Weekly Vulnerabilities Reports > May 12 to 18, 2014

Overview

138 new vulnerabilities reported during this period, including 22 critical vulnerabilities and 31 high severity vulnerabilities. This weekly summary report vulnerabilities in 144 products from 77 vendors including Microsoft, Apple, Adobe, Mediawiki, and Canonical. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-Site Request Forgery (CSRF)", and "Improper Input Validation".

  • 131 reported vulnerabilities are remotely exploitables.
  • 12 reported vulnerabilities have public exploit available.
  • 40 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 119 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 27 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 14 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

22 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-05-16 CVE-2014-0749 Adaptivecomputing Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adaptivecomputing Torque Resource Manager

Stack-based buffer overflow in lib/Libdis/disrsi_.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x through 2.5.13 allows remote attackers to execute arbitrary code via a large count value.

10.0
2014-05-15 CVE-2013-4730 Pcman S FTP Server Project Buffer Errors vulnerability in Pcman'S FTP Server Project Pcman'S FTP Server 2.0.7

Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER command.

10.0
2014-05-14 CVE-2014-1806 Microsoft Code Injection vulnerability in Microsoft .Net Framework

The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote attackers to execute arbitrary code via vectors involving malformed objects, aka "TypeFilterLevel Vulnerability."

10.0
2014-05-14 CVE-2014-0529 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10.0
2014-05-14 CVE-2014-0528 Adobe
Apple
Microsoft
Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader

Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10.0
2014-05-14 CVE-2014-0527 Adobe
Apple
Microsoft
Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10.0
2014-05-14 CVE-2014-0526 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0524.

10.0
2014-05-14 CVE-2014-0525 Adobe
Apple
Microsoft
Permissions, Privileges, and Access Controls vulnerability in Adobe Acrobat and Acrobat Reader

The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via unspecified API calls.

10.0
2014-05-14 CVE-2014-0524 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0526.

10.0
2014-05-14 CVE-2014-0523 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0524, and CVE-2014-0526.

10.0
2014-05-14 CVE-2014-0522 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0523, CVE-2014-0524, and CVE-2014-0526.

10.0
2014-05-14 CVE-2014-0513 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Illustrator

Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and 16.2.x before 16.2.2 allows remote attackers to execute arbitrary code via unspecified vectors.

10.0
2014-05-14 CVE-2014-2405 Oracle
Canonical
Debian
Remote Security vulnerability in Oracle Openjdk 1.6.0

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462.

10.0
2014-05-14 CVE-2014-1849 Foscam Credentials Management vulnerability in Foscam IP Camera Firmware 11.37.2.49

Foscam IP camera 11.37.2.49 and other versions, when using the Foscam DynDNS option, generates credentials based on predictable camera subdomain names, which allows remote attackers to spoof or hijack arbitrary cameras and conduct other attacks by modifying arbitrary camera records in the Foscam DNS server.

10.0
2014-05-14 CVE-2014-0462 Oracle
Canonical
Debian
Remote Security vulnerability in Oracle Openjdk 1.6.0

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405.

10.0
2014-05-14 CVE-2014-2046 Broadcom Cryptographic Issues vulnerability in Broadcom Pipa C211 and Pipa C211 web Interface

cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or (2) modify the firmware via unspecified vectors.

9.7
2014-05-14 CVE-2014-1815 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as exploited in the wild in May 2014, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0310.

9.3
2014-05-14 CVE-2014-1756 Microsoft Remote Code Execution vulnerability in Microsoft Office 2007/2010/2013

Untrusted search path vulnerability in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013 Gold, SP1, RT, and RT SP1, when the Simplified Chinese Proofing Tool is enabled, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Microsoft Office Chinese Grammar Checking Vulnerability." Per: http://cwe.mitre.org/data/definitions/426.html "CWE-426: Untrusted Search Path"

9.3
2014-05-14 CVE-2014-0310 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1815.

9.3
2014-05-12 CVE-2013-4772 D Link Improper Authentication vulnerability in D-Link products

D-Link DIR-505L SharePort Mobile Companion 1.01 and DIR-826L Wireless N600 Cloud Router 1.02 allows remote attackers to bypass authentication via a direct request when an authorized session is active.

9.3
2014-05-14 CVE-2014-1812 Microsoft Credentials Management vulnerability in Microsoft products

The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka "Group Policy Preferences Password Elevation of Privilege Vulnerability."

9.0
2014-05-14 CVE-2014-0251 Microsoft Code Injection vulnerability in Microsoft products

Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010 SP1 and SP2 and 2013 Gold and SP1; Web Applications 2010 SP1 and SP2; Office Web Apps Server 2013 Gold and SP1; SharePoint Server 2013 Client Components SDK; and SharePoint Designer 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "SharePoint Page Content Vulnerability."

9.0

31 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-05-17 CVE-2014-2084 Skyboxsecurity Permissions, Privileges, and Access Controls vulnerability in Skyboxsecurity Skybox View Appliance and Skybox View Appliance ISO

Skybox View Appliances with ISO 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54, 6.4.45-2.56, and 6.4.46-2.57 does not properly restrict access to the Admin interface, which allows remote attackers to obtain sensitive information via a request to (1) scripts/commands/getSystemInformation or (2) scripts/commands/getNetworkConfigurationInfo, cause a denial of service (reboot) via a request to scripts/commands/reboot, or cause a denial of service (shutdown) via a request to scripts/commands/shutdown.

8.5
2014-05-14 CVE-2014-1813 Microsoft Code Injection vulnerability in Microsoft web Applications 2010

Microsoft Web Applications 2010 SP1 and SP2 allows remote authenticated users to execute arbitrary code via crafted page content, aka "Web Applications Page Content Vulnerability."

8.5
2014-05-16 CVE-2014-0782 Yokogawa Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Yokogawa products

Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier allows remote attackers to execute arbitrary code via a crafted packet.

8.3
2014-05-16 CVE-2014-1649 Symantec Permissions, Privileges, and Access Controls vulnerability in Symantec Workspace Streaming 6.1/7.5.0

The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS.

7.9
2014-05-16 CVE-2014-0643 EMC Improper Authentication vulnerability in EMC RSA Netwitness and RSA Security Analytics

EMC RSA NetWitness before 9.8.5.19 and RSA Security Analytics before 10.2.4 and 10.3.x before 10.3.2, when Kerberos PAM is enabled, do not require a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid account name.

7.6
2014-05-14 CVE-2014-3121 Marc Lehmann OS Command Injection vulnerability in Marc Lehmann Rxvt-Unicode

rxvt-unicode before 9.20 does not properly handle OSC escape sequences, which allows user-assisted remote attackers to manipulate arbitrary X window properties and execute arbitrary commands.

7.6
2014-05-16 CVE-2014-1613 Dotclear Code Injection vulnerability in Dotclear

Dotclear before 2.6.2 allows remote attackers to execute arbitrary PHP code via a serialized object in the dc_passwd cookie to a password-protected page, which is not properly handled by (1) inc/public/lib.urlhandlers.php or (2) plugins/pages/_public.php.

7.5
2014-05-16 CVE-2014-3759 Karlen Walter SQL Injection vulnerability in Karlen Walter SI Bibtex 0.2.3

Multiple SQL injection vulnerabilities in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the (1) search or (2) list functionality.

7.5
2014-05-15 CVE-2014-3757 Phpmanufaktur SQL Injection vulnerability in PHPmanufaktur Kitform

SQL injection vulnerability in sorter.php in the phpManufaktur kitForm extension 0.43 and earlier for the KeepInTouch (KIT) module allows remote attackers to execute arbitrary SQL commands via the sorter_value parameter.

7.5
2014-05-15 CVE-2014-0211 Canonical
X
Numeric Errors vulnerability in multiple products

Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow.

7.5
2014-05-15 CVE-2014-0210 X
Canonical
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.

7.5
2014-05-14 CVE-2013-2226 Glpi Project SQL Injection vulnerability in Glpi-Project Glpi

Multiple SQL injection vulnerabilities in GLPI before 0.83.9 allow remote attackers to execute arbitrary SQL commands via the (1) users_id_assign parameter to ajax/ticketassigninformation.php, (2) filename parameter to front/document.form.php, or (3) table parameter to ajax/comments.php.

7.5
2014-05-14 CVE-2014-1742 Google Resource Management Errors vulnerability in Google Chrome

Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling.

7.5
2014-05-14 CVE-2014-1741 Google Numeric Errors vulnerability in Google Chrome

Multiple integer overflows in the replace-data functionality in the CharacterData interface implementation in core/dom/CharacterData.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to ranges.

7.5
2014-05-14 CVE-2014-1740 Google Resource Management Errors vulnerability in Google Chrome

Multiple use-after-free vulnerabilities in net/websockets/websocket_job.cc in the WebSockets implementation in Google Chrome before 34.0.1847.137 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to WebSocketJob deletion.

7.5
2014-05-14 CVE-2014-0520 Adobe
Apple
Microsoft
Linux
Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0518, and CVE-2014-0519.

7.5
2014-05-14 CVE-2014-0519 Adobe
Apple
Microsoft
Linux
Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0518, and CVE-2014-0520.

7.5
2014-05-14 CVE-2014-0518 Adobe
Apple
Microsoft
Linux
Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0519, and CVE-2014-0520.

7.5
2014-05-14 CVE-2014-0517 Adobe
Apple
Microsoft
Linux
Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0518, CVE-2014-0519, and CVE-2014-0520.

7.5
2014-05-14 CVE-2014-0516 Adobe
Apple
Microsoft
Linux
Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

7.5
2014-05-14 CVE-2014-1909 Google
Opensuse
Numeric Errors vulnerability in multiple products

Integer signedness error in system/core/adb/adb_client.c in Android Debug Bridge (ADB) for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow.

7.5
2014-05-13 CVE-2013-4552 Drupalauth Project Improper Authentication vulnerability in Drupalauth Project Drupalauth 1.2.1

lib/Auth/Source/External.php in the drupalauth module before 1.2.2 for simpleSAMLphp allows remote attackers to authenticate as an arbitrary user via the user name (uid) in a cookie.

7.5
2014-05-13 CVE-2011-4970 Disk Pool Manager Project SQL Injection vulnerability in Disk Pool Manager Project Disk Pool Manager 1.8.2/1.8.3/1.8.5

Multiple SQL injection vulnerabilities in LCG Disk Pool Manager (DPM) before 1.8.6, as used in EGI UDM, allow remote attackers to execute arbitrary SQL commands via the (1) r_token variable in the dpm_get_pending_req_by_token, (2) dpm_get_cpr_by_fullid, (3) dpm_get_cpr_by_surl, (4) dpm_get_cpr_by_surls, (5) dpm_get_gfr_by_fullid, (6) dpm_get_gfr_by_surl, (7) dpm_get_pfr_by_fullid, (8) dpm_get_pfr_by_surl, (9) dpm_get_req_by_token, (10) dpm_insert_cpr_entry, (11) dpm_insert_gfr_entry, (12) dpm_insert_pending_entry, (13) dpm_insert_pfr_entry, (14) dpm_insert_xferreq_entry, (15) dpm_list_cpr_entry, (16) dpm_list_gfr_entry, or (17) dpm_list_pfr_entry function; the (18) surl variable in the dpm_get_cpr_by_surl function; the (19) to_surl variable in the dpm_get_cpr_by_surls function; the (20) u_token variable in the dpm_get_pending_reqs_by_u_desc, (21) dpm_get_reqs_by_u_desc, (22) dpm_get_spcmd_by_u_desc, (23) dpm_insert_pending_entry, (24) dpm_insert_spcmd_entry, or (25) dpm_insert_xferreq_entry function; the (26) s_token variable in the dpm_get_spcmd_by_token, (27) dpm_insert_cpr_entry, (28) dpm_insert_gfr_entry, (29) dpm_insert_pfr_entry, (30) dpm_insert_spcmd_entry, (31) dpm_update_cpr_entry, (32) dpm_update_gfr_entry, or (33) dpm_update_pfr_entry function; or remote administrators to execute arbitrary SQL commands via the (34) poolname variable in the dpm_get_pool_entry, (35) dpm_insert_fs_entry, (36) dpm_insert_pool_entry, (37) dpm_insert_spcmd_entry, (38) dpm_list_fs_entry, or (39) dpm_update_spcmd_entry function.

7.5
2014-05-12 CVE-2013-6453 Mediawiki Improper Input Validation vulnerability in Mediawiki

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.

7.5
2014-05-12 CVE-2013-5671 Mark Evans Unspecified vulnerability in Mark Evans Fog-Dragonfly 0.8.2

lib/dragonfly/imagemagickutils.rb in the fog-dragonfly gem 0.8.2 for Ruby allows remote attackers to execute arbitrary commands via unspecified vectors.

7.5
2014-05-12 CVE-2013-4571 Mediawiki Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mediawiki

Buffer overflow in php-luasandbox in the Scribuntu extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 has unspecified impact and remote vectors.

7.5
2014-05-14 CVE-2014-1807 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly implement file associations, which allows local users to gain privileges via a crafted application, as exploited in the wild in May 2014, aka "Windows Shell File Association Vulnerability."

7.2
2014-05-16 CVE-2014-0964 IBM Resource Management Errors vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server (WAS) 6.1.0.0 through 6.1.0.47 and 6.0.2.0 through 6.0.2.43 allows remote attackers to cause a denial of service via crafted TLS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.

7.1
2014-05-16 CVE-2014-0918 IBM Path Traversal vulnerability in IBM Websphere Portal

Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06 allows remote attackers to read arbitrary files via a crafted URL.

7.1
2014-05-14 CVE-2014-3127 Debian Path Traversal vulnerability in Debian Dpkg

dpkg 1.15.9 on Debian squeeze introduces support for the "C-style encoded filenames" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package.

7.1
2014-05-12 CVE-2014-2928 F5 Remote Command Injection vulnerability in Multiple F5 BIG-IP Products

The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request.

7.1

79 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-05-14 CVE-2014-2591 BMC Privilege Escalation vulnerability in BMC Patrol Agent 3.9.00

Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.

6.9
2014-05-16 CVE-2013-7379 Ucdok Improper Authentication vulnerability in Ucdok Tomato 0.0.5

The admin API in the tomato module before 0.0.6 for Node.js does not properly check the access key when it is set to a string, which allows remote attackers to bypass authentication via a string in the access-key header that partially matches config.master.api.access_key.

6.8
2014-05-16 CVE-2014-3760 D Link Cross-Site Request Forgery (CSRF) vulnerability in D-Link DAP 1150 and DAP 1150 Firmware

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP 1150 with firmware 1.2.94 allow remote attackers to hijack the authentication of administrators for requests that (1) enable or (2) disable the DMZ in the Firewall/DMZ section via a request to index.cgi or (3) add, (4) modify, or (5) delete URL-filter settings in the Control/URL-filter section via a request to index.cgi, as demonstrated by adding a rule that blocks access to google.com.

6.8
2014-05-16 CVE-2014-0933 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Information Server Metadata Workbench

Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Information Server Metadata Workbench 8.1 through 9.1 allows remote attackers to hijack the authentication of arbitrary users.

6.8
2014-05-14 CVE-2013-7376 Openx Cross-Site Request Forgery (CSRF) vulnerability in Openx 2.8.10

Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.10, possibly before revision 82710, allow remote attackers to hijack the authentication of administrators, as demonstrated by requests that conduct directory traversal attacks via the group parameter to (1) plugin-preferences.php or (2) plugin-settings.php in www/admin, a different vulnerability than CVE-2013-3514.

6.8
2014-05-14 CVE-2013-2700 Webmaster Source Cross-Site Request Forgery (CSRF) vulnerability in Webmaster-Source Wp125

Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 plugin before 1.5.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad via unspecified vectors.

6.8
2014-05-14 CVE-2013-2034 Cloudbees Cross-Site Request Forgery (CSRF) vulnerability in Cloudbees Jenkins

Multiple cross-site request forgery (CSRF) vulnerabilities in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary code or (2) initiate deployment of binaries to a Maven repository via unspecified vectors.

6.8
2014-05-14 CVE-2014-1809 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Office 2007/2010/2013

The MSCOMCTL library in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013 Gold, SP1, RT, and RT SP1 makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted web site, as exploited in the wild in May 2014, aka "MSCOMCTL ASLR Vulnerability."

6.8
2014-05-14 CVE-2011-2514 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Icedtea-Web and Icedtea6

The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warning dialog box to represent a different filename than the file for which access will be granted.

6.8
2014-05-13 CVE-2013-4562 Madeofcode Cross-Site Request Forgery (CSRF) vulnerability in Madeofcode Omniauth-Facebook 1.4.1

The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via the state parameter.

6.8
2014-05-13 CVE-2014-2989 Open Assessment Technologies Cross-Site Request Forgery (CSRF) vulnerability in Open Assessment Technologies TAO 2.5.6

Cross-site request forgery (CSRF) vulnerability in Open Assessment Technologies TAO 2.5.6 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via a request to Users/add.

6.8
2014-05-13 CVE-2013-2705 Tipsandtricks HQ Cross-Site Request Forgery (CSRF) vulnerability in Tipsandtricks-Hq Wordpress Simple Paypal Shopping Cart

Cross-site request forgery (CSRF) vulnerability in the WordPress Simple Paypal Shopping Cart plugin before 3.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings.

6.8
2014-05-13 CVE-2013-2692 Openvpn Cross-Site Request Forgery (CSRF) vulnerability in Openvpn Access Server 1.5.6

Cross-site request forgery (CSRF) vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users.

6.8
2014-05-13 CVE-2012-6342 Atlassian Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Confluence 3.4.6

Cross-site request forgery (CSRF) vulnerability in logout.action in Atlassian Confluence 3.4.6 allows remote attackers to hijack the authentication of administrators for requests that logout the user via a comment.

6.8
2014-05-12 CVE-2014-3455 Mediawiki Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki

Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) CreateProperty, (2) CreateTemplate, (3) CreateForm, and (4) CreateClass special pages in the SemanticForms extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allow remote attackers to hijack the authentication of users for requests that have unspecified impact and vectors.

6.8
2014-05-12 CVE-2014-3454 Mediawiki Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki

Cross-site request forgery (CSRF) vulnerability in Special:CreateCategory in the SemanticForms extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to hijack the authentication of users for requests that create categories via unspecified vectors.

6.8
2014-05-12 CVE-2013-5748 Simplerisk Cross-Site Request Forgery (CSRF) vulnerability in Simplerisk 20130915001

Cross-site request forgery (CSRF) vulnerability in management/prioritize_planning.php in SimpleRisk before 20130916-001 allows remote attackers to hijack the authentication of users for requests that add projects via an add_project action.

6.8
2014-05-12 CVE-2013-4581 Gitlab Code Injection vulnerability in Gitlab and Gitlab-Shell

GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH.

6.8
2014-05-12 CVE-2013-4580 Gitlab Improper Authentication vulnerability in Gitlab

GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls.

6.8
2014-05-17 CVE-2013-4489 Gitlab Remote Code Execution vulnerability in GitLab 'Code Search' Feature

The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature.

6.5
2014-05-17 CVE-2014-3453 Flag Module Project Code Injection vulnerability in Flag Module Project Flag

Eval injection vulnerability in the flag_import_form_validate function in includes/flag.export.inc in the Flag module 7.x-3.0, 7.x-3.5, and earlier for Drupal allows remote authenticated administrators to execute arbitrary PHP code via the "Flag import code" text area to admin/structure/flags/import.

6.5
2014-05-14 CVE-2014-0137 Redhat SQL Injection vulnerability in Redhat Cloudforms 3.0 Management Engine

SQL injection vulnerability in the saved_report_delete action in the ReportController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, related to MiqReportResult.exists.

6.5
2014-05-14 CVE-2013-4468 Vicidial Command Injection vulnerability in VICIDIAL 'manager_send.php'

VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in the extension parameter in an OriginateVDRelogin action to manager_send.php.

6.5
2014-05-13 CVE-2013-4546 Gitlab Unspecified vulnerability in Gitlab and Gitlab-Shell

The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL.

6.5
2014-05-13 CVE-2013-4490 Gitlab Remote Code Execution vulnerability in GitLab 'SSH key upload' Feature

The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.

6.5
2014-05-13 CVE-2014-3246 O DYN SQL Injection vulnerability in O-Dyn Collabtive 1.2

SQL injection vulnerability in Collabtive 1.2 allows remote authenticated users to execute arbitrary SQL commands via the folder parameter in a fileview_list action to manageajax.php.

6.5
2014-05-16 CVE-2014-1418 Djangoproject
Canonical
Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the cache via a request from certain browsers.
6.4
2014-05-14 CVE-2013-5655 Xiaowen Huang Path Traversal vulnerability in Xiaowen Huang Yingzhi Python Programming Language 1.9

Directory traversal vulnerability in the FTP server in YingZhi Python Programming Language for iOS 1.9 allows remote attackers to read and possibly write arbitrary files via a ..

6.4
2014-05-12 CVE-2013-5984 Microweber Path Traversal vulnerability in Microweber 0.8

Directory traversal vulnerability in userfiles/modules/admin/backup/delete.php in Microweber before 0.830 allows remote attackers to delete arbitrary files via a ..

6.4
2014-05-16 CVE-2014-3750 Bilyoner Cryptographic Issues vulnerability in Bilyoner 2.1.1/4.6

The Bilyoner application before 2.3.1 for Android and before 4.6.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2014-05-14 CVE-2013-4471 Openstack Improper Authentication vulnerability in Openstack Horizon 2013.1/2013.2

The Identity v3 API in OpenStack Dashboard (Horizon) before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user.

5.5
2014-05-16 CVE-2014-3263 Cisco Improper Input Validation vulnerability in Cisco IOS 15.3(3)M/15.3M

The ScanSafe module in Cisco IOS 15.3(3)M allows remote attackers to cause a denial of service (device reload) via HTTPS packets that require tower processing, aka Bug ID CSCum97038.

5.4
2014-05-17 CVE-2013-7382 Vicidial Credentials Management vulnerability in Vicidial 2.7/2.8

VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the (1) VDAD and (2) VDCL users, which makes it easier for remote attackers to obtain access.

5.0
2014-05-16 CVE-2014-3742 Spumko Project Resource Management Errors vulnerability in Spumko Project Hapi Server Framework 2.0.0/2.1.1/2.1.2

The hapi server framework 2.0.x and 2.1.x before 2.2.0 for Node.js allows remote attackers to cause a denial of service (file descriptor consumption and process crash) via unspecified vectors.

5.0
2014-05-14 CVE-2014-3430 Dovecot Improper Authentication vulnerability in Dovecot

Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection.

5.0
2014-05-14 CVE-2014-0256 Microsoft Improper Input Validation vulnerability in Microsoft Windows Server 2008 and Windows Server 2012

Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold allow remote attackers to cause a denial of service (iSCSI service outage) by sending many crafted packets, aka "iSCSI Target Remote Denial of Service Vulnerability."

5.0
2014-05-14 CVE-2014-0255 Microsoft Improper Input Validation vulnerability in Microsoft Windows Server 2008 and Windows Server 2012

Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (iSCSI service outage) by sending many crafted packets, aka "iSCSI Target Remote Denial of Service Vulnerability."

5.0
2014-05-14 CVE-2011-2513 Redhat Information Exposure vulnerability in Redhat Icedtea-Web and Icedtea6

The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to obtain the username and full path of the home and cache directories by accessing properties of the ClassLoader.

5.0
2014-05-13 CVE-2013-4501 Quiz Module Project Permissions, Privileges, and Access Controls vulnerability in Quiz Module Project Quiz

The default views in the Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote attackers to obtain sensitive quiz results via unspecified vectors.

5.0
2014-05-12 CVE-2014-3243 Makina Corpus Buffer Errors vulnerability in Makina-Corpus Soappy 0.12.5

SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted SOAP request containing a large number of nested entity references.

5.0
2014-05-12 CVE-2014-3242 Makina Corpus Information Exposure vulnerability in Makina-Corpus Soappy 0.12.5

SOAPpy 0.12.5 allows remote attackers to read arbitrary files via a SOAP request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

5.0
2014-05-12 CVE-2014-2301 Bscw Information Exposure vulnerability in Bscw 5.0.7

OrbiTeam BSCW before 5.0.8 allows remote attackers to obtain sensitive metadata via the inf operations (op=inf) to an object in pub/bscw.cgi/.

5.0
2014-05-12 CVE-2013-6472 Mediawiki Information Exposure vulnerability in Mediawiki

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain information about deleted page via the (1) log API, (2) enhanced RecentChanges, and (3) user watchlists.

5.0
2014-05-12 CVE-2013-4570 Mediawiki Unspecified vulnerability in Mediawiki

The zend_inline_hash_func function in php-luasandbox in the Scribuntu extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to converting Lua data structures to PHP, as demonstrated by passing { [{}] = 1 } to a module function.

5.0
2014-05-13 CVE-2013-4500 Quiz Module Project Permissions, Privileges, and Access Controls vulnerability in Quiz Module Project Quiz

The Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote authenticated users with the "view any quiz results" or "view results for own quiz" permission to delete arbitrary results via the delete option.

4.9
2014-05-15 CVE-2014-0209 X
Canonical
Numeric Errors vulnerability in multiple products

Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata.

4.6
2014-05-18 CVE-2014-1347 Apple Permissions, Privileges, and Access Controls vulnerability in Apple Itunes

Apple iTunes before 11.2.1 on OS X sets world-writable permissions for /Users and /Users/Shared during reboots, which allows local users to modify files, and consequently obtain access to arbitrary user accounts, via standard filesystem operations.

4.4
2014-05-16 CVE-2014-3730 Canonical
Djangoproject
Opensuse
Debian
Improper Input Validation vulnerability in multiple products

The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly validate URLs, which allows remote attackers to conduct open redirect attacks via a malformed URL, as demonstrated by "http:\\\djangoproject.com."

4.3
2014-05-16 CVE-2014-3452 K Litecodec Buffer Errors vulnerability in K-Litecodec K-Lite Codec 10.4.5

Filters\LAV\avfilter-lav-4.dll in K-lite Codec 10.4.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .jpg file.

4.3
2014-05-16 CVE-2014-3761 D Link Cross-Site Scripting vulnerability in D-Link DAP 1150 and DAP 1150 Firmware

Cross-site scripting (XSS) vulnerability in D-Link DAP 1150 with firmware 1.2.94 allows remote attackers to inject arbitrary web script or HTML via the res_buf parameter to index.cgi in the Control/URL-filter section.

4.3
2014-05-16 CVE-2014-3758 Karlen Walter Cross-Site Scripting vulnerability in Karlen Walter SI Bibtex 0.2.3

Cross-site scripting (XSS) vulnerability in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via vectors related to the import functionality.

4.3
2014-05-16 CVE-2014-3262 Cisco Improper Input Validation vulnerability in Cisco IOS XE

The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782.

4.3
2014-05-16 CVE-2014-0917 IBM Cross-Site Scripting vulnerability in IBM Websphere Portal

Cross-site scripting (XSS) vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

4.3
2014-05-15 CVE-2014-3247 O DYN Cross-Site Scripting vulnerability in O-Dyn Collabtive 1.2

Cross-site scripting (XSS) vulnerability in Collabtive 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the desc parameter in an Add project (addpro) action to admin.php.

4.3
2014-05-15 CVE-2013-0197 Mantisbt Cross-Site Scripting vulnerability in Mantisbt 1.2.12/1.2.13

Cross-site scripting (XSS) vulnerability in the filter_draw_selection_area2 function in core/filter_api.php in MantisBT 1.2.12 before 1.2.13 allows remote attackers to inject arbitrary web script or HTML via the match_type parameter to bugs/search.php.

4.3
2014-05-14 CVE-2014-3443 Jetaudio Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Jetaudio

JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.

4.3
2014-05-14 CVE-2014-3441 Videolan Buffer Errors vulnerability in Videolan VLC Media Player 2.1.3

codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.

4.3
2014-05-14 CVE-2014-3146 Lxml Unspecified vulnerability in Lxml

Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.

4.3
2014-05-14 CVE-2014-1603 GET Simple Cross-Site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.1

Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) param parameter to admin/load.php or (2) user, (3) email, or (4) name parameter in a Save Settings action to admin/settings.php.

4.3
2014-05-14 CVE-2013-5939 Phpcms Cross-Site Scripting vulnerability in PHPcms Guesbook Module

Multiple cross-site scripting (XSS) vulnerabilities in the Guestbook module for PHPCMS allow remote attackers to inject arbitrary web script or HTML via the (1) list or (2) introduce parameter to index.php.

4.3
2014-05-14 CVE-2013-3514 Openx Path Traversal vulnerability in Openx

Multiple directory traversal vulnerabilities in OpenX before 2.8.10 revision 82710 allow remote administrators to read arbitrary files via a ..

4.3
2014-05-14 CVE-2013-2087 Galleryproject Cross-Site Scripting vulnerability in Galleryproject Gallery

Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) movie title to modules/gallery/controllers/movies.php or (2) key variable to modules/gallery/views/error_admin.html.php.

4.3
2014-05-14 CVE-2013-1765 Smart FLV Plugin Project Cross-Site Scripting vulnerability in Smart-Flv Plugin Project Smart-Flv

Multiple cross-site scripting (XSS) vulnerabilities in jwplayer.swf in the smart-flv plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) link or (2) playerready parameter.

4.3
2014-05-14 CVE-2011-5249 Intersectalliance Cross-Site Scripting vulnerability in Intersectalliance System Intrusion Analysis and Reporting Environment

Cross-site scripting (XSS) vulnerability in the events page in the System iNtrusion Analysis and Reporting Environment (SNARE) for Linux agent before 1.7.0 allows remote attackers to inject arbitrary web script or HTML via a logged shell command.

4.3
2014-05-14 CVE-2014-1808 Microsoft Information Exposure vulnerability in Microsoft Office 2013

Microsoft Office 2013 Gold, SP1, RT, and RT SP1 allows remote attackers to obtain sensitive token information via a web site that sends a crafted response during opening of an Office document, aka "Token Reuse Vulnerability."

4.3
2014-05-14 CVE-2014-1754 Microsoft Cross-Site Scripting vulnerability in Microsoft products

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 Gold and SP1, SharePoint Foundation 2013 Gold and SP1, Office Web Apps Server 2013 Gold and SP1, and SharePoint Server 2013 Client Components SDK allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."

4.3
2014-05-14 CVE-2014-0521 Adobe
Apple
Microsoft
Information Exposure vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document.

4.3
2014-05-14 CVE-2012-1600 Phppgadmin Project
Opensuse
Cross-Site Scripting vulnerability in multiple products

Multiple cross-site scripting (XSS) vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) type of a function.

4.3
2014-05-14 CVE-2011-4407 Canonical Improper Input Validation vulnerability in Canonical Software-Properties and Ubuntu Linux

ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) attackers to spoof GPG keys for a package repository.

4.3
2014-05-14 CVE-2010-4832 Google Cryptographic Issues vulnerability in Google Android

Android OS before 2.2 does not display the correct SSL certificate in certain cases, which might allow remote attackers to spoof trusted web sites via a web page containing references to external sources in which (1) the certificate of the last loaded resource is checked, instead of for the main page, or (2) later certificates are not checked when the HTTPS connection is reused.

4.3
2014-05-13 CVE-2014-3456 Gitlab Cross-Site Scripting vulnerability in Gitlab 6.6.0/6.6.1

Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition (EE) 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-05-13 CVE-2013-1407 Netweblogic Cross-Site Scripting vulnerability in Netweblogic Events Manager and Events Manager PRO

Multiple cross-site scripting (XSS) vulnerabilities in the Events Manager plugin before 5.3.5 and Events Manager Pro plugin before 2.2.9 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) scope parameter to index.php; (2) user_name, (3) dbem_phone, (4) user_email, or (5) booking_comment parameter to an event with registration enabled; or the (6) _wpnonce parameter to wp-admin/edit.php.

4.3
2014-05-12 CVE-2013-6454 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via a -o-link attribute.

4.3
2014-05-12 CVE-2013-6452 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via crafted XSL in an SVG file.

4.3
2014-05-12 CVE-2013-5749 Simplerisk Cross-Site Scripting vulnerability in Simplerisk 20130915001

Cross-site scripting (XSS) vulnerability in management/prioritize_planning.php in SimpleRisk before 20130916-001 allows remote attackers to inject arbitrary web script or HTML via the new_project parameter.

4.3
2014-05-12 CVE-2013-4574 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

Cross-site scripting (XSS) vulnerability in the TimeMediaHandler extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to videos.

4.3
2014-05-14 CVE-2014-0078 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Cloudforms 3.0 Management Engine

The CatalogController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to delete arbitrary catalogs via vectors involving guessing the catalog ID.

4.0
2014-05-14 CVE-2014-3225 Cobblerd Path Traversal vulnerability in Cobblerd Cobbler

Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x through 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile.

4.0
2014-05-13 CVE-2013-4502 Nathan Haug
Drupal
Permissions, Privileges, and Access Controls vulnerability in Nathan Haug Filefield Sources

The FileField Sources module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.9 for Drupal does not properly check file permissions, which allows remote authenticated users to read arbitrary files by attaching a file.

4.0

6 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-05-13 CVE-2013-4504 Monster Menus Module Project
Drupal
Permissions, Privileges, and Access Controls vulnerability in Monster Menus Module Project Monster Menus

The Monster Menus module 7.x-1.x before 7.x-1.15 allows remote attackers to read arbitrary node comments via a crafted URL.

2.6
2014-05-17 CVE-2013-4498 Florian Weber
Drupal
Permissions, Privileges, and Access Controls vulnerability in Florian Weber Spaces

The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 for Drupal does not properly delete organic group group spaces content when using the option to move to a new group, which causes the content to be "orphaned" and allows remote authenticated users with the "access content" permission to obtain sensitive information via vectors involving a rebuild access for the site or content.

2.1
2014-05-15 CVE-2013-1810 Mantisbt Cross-Site Scripting vulnerability in Mantisbt 1.2.12

Multiple cross-site scripting (XSS) vulnerabilities in core/summary_api.php in MantisBT 1.2.12 allow remote authenticated users with manager or administrator permissions to inject arbitrary web script or HTML via a (1) category name in the summary_print_by_category function or (2) project name in the summary_print_by_project function.

2.1
2014-05-14 CVE-2013-4455 Katello Permissions, Privileges, and Access Controls vulnerability in Katello Installer

Katello Installer before 0.0.18 uses world-readable permissions for /etc/pki/tls/private/katello-node.key when deploying a child Pulp node, which allows local users to obtain the private key by reading the file.

2.1
2014-05-13 CVE-2013-4503 Feed Element Mapper Project Cross-Site Scripting vulnerability in Feed Element Mapper Project Feed Element Mapper

Cross-site scripting (XSS) vulnerability in the Feed Element Mapper module for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via vectors related to options.

2.1
2014-05-12 CVE-2013-4577 GNU Permissions, Privileges, and Access Controls vulnerability in GNU Grub

A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file.

2.1