Weekly Vulnerabilities Reports > April 7 to 13, 2014
Overview
109 new vulnerabilities reported during this period, including 13 critical vulnerabilities and 38 high severity vulnerabilities. This weekly summary report vulnerabilities in 149 products from 66 vendors including SAP, Microsoft, Advantech, Cisco, and Tibco. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "SQL Injection", and "Improper Input Validation".
- 104 reported vulnerabilities are remotely exploitables.
- 11 reported vulnerabilities have public exploit available.
- 31 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 101 reported vulnerabilities are exploitable by an anonymous user.
- SAP has the most reported vulnerabilities, with 17 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 9 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
13 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-04-12 | CVE-2014-0787 | Wellintech | Buffer Errors vulnerability in Wellintech Kingscada 3.1/3.1.2 Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet. | 10.0 |
2014-04-12 | CVE-2014-0349 | J2K Codec | Remote Code Execution vulnerability in J2K-Codec Multiple unspecified vulnerabilities in J2k-Codec allow remote attackers to execute arbitrary code via a crafted JPEG 2000 file. | 10.0 |
2014-04-12 | CVE-2014-2389 | Blackberry | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Blackberry OS and Blackberry Z10 Stack-based buffer overflow in a certain decryption function in qconnDoor on BlackBerry Z10 devices with software 10.1.0.2312, when developer-mode has been previously enabled, allows remote attackers to execute arbitrary code via a crafted packet in a TCP session on a wireless network. | 9.3 |
2014-04-11 | CVE-2014-1209 | Vmware | Improper Input Validation vulnerability in VMWare Vsphere Client VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution of an arbitrary program via unspecified vectors. | 9.3 |
2014-04-08 | CVE-2014-1760 | Microsoft | Buffer Errors vulnerability in Microsoft Internet Explorer 11 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 9.3 |
2014-04-08 | CVE-2014-1759 | Microsoft | Remote Code Execution vulnerability in Microsoft Publisher 2003/2007 pubconv.dll in Microsoft Publisher 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via a crafted .pub file, aka "Arbitrary Pointer Dereference Vulnerability." | 9.3 |
2014-04-08 | CVE-2014-1758 | Microsoft | Buffer Errors vulnerability in Microsoft Word 2003 Stack-based buffer overflow in Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Word Stack Overflow Vulnerability." | 9.3 |
2014-04-08 | CVE-2014-1757 | Microsoft | Buffer Errors vulnerability in Microsoft Office Compatibility Pack and Word Microsoft Word 2007 SP3 and 2010 SP1 and SP2, and Office Compatibility Pack SP3, allocates memory incorrectly for file conversions from a binary (aka .doc) format to a newer format, which allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office File Format Converter Vulnerability." | 9.3 |
2014-04-08 | CVE-2014-1755 | Microsoft | Buffer Errors vulnerability in Microsoft Internet Explorer 9 Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0235 and CVE-2014-1751. | 9.3 |
2014-04-08 | CVE-2014-1753 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 9.3 |
2014-04-08 | CVE-2014-1752 | Microsoft | Buffer Errors vulnerability in Microsoft Internet Explorer 6/7 Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 9.3 |
2014-04-08 | CVE-2014-1751 | Microsoft | Buffer Errors vulnerability in Microsoft Internet Explorer 9 Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0235 and CVE-2014-1755. | 9.3 |
2014-04-08 | CVE-2014-0507 | Adobe Apple Microsoft Linux | Buffer Errors vulnerability in Adobe Air, Adobe AIR SDK and Flash Player Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows attackers to execute arbitrary code via unspecified vectors. | 9.3 |
38 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-04-11 | CVE-2014-2850 | Sophos | OS Command Injection vulnerability in Sophos web Appliance and web Appliance Firmware The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter. | 8.5 |
2014-04-11 | CVE-2014-2849 | Sophos | Permissions, Privileges, and Access Controls vulnerability in Sophos web Appliance and web Appliance Firmware The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request. | 8.5 |
2014-04-11 | CVE-2014-0777 | Ioserver | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ioserver OPC Server and OPC Drivers The Modbus slave/outstation driver in the OPC Drivers 1.0.20 and earlier in IOServer OPC Server allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted packet. | 7.8 |
2014-04-11 | CVE-2014-2829 | Erlang Solutions | Permissions, Privileges, and Access Controls vulnerability in Erlang-Solutions Mongooseim Erlang Solutions MongooseIM through 1.3.1 rev. | 7.8 |
2014-04-11 | CVE-2014-2746 | Tigase | Permissions, Privileges, and Access Controls vulnerability in Tigase 5.2.0 net/IOService.java in Tigase before 5.2.1 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack. | 7.8 |
2014-04-11 | CVE-2014-2745 | Prosody | Permissions, Privileges, and Access Controls vulnerability in Prosody Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack, related to core/portmanager.lua and util/xmppstream.lua. | 7.8 |
2014-04-11 | CVE-2014-2744 | Lightwitch Prosody | Improper Input Validation vulnerability in multiple products plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightwitch Metronome through 3.4 negotiates stream compression while a session is unauthenticated, which allows remote attackers to cause a denial of service (resource consumption) via compressed XML elements in an XMPP stream, aka an "xmppbomb" attack. | 7.8 |
2014-04-11 | CVE-2014-2743 | Lightwitch | Permissions, Privileges, and Access Controls vulnerability in Lightwitch Metronome 3.4 plugins/mod_compression.lua in Lightwitch Metronome through 3.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack. | 7.8 |
2014-04-11 | CVE-2014-2742 | Isode | Permissions, Privileges, and Access Controls vulnerability in Isode M-Link Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack. | 7.8 |
2014-04-11 | CVE-2014-2741 | Igniterealtime | Permissions, Privileges, and Access Controls vulnerability in Igniterealtime Openfire nio/XMLLightweightParser.java in Ignite Realtime Openfire before 3.9.2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack. | 7.8 |
2014-04-12 | CVE-2014-0773 | Advantech | Security Bypass vulnerability in Advantech Webaccess 5.0/6.0/7.0 The CreateProcess method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to execute (1) setup.exe, (2) bwvbprt.exe, and (3) bwvbprtl.exe programs from arbitrary pathnames via a crafted argument, as demonstrated by a UNC share pathname. | 7.5 |
2014-04-12 | CVE-2014-0770 | Advantech | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0/7.0 Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long UserName parameter. | 7.5 |
2014-04-12 | CVE-2014-0768 | Advantech | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0/7.0 Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long AccessCode2 argument. | 7.5 |
2014-04-12 | CVE-2014-0767 | Advantech | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0/7.0 Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long AccessCode argument. | 7.5 |
2014-04-12 | CVE-2014-0766 | Advantech | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0/7.0 Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName2 argument. | 7.5 |
2014-04-12 | CVE-2014-0765 | Advantech | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0/7.0 Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long GotoCmd argument. | 7.5 |
2014-04-12 | CVE-2014-0764 | Advantech | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0/7.0 Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName parameter. | 7.5 |
2014-04-12 | CVE-2014-0763 | Advantech | SQL Injection vulnerability in Advantech Webaccess 5.0/6.0/7.0 Multiple SQL injection vulnerabilities in DBVisitor.dll in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary SQL commands via SOAP requests to unspecified functions. | 7.5 |
2014-04-11 | CVE-2014-2847 | Construtiva | SQL Injection vulnerability in Construtiva CIS Manager CMS SQL injection vulnerability in default.asp in CIS Manager CMS allows remote attackers to execute arbitrary SQL commands via the TroncoID parameter. | 7.5 |
2014-04-11 | CVE-2014-2540 | Orbitscripts | SQL Injection vulnerability in Orbitscripts Orbit Open AD Server 1.1.0 SQL injection vulnerability in OrbitScripts Orbit Open Ad Server before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the site_directory_sort_field parameter to guest/site_directory. | 7.5 |
2014-04-10 | CVE-2014-2752 | SAP | Credentials Management vulnerability in SAP Business Object Processing Framework for Abap SAP Business Object Processing Framework (BOPF) for ABAP has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors. | 7.5 |
2014-04-10 | CVE-2014-2751 | SAP | Credentials Management vulnerability in SAP Print and Output Management SAP Print and Output Management has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors. | 7.5 |
2014-04-10 | CVE-2014-2748 | SAP | Permissions, Privileges, and Access Controls vulnerability in SAP Enhancement Package 6.0 The Security Audit Log facility in SAP Enhancement Package (EHP) 6 for SAP ERP 6.0 allows remote attackers to modify or delete arbitrary log classes via unspecified vectors. | 7.5 |
2014-04-10 | CVE-2013-7367 | SAP | Permissions, Privileges, and Access Controls vulnerability in SAP Enterprise Portal SAP Enterprise Portal does not properly restrict access to the Federation configuration pages, which allows remote attackers to gain privileges via unspecified vectors. | 7.5 |
2014-04-10 | CVE-2013-7364 | SAP | Permissions, Privileges, and Access Controls vulnerability in SAP Netweaver An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors. | 7.5 |
2014-04-10 | CVE-2013-7363 | SAP | Unspecified vulnerability in SAP Solution Manager Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote attackers to obtain sensitive information, modify the configuration of applications, and install or remove applications via vectors involving the P4 protocol. | 7.5 |
2014-04-10 | CVE-2013-7362 | SAP | Code Injection vulnerability in SAP Ccms Agent An unspecified RFC function in SAP CCMS Agent allows remote attackers to execute arbitrary commands via unknown vectors. | 7.5 |
2014-04-10 | CVE-2013-7360 | SAP | Arbitrary File Read and Write vulnerability in SAP Adminadapter Unspecified vulnerability in SAP adminadapter allows remote attackers to read or write to arbitrary files via unknown vectors. | 7.5 |
2014-04-10 | CVE-2013-7355 | SAP | SQL Injection vulnerability in SAP BI Universal Data Integration SQL injection vulnerability in SAP BI Universal Data Integration allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to the J2EE schema. | 7.5 |
2014-04-10 | CVE-2014-2708 | Cacti | SQL Injection vulnerability in Cacti 0.8.8B Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the (1) graph_start, (2) graph_end, (3) graph_height, (4) graph_width, (5) graph_nolegend, (6) print_source, (7) local_graph_id, or (8) rra_id parameter. | 7.5 |
2014-04-10 | CVE-2014-1455 | Pearson | SQL Injection vulnerability in Pearson Esis Enterprise Student Information System 3.3.0.13 SQL injection vulnerability in the password reset functionality in Pearson eSIS Enterprise Student Information System, possibly 3.3.0.13 and earlier, allows remote attackers to execute arbitrary SQL commands via the new password. | 7.5 |
2014-04-10 | CVE-2014-2544 | Tibco | Code Execution vulnerability in Multiple TIBCO Spotfire Products Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors. | 7.5 |
2014-04-08 | CVE-2014-2543 | Tibco | Buffer Errors vulnerability in Tibco Messaging Appliance, Rendezvous and Substantiation ES Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data. | 7.5 |
2014-04-08 | CVE-2012-6643 | Clip Bucket | SQL Injection vulnerability in Clip-Bucket Clipbucket 2.6 Multiple SQL injection vulnerabilities in the update_counter function in includes/functions.php in ClipBucket 2.6 allow remote attackers to execute arbitrary SQL commands via the time parameter to (1) videos.php or (2) channels.php. | 7.5 |
2014-04-08 | CVE-2011-5278 | Advanced Forum Signatures Project | SQL Injection vulnerability in Advanced Forum Signatures Project Advanced Forum Signatures 2.0.4 SQL injection vulnerability in signature.php in Advanced Forum Signatures plugin (aka afsignatures) 2.0.4 for MyBB allows remote attackers to execute arbitrary SQL commands via the afs_bar_right parameter. | 7.5 |
2014-04-08 | CVE-2011-5277 | Advanced Forum Signatures Project | SQL Injection vulnerability in Advanced Forum Signatures Project Advanced Forum Signatures 2.0.4 Multiple SQL injection vulnerabilities in signature.php in the Advanced Forum Signatures (aka afsignatures) plugin 2.0.4 for MyBB allow remote attackers to execute arbitrary SQL commands via the (1) afs_type, (2) afs_background, (3) afs_showonline, (4) afs_bar_left, (5) afs_bar_center, (6) afs_full_line1, (7) afs_full_line2, (8) afs_full_line3, (9) afs_full_line4, (10) afs_full_line5, or (11) afs_full_line6 parameter. | 7.5 |
2014-04-07 | CVE-2014-0160 | Openssl Filezilla Project Siemens Intellian Mitel Opensuse Canonical Fedoraproject Redhat Debian Ricon | Out-of-bounds Read vulnerability in multiple products The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. | 7.5 |
2014-04-12 | CVE-2013-2809 | Osisoft | Improper Input Validation vulnerability in Osisoft PI Interface The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows remote attackers to cause a denial of service (interface shutdown) via a crafted TCP packet. | 7.1 |
55 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-04-11 | CVE-2014-2848 | Tenable | Race Condition vulnerability in Tenable Nessus and Plugin-Set A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program. | 6.9 |
2014-04-08 | CVE-2014-0315 | Microsoft | Untrusted Search Path vulnerability in Microsoft products Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka "Windows File Handling Vulnerability." Per: http://cwe.mitre.org/data/definitions/426.html "CWE-426: Untrusted Search Path" | 6.9 |
2014-04-07 | CVE-2012-2095 | David Paleino Fedoraproject | Improper Input Validation vulnerability in multiple products The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message. | 6.9 |
2014-04-11 | CVE-2014-0172 | Elfutils Project | Numeric Errors vulnerability in Elfutils Project Elfutils Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed compressed debug section in an ELF file, which triggers a heap-based buffer overflow. | 6.8 |
2014-04-11 | CVE-2013-6369 | Cambridge Enterprise | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cambridge Enterprise Jbig-Kit Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted image file. | 6.8 |
2014-04-11 | CVE-2013-2708 | Snilesh | Cross-Site Request Forgery (CSRF) vulnerability in Snilesh Content Slide 1.4.2 Cross-site request forgery (CSRF) vulnerability in the Content Slide plugin 1.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. | 6.8 |
2014-04-11 | CVE-2013-2706 | Rodrigo Polo Wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Rodrigo Polo Stream Video Player 1.4.0 Cross-site request forgery (CSRF) vulnerability in the Stream Video Player plugin 1.4.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. | 6.8 |
2014-04-10 | CVE-2013-3252 | Lesterchan | Cross-Site Request Forgery (CSRF) vulnerability in Lesterchan Wp-Postviews Cross-site request forgery (CSRF) vulnerability in the options admin page in the WP-PostViews plugin before 1.63 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. | 6.8 |
2014-04-10 | CVE-2013-3251 | Qianqin | Cross-Site Request Forgery (CSRF) vulnerability in Qianqin Qtranslate 2.5.34 Cross-site request forgery (CSRF) vulnerability in the qTranslate plugin 2.5.34 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. | 6.8 |
2014-04-10 | CVE-2013-2699 | Underconstruction Project | Cross-Site Request Forgery (CSRF) vulnerability in Underconstruction Project Underconstruction Cross-site request forgery (CSRF) vulnerability in the underConstruction plugin before 1.09 for WordPress allows remote attackers to hijack the authentication of administrators for requests that deactivate a plugin via unspecified vectors. | 6.8 |
2014-04-10 | CVE-2013-2693 | WP Plugins | Cross-Site Request Forgery (CSRF) vulnerability in Wp-Plugins Wp-Print Cross-site request forgery (CSRF) vulnerability in the Options in the WP-Print plugin before 2.52 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unspecified vectors. | 6.8 |
2014-04-10 | CVE-2012-4921 | DVS Custom Notification Project | Cross-Site Request Forgery (CSRF) vulnerability in DVS Custom Notification Project DVS Custom Notification 1.0.1 Multiple cross-site request forgery (CSRF) vulnerabilities in the DVS Custom Notification plugin 1.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change application settings or (2) conduct cross-site scripting (XSS) attacks. | 6.8 |
2014-04-10 | CVE-2013-6468 | Redhat | Code Injection vulnerability in Redhat products JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression. | 6.5 |
2014-04-10 | CVE-2014-0166 | Wordpress | Improper Authentication vulnerability in Wordpress The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote attackers to obtain access via a forged cookie. | 6.4 |
2014-04-10 | CVE-2014-0908 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Business Process Manager The User Attribute implementation in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.2, and 8.5.x through 8.5.0.1 does not verify authorization for read or write access to attribute values, which allows remote authenticated users to obtain sensitive information, configure e-mail notifications, or modify task assignments via REST API calls. | 6.0 |
2014-04-11 | CVE-2014-1210 | Vmware | Cryptographic Issues vulnerability in VMWare Vsphere Client 5.0/5.1 VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate. | 5.8 |
2014-04-11 | CVE-2014-0636 | Dell | Cryptographic Issues vulnerability in Dell Bsafe Micro-Edition-Suite EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain. | 5.8 |
2014-04-11 | CVE-2014-1969 | Apps4U Android | Path Traversal vulnerability in Apps4U@Android SD Card Manager 20140223 Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename. | 5.8 |
2014-04-11 | CVE-2014-1985 | Redmine | Improper Input Validation vulnerability in Redmine Open redirect vulnerability in the redirect_back_or_default function in app/controllers/application_controller.rb in Redmine before 2.4.5 and 2.5.x before 2.5.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the back url (back_url parameter). | 5.8 |
2014-04-10 | CVE-2014-2583 | Linux PAM | Path Traversal vulnerability in Linux-Pam 1.1.8 Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. | 5.8 |
2014-04-10 | CVE-2013-0740 | Dell | Improper Input Validation vulnerability in Dell Openmanage Server Administrator Open redirect vulnerability in Dell OpenManage Server Administrator (OMSA) before 7.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the file parameter to HelpViewer. | 5.8 |
2014-04-12 | CVE-2014-2142 | Cisco | Denial of Service vulnerability in Cisco products Cisco ONS 15454 controller cards with software 10.0 and earlier allow remote attackers to cause a denial of service (card reload) via a crafted HTTP URI, aka Bug ID CSCun06870. | 5.0 |
2014-04-12 | CVE-2014-2140 | Cisco | Denial of Service vulnerability in Cisco ONS 15454 System Software and ONS 15454 Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (card reset) via a TCP FIN attack that triggers file-descriptor exhaustion and a failure to open a CAL pipe, aka Bug ID CSCug97348. | 5.0 |
2014-04-12 | CVE-2014-2139 | Cisco | Denial of Service vulnerability in Cisco ONS 15454 System Software and ONS 15454 Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (flash write outage) via a TCP FIN attack that triggers file-descriptor exhaustion, aka Bug ID CSCug97315. | 5.0 |
2014-04-12 | CVE-2014-0772 | Advantech | Information Exposure vulnerability in Advantech Webaccess 5.0/6.0/7.0 The OpenUrlToBufferTimeout method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL. | 5.0 |
2014-04-12 | CVE-2014-0771 | Advantech | Information Exposure vulnerability in Advantech Webaccess 5.0/6.0/7.0 The OpenUrlToBuffer method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL. | 5.0 |
2014-04-10 | CVE-2014-2749 | SAP | Information Exposure vulnerability in SAP Hana The HANA ICM process in SAP HANA allows remote attackers to obtain the platform version, host name, instance number, and possibly other sensitive information via a malformed HTTP GET request. | 5.0 |
2014-04-10 | CVE-2013-7366 | SAP | Improper Authentication vulnerability in SAP Software Deployment Manager The SAP Software Deployment Manager (SDM), in certain unspecified conditions, allows remote attackers to cause a denial of service via vectors related to failed authentications. | 5.0 |
2014-04-10 | CVE-2013-7361 | SAP | Path Traversal vulnerability in SAP CM Services and CMS Services Directory traversal vulnerability in SAP CMS and CM Services allows attackers to upload arbitrary files via unspecified vectors. | 5.0 |
2014-04-10 | CVE-2013-7359 | SAP | Information Disclosure vulnerability in SAP Mobile Infrastructure Unspecified vulnerability in SAP Mobile Infrastructure allows remote attackers to obtain sensitive port information via unknown vectors, related to an "internal port scanning" issue. | 5.0 |
2014-04-10 | CVE-2013-7358 | SAP | Unspecified vulnerability in SAP Guided Procedures Archive Monitor Unspecified vulnerability in SAP Guided Procedures Archive Monitor allows remote attackers to obtain usernames, roles, profiles, and possibly other identity information via unknown vectors. | 5.0 |
2014-04-10 | CVE-2013-7357 | SAP | Information Disclosure vulnerability in SAP J2EE Engine Unspecified vulnerability in the configuration service in SAP J2EE Engine allows remote attackers to obtain credential information via unknown vectors. | 5.0 |
2014-04-10 | CVE-2013-7356 | SAP | Unspecified vulnerability in SAP Ccms / Database Monitor Unspecified vulnerability in the SAP CCMS / Database Monitors for Oracle allows attackers to obtain the database password via unknown vectors. | 5.0 |
2014-04-08 | CVE-2014-0508 | Adobe Linux Apple Microsoft | Permissions, Privileges, and Access Controls vulnerability in Adobe Air, Adobe AIR SDK and Flash Player Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. | 5.0 |
2014-04-08 | CVE-2014-2541 | Tibco | Permissions, Privileges, and Access Controls vulnerability in Tibco Messaging Appliance, Rendezvous and Substantiation ES The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors. | 5.0 |
2014-04-08 | CVE-2012-0033 | ZNC | Resource Management Errors vulnerability in ZNC Znc-Msvc 0.200/0.202 The CBounceDCCMod::OnPrivCTCP function in bouncedcc.cpp in the bouncedcc module in ZNC 0.200 and 0.202 allows remote attackers to cause a denial of service (crash) via a crafted DCC RESUME request. | 5.0 |
2014-04-12 | CVE-2013-2828 | Osisoft | Improper Input Validation vulnerability in Osisoft PI Interface The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows physically proximate attackers to cause a denial of service (interface shutdown) via crafted input over a serial line. | 4.7 |
2014-04-11 | CVE-2012-6131 | Roundup Tracker | Cross-Site Scripting vulnerability in Roundup-Tracker Roundup Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the @action parameter to support/issue1. | 4.3 |
2014-04-11 | CVE-2012-6130 | Roundup Tracker | Cross-Site Scripting vulnerability in Roundup-Tracker Roundup Cross-site scripting (XSS) vulnerability in the history display in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via a username, related to generating a link. | 4.3 |
2014-04-11 | CVE-2013-4795 | Reviewboard | Cross-Site Scripting vulnerability in Reviewboard Review Board Cross-site scripting (XSS) vulnerability in the Submitters list in Review Board 1.6.x before 1.6.18 and 1.7.x before 1.7.12 allows remote attackers to inject arbitrary web script or HTML via a user full name. | 4.3 |
2014-04-10 | CVE-2013-7365 | SAP | Cross-Site Scripting vulnerability in SAP Enterprise Portal Cross-site scripting (XSS) vulnerability in SAP Enterprise Portal allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 4.3 |
2014-04-10 | CVE-2014-0331 | Fortinet | Cross-Site Scripting vulnerability in Fortinet products Cross-site scripting (XSS) vulnerability in the web administration interface in FortiADC with firmware before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the locale parameter to gui_partA/. | 4.3 |
2014-04-10 | CVE-2012-6132 | Roundup Tracker | Cross-Site Scripting vulnerability in Roundup-Tracker Roundup Cross-site scripting (XSS) vulnerability in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the otk parameter. | 4.3 |
2014-04-08 | CVE-2014-0509 | Adobe Apple Microsoft Linux | Cross-Site Scripting vulnerability in Adobe Air, Adobe AIR SDK and Flash Player Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-04-08 | CVE-2014-2542 | Tibco | Cross-Site Scripting vulnerability in Tibco Messaging Appliance, Rendezvous and Substantiation ES Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-04-08 | CVE-2012-6645 | Danielb | Cross-Site Scripting vulnerability in Danielb Finder Cross-site scripting (XSS) vulnerability in the autocomplete functionality in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or HTML via the title of a node, a different vulnerability than CVE-2012-1561. | 4.3 |
2014-04-08 | CVE-2012-6644 | Clip Bucket | Cross-Site Scripting vulnerability in Clip-Bucket Clipbucket 2.6 Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php. | 4.3 |
2014-04-08 | CVE-2012-6642 | Clip Bucket | Cross-Site Scripting vulnerability in Clip-Bucket Clipbucket 2.6 Cross-site scripting (XSS) vulnerability in ClipBucket 2.6 allows remote attackers to inject arbitrary web script or HTML via the type parameter to view_channel.php. | 4.3 |
2014-04-08 | CVE-2012-1561 | Danielb | Cross-Site Scripting vulnerability in Danielb Finder Cross-site scripting (XSS) vulnerability in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the "checkbox and radio button functionalities." | 4.3 |
2014-04-08 | CVE-2011-4958 | Silverstripe | Cross-Site Scripting vulnerability in Silverstripe Cross-site scripting (XSS) vulnerability in the process function in SSViewer.php in SilverStripe before 2.3.13 and 2.4.x before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING to template placeholders, as demonstrated by a request to (1) admin/reports/, (2) admin/comments/, (3) admin/, (4) admin/show/, (5) admin/assets/, and (6) admin/security/. | 4.3 |
2014-04-07 | CVE-2012-6641 | Prestashop | Cross-Site Scripting vulnerability in Prestashop Cross-site scripting (XSS) vulnerability in redirect.php in the Socolissimo module (modules/socolissimo/) in PrestaShop before 1.4.7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to "parameter names and values." | 4.3 |
2014-04-07 | CVE-2012-1834 | CMS Tree Page View Project | Cross-Site Scripting vulnerability in CMS Tree Page View Project CMS Tree Page View Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the CMS Tree Page View plugin before 0.8.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cms_tpv_view parameter to wp-admin/options-general.php. | 4.3 |
2014-04-10 | CVE-2014-0920 | IBM | Credentials Management vulnerability in IBM Spss Analytic Server 1.0.0.0/1.0.1.0 IBM SPSS Analytic Server 1.0 before IF002 and 1.0.1 before IF004 logs cleartext passwords, which allows remote authenticated users to obtain sensitive information via unspecified vectors. | 4.0 |
2014-04-10 | CVE-2014-2141 | Cisco | Buffer Errors vulnerability in Cisco ONS 15454 System Software and ONS 15454 The session-termination functionality on Cisco ONS 15454 controller cards with software 9.6 and earlier does not initialize an unspecified pointer, which allows remote authenticated users to cause a denial of service (card reset) via crafted session-close actions, aka Bug ID CSCug97416. | 4.0 |
2014-04-10 | CVE-2014-0165 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress WordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authenticated users to publish posts by leveraging the Contributor role, related to wp-admin/includes/post.php and wp-admin/includes/class-wp-posts-list-table.php. | 4.0 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-04-12 | CVE-2014-0347 | Websense | Credentials Management vulnerability in Websense products The Settings module in Websense Triton Unified Security Center 7.7.3 before Hotfix 31, Web Filter 7.7.3 before Hotfix 31, Web Security 7.7.3 before Hotfix 31, Web Security Gateway 7.7.3 before Hotfix 31, and Web Security Gateway Anywhere 7.7.3 before Hotfix 31 allows remote authenticated users to read cleartext passwords by replacing type="password" with type="text" in an INPUT element in the (1) Log Database or (2) User Directories component. | 3.5 |
2014-04-11 | CVE-2014-2333 | Marcel Brinkkemper | Cross-Site Scripting vulnerability in Marcel Brinkkemper Lazyest-Gallery Cross-site scripting (XSS) vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. | 2.6 |
2014-04-12 | CVE-2013-6216 | HP | Privilege Escalation vulnerability in Multiple HP Products Unspecified vulnerability in HP Array Configuration Utility, Array Diagnostics Utility, ProLiant Array Diagnostics, and SmartSSD Wear Gauge Utility 9.40 and earlier allows local users to gain privileges via unknown vectors. | 2.1 |