackers to obtain sensitive information by sniffing the network.

5.0
2014-03-09 CVE-2013-7322 Nongnu Improper Authentication vulnerability in Nongnu Oath Toolkit

usersfile.c in liboath in OATH Toolkit before 2.4.1 does not properly handle lines containing an invalid one-time-password (OTP) type and a user name in /etc/users.oath, which causes the wrong line to be updated when invalidating an OTP and allows context-dependent attackers to conduct replay attacks, as demonstrated by a commented out line when using libpam-oath.

4.9
2014-03-04 CVE-2014-0845 IBM Improper Input Validation vulnerability in IBM products

Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

4.9
2014-03-09 CVE-2014-2315 Shinephp
Wordpress
Cross-Site Scripting vulnerability in Shinephp Thank YOU Counter Button 1.8.7

Multiple cross-site scripting (XSS) vulnerabilities in the Thank You Counter Button plugin 1.8.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) thanks_caption, (2) thanks_caption_style, or (3) thanks_style parameter to wp-admin/options.php.

4.3
2014-03-09 CVE-2014-2314 Atlassian
Microsoft
Path Traversal vulnerability in Atlassian Jira

Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA before 6.0.4 allows remote attackers to create arbitrary files via unspecified vectors.

4.3
2014-03-09 CVE-2014-2313 Atlassian
Microsoft
Path Traversal vulnerability in Atlassian Jira

Directory traversal vulnerability in the Importers plugin in Atlassian JIRA before 6.0.5 allows remote attackers to create arbitrary files via unspecified vectors.

4.3
2014-03-09 CVE-2014-1944 Ilch Cross-Site Scripting vulnerability in Ilch CMS 2.0

Cross-site scripting (XSS) vulnerability in Ilch CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the text parameter to index.php/guestbook/index/newentry.

4.3
2014-03-09 CVE-2014-1599 SFR Cross-Site Scripting vulnerability in SFR BOX Router and SFR BOX Router Firmware

Multiple cross-site scripting (XSS) vulnerabilities in the SFR Box router with firmware NB6-MAIN-R3.3.4 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) dns, (2) dhcp, (3) nat, (4) route, or (5) lan in network/; or (6) wifi/config.

4.3
2014-03-09 CVE-2013-6233 ENG Cross-Site Scripting vulnerability in ENG Spagobi 4.0

Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field in the "Short document metadata."

4.3
2014-03-09 CVE-2013-2270 Airvana
Sprint
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in the administration page in Airvana HubBub C1-600-RT and Sprint AIRAVE 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-03-09 CVE-2013-1890 Owncloud Cross-Site Scripting vulnerability in Owncloud

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) new_name parameter to apps/bookmarks/ajax/renameTag.php or (2) multiple unspecified parameters to unknown files in apps/contacts/ajax/.

4.3
2014-03-06 CVE-2014-1906 Videowhisper Cross-Site Scripting vulnerability in Videowhisper Live Streaming Integration Plugin

Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) m parameter to lb_status.php; (2) msg parameter to vc_chatlog.php; n parameter to (3) channel.php, (4) htmlchat.php, (5) video.php, or (6) videotext.php; (7) message parameter to lb_logout.php; or ct parameter to (8) lb_status.php or (9) v_status.php in ls/.

4.3
2014-03-06 CVE-2014-0335 Serena Cross-Site Scripting vulnerability in Serena Dimensions CM 12.2

Multiple cross-site scripting (XSS) vulnerabilities in the web client in Serena Dimensions CM 12.2 build 7.199.0 allow remote attackers to inject arbitrary web script or HTML via the (1) DB_CONN, (2) DB_NAME, (3) DM_HOST, (4) MAN_DB_NAME, (5) framecmd, (6) identifier, (7) merant.adm.adapters.AdmDialogPropertyMgr, (8) nav_frame, (9) nav_jsp, (10) target_frame, (11) id, or (12) type parameter to the dimensions/ URI.

4.3
2014-03-06 CVE-2013-6315 IBM Improper Input Validation vulnerability in IBM Enterprise Records and Infosphere Enterprise Records

IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and Enterprise Records 5.1.1 before 5.1.1.1-IER-IF003 do not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

4.3
2014-03-05 CVE-2014-2236 Askbot Cross-Site Scripting vulnerability in Askbot

Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) tag or (2) user search forms.

4.3
2014-03-05 CVE-2014-2235 Askbot Cross-Site Scripting vulnerability in Askbot

Cross-site scripting (XSS) vulnerability in Askbot before 0.7.49 allows remote attackers to inject arbitrary web script or HTML via vectors related to the question search form.

4.3
2014-03-05 CVE-2013-6318 IBM Cross-Site Scripting vulnerability in IBM Algo ONE

Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-03-04 CVE-2013-6730 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Portal

IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x before 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF10, when the wcm.path.traversal.security setting is enabled, allows remote attackers to bypass intended read restrictions on an item by accessing that item within search results.

4.3
2014-03-03 CVE-2014-1840 Mybb Cross-Site Scripting vulnerability in Mybb

Cross-site scripting (XSS) vulnerability in Upload/search.php in MyBB 1.6.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a do_search action, which is not properly handled in a forced SQL error message.

4.3
2014-03-03 CVE-2014-1684 Videolan Numeric Errors vulnerability in Videolan VLC Media Player

The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.

4.3
2014-03-03 CVE-2013-3487 AIT PRO
Wordpress
Cross-Site Scripting vulnerability in Ait-Pro Bulletproof-Security

Multiple cross-site scripting (XSS) vulnerabilities in the security log in the BulletProof Security plugin before .49 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified HTML header fields to (1) 400.php, (2) 403.php, or (3) 403.php.

4.3
2014-03-03 CVE-2013-1409 Commentluv
Wordpress
Cross-Site Scripting vulnerability in Commentluv

Cross-site scripting (XSS) vulnerability in the CommentLuv plugin before 2.92.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the _ajax_nonce parameter to wp-admin/admin-ajax.php.

4.3
2014-03-03 CVE-2011-4696 EYE Path Traversal vulnerability in EYE Eye-Fi Helper

Directory traversal vulnerability in Eye-Fi Helper before 3.4.23 allows man-in-the-middle attackers to create arbitrary files via a ..

4.3
2014-03-03 CVE-2014-1887 Drinkedin
Adobe
Permissions, Privileges, and Access Controls vulnerability in Drinkedin Barfinder

The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geolocation information, by leveraging control over one of a number of adult sites, as demonstrated by (1) freelifetimecheating.com and (2) www.babesroulette.com.

4.3
2014-03-06 CVE-2013-6437 Openstack Resource Management Errors vulnerability in Openstack Nova

The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backing file.

4.0
2014-03-06 CVE-2014-0630 EMC Permissions, Privileges, and Access Controls vulnerability in EMC Documentum Taskspace 6.7

EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 allows remote authenticated users to read arbitrary files via a modified imaging-service URL.

4.0
2014-03-06 CVE-2013-6304 IBM Path Traversal vulnerability in IBM Algo ONE and Algo Risk Application

Multiple directory traversal vulnerabilities in Algo Risk Application (ARA) 2.4.0.1 through 4.9.1 in IBM Algo One allow remote authenticated users to bypass intended access restrictions via a crafted pathname for a (1) configuration or (2) JAR file.

4.0
2014-03-05 CVE-2013-6319 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Algo ONE

IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to bypass intended access restrictions and read content via unspecified vectors.

4.0
2014-03-05 CVE-2013-6303 IBM Path Traversal vulnerability in IBM Algo ONE

Directory traversal vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to read arbitrary files via unspecified vectors.

4.0

14 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-03-09 CVE-2013-6232 ENG Cross-Site Scripting vulnerability in ENG Spagobi 4.0

Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows remote authenticated users to inject arbitrary web script or HTML via a document note in the execution page.

3.5
2014-03-06 CVE-2013-6314 IBM Cross-Site Scripting vulnerability in IBM Enterprise Records and Infosphere Enterprise Records

Cross-site scripting (XSS) vulnerability in IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and Enterprise Records 5.1.1 before 5.1.1.1-IER-IF003 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2014-03-05 CVE-2013-6333 IBM Cross-Site Scripting vulnerability in IBM Algo ONE

Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6299, CVE-2013-6300, CVE-2013-6301, and CVE-2013-6320.

3.5
2014-03-05 CVE-2013-6320 IBM Cross-Site Scripting vulnerability in IBM Algo ONE

Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6299, CVE-2013-6300, CVE-2013-6301, and CVE-2013-6333.

3.5
2014-03-05 CVE-2013-6301 IBM Cross-Site Scripting vulnerability in IBM Algo ONE

Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6299, CVE-2013-6300, CVE-2013-6320, and CVE-2013-6333.

3.5
2014-03-05 CVE-2013-6300 IBM Cross-Site Scripting vulnerability in IBM Algo ONE

Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6299, CVE-2013-6301, CVE-2013-6320, and CVE-2013-6333.

3.5
2014-03-05 CVE-2013-6299 IBM Cross-Site Scripting vulnerability in IBM Algo ONE

Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6300, CVE-2013-6301, CVE-2013-6320, and CVE-2013-6333.

3.5
2014-03-04 CVE-2014-0846 IBM Cross-Site Scripting vulnerability in IBM products

Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5
2014-03-04 CVE-2014-0844 IBM Information Disclosure vulnerability in IBM products

Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to read arbitrary data via unknown vectors.

3.5
2014-03-06 CVE-2014-0624 EMC Unspecified vulnerability in EMC RSA Data Loss Prevention 9.0/9.5/9.6

EMC RSA Data Loss Prevention (DLP) 9.x before 9.6-SP2 does not properly manage sessions, which allows remote authenticated users to gain privileges and bypass intended content-reading restrictions via unspecified vectors.

2.7
2014-03-03 CVE-2014-2040 Jordy Meow Cross-Site Scripting vulnerability in Jordy Meow Media File Renamer 1.7.0

Multiple cross-site scripting (XSS) vulnerabilities in the (1) callback_multicheck, (2) callback_radio, and (3) callback_wysiwygin functions in mfrh_class.settings-api.php in the Media File Renamer plugin 1.7.0 for WordPress allow remote authenticated users with permissions to add media or edit media to inject arbitrary web script or HTML via unspecified parameters, as demonstrated by the title of an uploaded file.

2.1
2014-03-03 CVE-2013-6493 Redhat Information Exposure vulnerability in Redhat Icedtea-Web

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp.

2.1
2014-03-06 CVE-2011-3153 Canonical
Robert Ancell
Link Following vulnerability in multiple products

dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.

1.9
2014-03-06 CVE-2014-0890 IBM Credentials Management vulnerability in IBM Sametime

The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0, and 9.0.0.1, when a certain com.ibm.collaboration.realtime.telephony.*.level setting is used, logs cleartext passwords during Audio/Video chat sessions, which allows local users to obtain sensitive information by reading a log file.

1.9