Weekly Vulnerabilities Reports > May 26 to June 1, 2014

Overview

121 new vulnerabilities reported during this period, including 4 critical vulnerabilities and 13 high severity vulnerabilities. This weekly summary report vulnerabilities in 118 products from 56 vendors including IBM, Cisco, Apache, Redhat, and Moodle. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Improper Input Validation", "Improper Authentication", and "Information Exposure".

  • 103 reported vulnerabilities are remotely exploitables.
  • 6 reported vulnerabilities have public exploit available.
  • 34 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 91 reported vulnerabilities are exploitable by an anonymous user.
  • IBM has the most reported vulnerabilities, with 29 reported vulnerabilities.
  • Vmware has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

4 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-05-27 CVE-2013-2090 Uplawski OS Command Injection vulnerability in Uplawski Creme Fraiche

The set_meta_data function in lib/cremefraiche.rb in the Creme Fraiche gem before 0.6.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the file name of an email attachment.

9.3
2014-05-26 CVE-2014-2196 Cisco Code Injection vulnerability in Cisco Wide Area Application Services 5.1.1

Cisco Wide Area Application Services (WAAS) 5.1.1 before 5.1.1e, when SharePoint prefetch optimization is enabled, allows remote SharePoint servers to execute arbitrary code via a malformed response, aka Bug ID CSCue18479.

9.3
2014-06-01 CVE-2014-3790 Vmware Permissions, Privileges, and Access Controls vulnerability in VMWare Vcenter Server Appliance 5.1/5.5

Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by escaping from a chroot jail.

9.0
2014-05-26 CVE-2014-2504 EMC Permissions, Privileges, and Access Controls vulnerability in EMC Documentum D2

EMC Documentum D2 3.1 before P20, 3.1 SP1 before P02, 4.0 before P10, 4.1 before P13, and 4.2 before P01 allows remote authenticated users to bypass intended access restrictions and execute arbitrary Documentum Query Language (DQL) queries by calling (1) a core method or (2) a D2FS web-service method.

9.0

13 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-05-30 CVE-2013-6744 IBM
Microsoft
Permissions, Privileges, and Access Controls vulnerability in IBM DB2

The Stored Procedure infrastructure in IBM DB2 9.5, 9.7 before FP9a, 10.1 before FP3a, and 10.5 before FP3a on Windows allows remote authenticated users to gain privileges by leveraging the CONNECT privilege and the CREATE_EXTERNAL_ROUTINE authority.

8.5
2014-05-26 CVE-2014-2607 HP Remote Code Execution vulnerability in HP Operations Manager i

Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 and 9.2 through 9.24 allows remote authenticated users to execute arbitrary code by leveraging the OMi operator role.

8.5
2014-05-26 CVE-2014-2201 Cisco Unspecified vulnerability in Cisco products

The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915.

7.8
2014-05-26 CVE-2014-3261 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco products

Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devices, NX-OS 5.2 before 5.2(3a) on Nexus 7000 devices, and CG-OS CG4 before CG4(2) on Connected 1000 Connected Grid Routers allows remote SMTP servers to execute arbitrary code via a crafted reply, aka Bug IDs CSCtk00695, CSCts56633, CSCts56632, CSCts56628, CSCug14405, and CSCuf61322.

7.6
2014-05-30 CVE-2014-3780 Citrix Improper Authentication vulnerability in Citrix Vdi-In-A-Box

Unspecified vulnerability in Citrix VDI-In-A-Box 5.3.x before 5.3.8 and 5.4.x before 5.4.4 allows remote attackers to bypass authentication via unspecified vectors, related to a Java servlet.

7.5
2014-05-30 CVE-2013-6788 Bitrix Improper Authentication vulnerability in Bitrix E-Store Module

The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack.

7.5
2014-05-27 CVE-2013-5036 Squash Code Injection vulnerability in Squash Square Squash

The Square Squash allows remote attackers to execute arbitrary code via a YAML document in the (1) namespace parameter to the deobfuscation function or (2) sourcemap parameter to the sourcemap function in app/controllers/api/v1_controller.rb.

7.5
2014-05-27 CVE-2013-0724 Wpshopstyling Code Injection vulnerability in Wpshopstyling Wp-Ecommerce-Shop-Styling

PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before 1.8 allows remote attackers to execute arbitrary PHP code via a URL in the dompdf parameter.

7.5
2014-05-27 CVE-2014-3872 D Link SQL Injection vulnerability in D-Link Dap-1350 and Dap-1350 Firmware

Multiple SQL injection vulnerabilities in the administration login page in D-Link DAP-1350 (Rev.

7.5
2014-05-27 CVE-2014-3871 Geodesicsolutions SQL Injection vulnerability in Geodesicsolutions Geocore MAX 7.3.3

Multiple SQL injection vulnerabilities in register.php in Geodesic Solutions GeoCore MAX 7.3.3 (formerly GeoClassifieds and GeoAuctions) allow remote attackers to execute arbitrary SQL commands via the (1) c[password] or (2) c[username] parameter.

7.5
2014-05-30 CVE-2014-0907 IBM Local Privilege Escalation vulnerability in Multiple IBM DB2 Products

Multiple untrusted search path vulnerabilities in unspecified (1) setuid and (2) setgid programs in IBM DB2 9.5, 9.7 before FP9a, 9.8, 10.1 before FP3a, and 10.5 before FP3a on Linux and UNIX allow local users to gain root privileges via a Trojan horse library.

7.2
2014-05-26 CVE-2014-2200 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os

Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via an SSH session to a management interface, aka Bug ID CSCti11629.

7.1
2014-05-26 CVE-2013-1191 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco products

Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud88400.

7.1

86 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-05-29 CVE-2014-3414 Sharetronix Cross-Site Request Forgery (CSRF) vulnerability in Sharetronix 3.1.1/3.1.1.3/3.3

Cross-site request forgery (CSRF) vulnerability in Sharetronix before 3.4 allows remote attackers to hijack the authentication of administrators for requests that add administrative privileges to a user via the admin parameter to admin/administrators.

6.8
2014-05-27 CVE-2013-3477 Zemanta Cross-Site Request Forgery (CSRF) vulnerability in Zemanta Related Posts

Cross-site request forgery (CSRF) vulnerability in the Related Posts by Zemanta plugin before 1.3.2 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that change settings via unknown vectors.

6.8
2014-05-27 CVE-2013-2698 Kieranoshea Cross-Site Request Forgery (CSRF) vulnerability in Kieranoshea Calendar 1.3.2

Cross-site request forgery (CSRF) vulnerability in the Calendar plugin before 1.3.3 for WordPress allows remote attackers to hijack the authentication of users for requests that add a calendar entry via unspecified vectors.

6.8
2014-05-27 CVE-2014-2720 Izarc Code Injection vulnerability in Izarc 4.1.8

IZArc 4.1.8 displays a file's name on the basis of a ZIP archive's Central Directory entry, but launches this file on the basis of a ZIP archive's local file header, which allows user-assisted remote attackers to conduct file-extension spoofing attacks via a modified Central Directory, as demonstrated by unintended code execution prompted by a .jpg extension in the Central Directory and a .exe extension in the local file header.

6.8
2014-05-27 CVE-2014-0214 Moodle Improper Authentication vulnerability in Moodle

login/token.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 creates a MoodleMobile web-service token with an infinite lifetime, which makes it easier for remote attackers to hijack sessions via a brute-force attack.

6.8
2014-05-27 CVE-2014-0213 Moodle Cross-Site Request Forgery (CSRF) vulnerability in Moodle

Multiple cross-site request forgery (CSRF) vulnerabilities in mod/assign/locallib.php in the Assignment subsystem in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allow remote attackers to hijack the authentication of teachers for quick-grading requests.

6.8
2014-05-26 CVE-2014-3866 Usercake Cross-Site Request Forgery (CSRF) vulnerability in Usercake 2.0.1

Multiple cross-site request forgery (CSRF) vulnerabilities in user_settings.php in Usercake 2.0.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that change the (1) administrative password via the passwordc parameter or (2) administrative e-mail address via the email parameter.

6.8
2014-05-26 CVE-2014-3267 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Security Manager

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Security Manager 4.6 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make unspecified changes, aka Bug ID CSCuo46427.

6.8
2014-05-26 CVE-2014-3015 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Sametime Proxy Server and web Client 9.0.0.0/9.0.0.1

Cross-site request forgery (CSRF) vulnerability in the Web player in IBM Sametime Proxy Server and Web Client 9.0 through 9.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

6.8
2014-05-29 CVE-2014-3417 Jasig Permissions, Privileges, and Access Controls vulnerability in Jasig Uportal 4.0.13

uPortal before 4.0.13.1 does not properly check the CONFIG permission, which allows remote authenticated users to configure portlets by leveraging the SUBSCRIBE permission for a portlet.

6.5
2014-05-29 CVE-2014-3416 Jasig Permissions, Privileges, and Access Controls vulnerability in Jasig Uportal 4.0.13

uPortal before 4.0.13.1 does not properly check the MANAGE permissions, which allows remote authenticated users to manage arbitrary portlets by leveraging the SUBSCRIBE permission for the portlet-admin portlet.

6.5
2014-05-29 CVE-2014-3415 Sharetronix SQL Injection vulnerability in Sharetronix 3.1.1/3.1.1.3/3.3

SQL injection vulnerability in Sharetronix before 3.4 allows remote authenticated users to execute arbitrary SQL commands via the invite_users[] parameter to the /invite page for a group.

6.5
2014-05-26 CVE-2013-5465 IBM Permissions, Privileges, and Access Controls vulnerability in IBM products

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336, 7.5.x before 7.5.0.3 IFIX027, and 7.5.0.4 before IFIX011; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140207-1801, and 7.1.1.12 before IFIX.20140218-1510 do not properly restrict file types during uploads, which allows remote authenticated users to have an unspecified impact via an invalid type.

6.5
2014-05-26 CVE-2013-4016 IBM SQL Injection vulnerability in IBM products

SQL injection vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336, 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 before IFIX011, and 7.5.0.5 before IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140207-1801, and 7.1.1.12 before IFIX.20140218-1510 allows remote authenticated users to execute arbitrary SQL commands via a Birt report with a WHERE clause in plain text.

6.5
2014-05-26 CVE-2014-3275 Cisco SQL Injection vulnerability in Cisco Identity Services Engine Software

SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCul21337.

6.5
2014-05-30 CVE-2014-2352 Cogentdatahub Path Traversal vulnerability in Cogentdatahub Cogent Datahub

Directory traversal vulnerability in Cogent DataHub before 7.3.5 allows remote attackers to read arbitrary files of unspecified types, or cause a web-server denial of service, via a crafted pathname.

6.4
2014-05-30 CVE-2014-3865 Debian Path Traversal vulnerability in Debian Dpkg-Dev 1.3.0

Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with (1) missing --- and +++ header lines or (2) a +++ header line with a blank pathname.

6.4
2014-05-30 CVE-2014-3864 Debian Path Traversal vulnerability in Debian Dpkg-Dev 1.3.0

Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line.

6.4
2014-05-30 CVE-2014-3227 Debian Path Traversal vulnerability in Debian Dpkg

dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package.

6.4
2014-05-27 CVE-2013-2225 Glpi Project Remote PHP Code Execution vulnerability in GLPI 'unserialize()' Function

inc/ticket.class.php in GLPI 0.83.9 and earlier allows remote attackers to unserialize arbitrary PHP objects via the _predefined_fields parameter to front/ticket.form.php.

6.4
2014-05-27 CVE-2014-0240 Modwsgi Permissions, Privileges, and Access Controls vulnerability in Modwsgi MOD Wsgi

The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.

6.2
2014-05-26 CVE-2014-0849 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Maximo Asset Management and Smartcloud Control Desk

IBM Maximo Asset Management 7.x before 7.5.0.3 IFIX027 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to gain privileges by leveraging membership in two security groups.

6.0
2014-05-26 CVE-2013-5464 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Maximo Asset Management and Smartcloud Control Desk

IBM Maximo Asset Management 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 before IFIX011, and 7.5.0.5 before IFIX006 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to bypass intended access restrictions, and modify physical counts associated with restricted storerooms, via unspecified vectors.

6.0
2014-05-26 CVE-2014-3272 Cisco Improper Input Validation vulnerability in Cisco Tidal Enterprise Scheduler

The Agent in Cisco Tidal Enterprise Scheduler (TES) 6.1 and earlier allows local users to gain privileges via crafted Tidal Job Buffers (TJB) parameters, aka Bug ID CSCuo33074.

6.0
2014-05-31 CVE-2014-3793 Vmware Local Privilege Escalation vulnerability in Multiple VMware Products

VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors.

5.8
2014-05-29 CVE-2014-3283 Cisco Improper Input Validation vulnerability in Cisco Unified Communications Domain Manager

Open redirect vulnerability in Self-Care Client Portal applications in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCun79731.

5.8
2014-05-27 CVE-2012-5662 Paul Mattes Cryptographic Issues vulnerability in Paul Mattes X3270

x3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

5.8
2014-05-26 CVE-2014-0878 IBM Cryptographic Issues vulnerability in IBM Java SDK

The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output.

5.8
2014-06-01 CVE-2014-3925 Canonical
Redhat
Credentials Management vulnerability in multiple products

sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.

5.0
2014-06-01 CVE-2014-0238 PHP Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in PHP

The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.

5.0
2014-06-01 CVE-2014-0237 PHP Resource Management Errors vulnerability in PHP

The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.

5.0
2014-05-31 CVE-2014-0095 Apache Improper Input Validation vulnerability in Apache Tomcat 8.0.0/8.0.1/8.0.3

java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a "Content-Length: 0" AJP request to trigger a hang in request processing.

5.0
2014-05-31 CVE-2014-0075 Apache Numeric Errors vulnerability in Apache Tomcat

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.

5.0
2014-05-30 CVE-2014-2354 Cogentdatahub Credentials Management vulnerability in Cogentdatahub Cogent Datahub

Cogent DataHub before 7.3.5 does not use a salt during password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.

5.0
2014-05-30 CVE-2014-2342 Trianglemicroworks Improper Input Validation vulnerability in Trianglemicroworks Scada Data Gateway

Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial of service (excessive data processing) via a crafted DNP3 packet.

5.0
2014-05-30 CVE-2013-5919 Openinfosecfoundation
Suricata IDS
Improper Input Validation vulnerability in multiple products

Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a malformed SSL record.

5.0
2014-05-30 CVE-2012-5877 Nero Denial of Service vulnerability in Nero Mediahome 2.5.5.0

Nero MediaHome 4.5.8.0 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an HTTP header without a name.

5.0
2014-05-30 CVE-2012-5876 Nero Numeric Errors vulnerability in Nero Mediahome 2.5.5.0

Multiple off-by-one errors in NMMediaServerService.dll in Nero MediaHome 4.5.8.0 and earlier allow remote attackers to cause a denial of service (crash) via a long string in the (1) request line or (2) HTTP Referer header to TCP port 54444, which triggers a heap-based buffer overflow.

5.0
2014-05-30 CVE-2012-5572 Dancer Improper Input Validation vulnerability in Dancer

CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CVE-2012-5526.

5.0
2014-05-29 CVE-2014-3285 Cisco Improper Input Validation vulnerability in Cisco Wide Area Application Services

Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when SharePoint acceleration is enabled, does not properly parse SharePoint responses, which allows remote attackers to cause a denial of service (application-optimization handler reload) via a crafted SharePoint application, aka Bug ID CSCue47674.

5.0
2014-05-29 CVE-2014-3279 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Communications Domain Manager

The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote attackers to enumerate account names via a crafted URL, aka Bug IDs CSCun39631 and CSCun39643.

5.0
2014-05-29 CVE-2013-4178 Google Authenticator Login Project
Drupal
Improper Authentication vulnerability in Google Authenticator Login Project GA Login

The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to obtain access by replaying the username, password, and one-time password (OTP).

5.0
2014-05-29 CVE-2013-4177 Google Authenticator Login Project
Drupal
Permissions, Privileges, and Access Controls vulnerability in Google Authenticator Login Project GA Login

The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal does not properly identify user account names, which might allow remote attackers to bypass the two-factor authentication requirement via unspecified vectors.

5.0
2014-05-29 CVE-2013-0199 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Freeipa

The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote attackers to obtain the Cross-Realm Kerberos Trust key via unspecified vectors.

5.0
2014-05-29 CVE-2012-4915 Davistribe
Wordpress
Path Traversal vulnerability in Davistribe Google DOC Embedder

Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a ..

5.0
2014-05-28 CVE-2014-0239 Samba Improper Input Validation vulnerability in Samba

The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.

5.0
2014-05-27 CVE-2013-4598 Groups Communities AND CO Project Permissions, Privileges, and Access Controls vulnerability in Groups Communities and CO Project GCC 7.X1.0/7.X1.1/7.X1.X

The Groups, Communities and Co (GCC) module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permission, which allows remote attackers to access the configuration pages via unspecified vectors.

5.0
2014-05-27 CVE-2013-2125 Openbsd Cryptographic Issues vulnerability in Openbsd Opensmtpd 5.3.1

OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open.

5.0
2014-05-27 CVE-2013-2111 Dovecot Improper Input Validation vulnerability in Dovecot

The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via invalid APPEND parameters.

5.0
2014-05-27 CVE-2013-1883 Mantisbt Improper Input Validation vulnerability in Mantisbt 1.2.12/1.2.13/1.2.14

Mantis Bug Tracker (aka MantisBT) 1.2.12 before 1.2.15 allows remote attackers to cause a denial of service (resource consumption) via a filter using a criteria, text search, and the "any condition" match type.

5.0
2014-05-27 CVE-2012-6452 Axway Improper Authentication vulnerability in Axway Email Firewall and Secure Messenger

Axway Secure Messenger before 6.5 Updated Release 7, as used in Axway Email Firewall, provides different responses to authentication requests depending on whether the user exists, which allows remote attackers to enumerate users via a series of requests.

5.0
2014-05-27 CVE-2014-0216 Moodle Permissions, Privileges, and Access Controls vulnerability in Moodle

The My Home implementation in the block_html_pluginfile function in blocks/html/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 does not properly restrict file access, which allows remote attackers to obtain sensitive information by visiting an HTML block.

5.0
2014-05-26 CVE-2014-3867 IBM Information Exposure vulnerability in IBM Sametime

The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, a different vulnerability than CVE-2013-3984.

5.0
2014-05-26 CVE-2013-3982 IBM Information Exposure vulnerability in IBM Sametime

The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to obtain unspecified installation information and technical data via a request to a public page.

5.0
2014-05-26 CVE-2013-3981 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Sametime

The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to download avatar photos of arbitrary users via unspecified vectors.

5.0
2014-05-26 CVE-2013-3980 IBM Improper Input Validation vulnerability in IBM Sametime

The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to cause a denial of service (room unusability) by generating a large number of fictitious users to enter a meeting room.

5.0
2014-05-26 CVE-2013-3975 IBM Information Disclosure vulnerability in IBM Sametime Meeting Server

Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to discover user names, full names, and e-mail addresses via a search.

5.0
2014-05-26 CVE-2012-6647 Linux Improper Input Validation vulnerability in Linux Kernel

The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that calls have two different futex addresses, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted FUTEX_WAIT_REQUEUE_PI command.

4.9
2014-05-31 CVE-2014-0119 Apache Permissions, Privileges, and Access Controls vulnerability in Apache Tomcat

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.

4.3
2014-05-31 CVE-2014-0099 Apache Numeric Errors vulnerability in Apache Tomcat

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.

4.3
2014-05-31 CVE-2014-0096 Apache Permissions, Privileges, and Access Controls vulnerability in Apache Tomcat

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

4.3
2014-05-30 CVE-2014-2353 Cogentdatahub Cross-Site Scripting vulnerability in Cogentdatahub Cogent Datahub

Cross-site scripting (XSS) vulnerability in Cogent DataHub before 7.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-05-30 CVE-2014-3010 IBM Cross-Site Scripting vulnerability in IBM Websphere Service Registry and Repository

Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.2, 6.3 before 6.3.0.6, 7.0 before 7.0.0.6, 7.5 before 7.5.0.5, and 8.0 before 8.0.0.3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

4.3
2014-05-30 CVE-2014-3924 Webmin Cross-Site Scripting vulnerability in Webmin Userwin and Webmin

Multiple cross-site scripting (XSS) vulnerabilities in Webmin before 1.690 and Usermin before 1.600 allow remote attackers to inject arbitrary web script or HTML via vectors related to popup windows.

4.3
2014-05-30 CVE-2014-3923 Digitalzoomstudio Cross-Site Scripting vulnerability in Digitalzoomstudio Video Gallery

Multiple cross-site scripting (XSS) vulnerabilities in the Digital Zoom Studio (DZS) Video Gallery plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the logoLink parameter to (1) preview.swf, (2) preview_skin_rouge.swf, (3) preview_allchars.swf, or (4) preview_skin_overlay.swf in deploy/.

4.3
2014-05-30 CVE-2014-3922 Trendmicro Cross-Site Scripting vulnerability in Trendmicro Interscan Messaging Security Virtual Appliance 8.5.1.1516

Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8.5.1.1516 allows remote authenticated users to inject arbitrary web script or HTML via the addWhiteListDomainStr parameter to addWhiteListDomain.imss.

4.3
2014-05-30 CVE-2014-3921 Simple Popup Project Cross-Site Scripting vulnerability in Simple Popup Project Simple Popup

Cross-site scripting (XSS) vulnerability in popup.php in the Simple Popup Images plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the z parameter.

4.3
2014-05-29 CVE-2014-0246 Sosreport Project Credentials Management vulnerability in Sosreport Project Sosreport

SOSreport stores the md5 hash of the GRUB bootloader password in an archive, which allows local users to obtain sensitive information by reading the archive.

4.3
2014-05-29 CVE-2013-2193 Apache Improper Authentication vulnerability in Apache Hbase

Apache HBase 0.92.x before 0.92.3 and 0.94.x before 0.94.9, when the Kerberos features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via unspecified vectors.

4.3
2014-05-27 CVE-2013-2124 Libguestfs Local Denial of Service vulnerability in libguestfs 'inspect-fs.c' Double Free

Double free vulnerability in inspect-fs.c in LibguestFS 1.20.x before 1.20.7, 1.21.x, 1.22.0, and 1.23.0 allows remote attackers to cause a denial of service (crash) via empty guest files.

4.3
2014-05-27 CVE-2014-3870 Bib2Html Project Cross-Site Scripting vulnerability in Bib2Html Project Bib2Html 0.9.3

Cross-site scripting (XSS) vulnerability in the bib2html plugin 0.9.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the styleShortName parameter in an adminStyleAdd action to OSBiB/create/index.php.

4.3
2014-05-27 CVE-2014-0218 Moodle Cross-Site Scripting vulnerability in Moodle

Cross-site scripting (XSS) vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-05-27 CVE-2014-0217 Moodle Information Exposure vulnerability in Moodle 2.6.0/2.6.1/2.6.2

enrol/index.php in Moodle 2.6.x before 2.6.3 does not check for the moodle/course:viewhiddencourses capability before listing hidden courses, which allows remote attackers to obtain sensitive name and summary information about these courses by leveraging the guest role and visiting a crafted URL.

4.3
2014-05-26 CVE-2014-0893 IBM Cross-Site Scripting vulnerability in IBM Maximo Asset Management and Smartcloud Control Desk

Cross-site scripting (XSS) vulnerability in customreport.jsp in IBM Maximo Asset Management 7.5.x before 7.5.0.5 IFIX006 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified parameters.

4.3
2014-05-26 CVE-2012-3333 IBM HTTP Response Splitting vulnerability in IBM Maximo Asset Management and Smartcloud Control Desk

CRLF injection vulnerability in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted parameter in a URL.

4.3
2014-05-26 CVE-2014-0906 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Sametime

The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not check whether a session cookie is current, which allows remote attackers to conduct user-search actions by leveraging possession of a (1) expired or (2) invalidated cookie.

4.3
2014-05-26 CVE-2013-3977 IBM Improper Authentication vulnerability in IBM Sametime

The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to determine which meeting rooms are owned by a user by leveraging knowledge of valid user names.

4.3
2014-05-26 CVE-2013-3046 IBM Improper Authentication vulnerability in IBM Sametime

The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not send the HSTS Strict-Transport-Security header, which makes it easier for man-in-the-middle attackers to hijack sessions or obtain sensitive information by leveraging the presence of HTTP requests.

4.3
2014-05-26 CVE-2014-3274 Cisco Cryptographic Issues vulnerability in Cisco Telepresence System Software

Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326.

4.3
2014-05-26 CVE-2014-3266 Cisco Cross-Site Scripting vulnerability in Cisco Security Manager

Cross-site scripting (XSS) vulnerability in the web framework in Cisco Security Manager 4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun65189.

4.3
2014-05-26 CVE-2013-6714 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Storage Flashcopy Manager

The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0.1 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (data overwrite or disk consumption) via unspecified GUI actions.

4.1
2014-05-26 CVE-2013-6713 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Storage Manager for Virtual Environments

The Data Protection for VMware component in IBM Tivoli Storage Manager for Virtual Environments (TSMVE) 6.3 through 7.1.0.2 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (disk consumption) via unspecified GUI actions.

4.1
2014-05-29 CVE-2014-3282 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Communications Domain Manager

The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive number-translation information by leveraging Location Administrator privileges and entering a crafted URL, aka Bug ID CSCum76930.

4.0
2014-05-29 CVE-2014-3277 Cisco Improper Authentication vulnerability in Cisco Unified Communications Domain Manager

The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive user and group information by leveraging Location Administrator privileges and entering a crafted URL, aka Bug ID CSCum77005.

4.0
2014-05-27 CVE-2014-0215 Moodle Information Exposure vulnerability in Moodle

The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by (1) using a screen reader or (2) reading the HTML source.

4.0
2014-05-26 CVE-2014-3276 Cisco Resource Management Errors vulnerability in Cisco Identity Services Engine Software

Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier does not properly handle deadlock conditions during reception of crafted RADIUS accounting packets from multiple NAS devices, which allows remote authenticated users to cause a denial of service (RADIUS outage) by sourcing these packets from two origins, aka Bug ID CSCuo56780.

4.0

18 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-05-27 CVE-2014-0177 HUB Project Cryptographic Issues vulnerability in HUB Project HUB 1.12.0

The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.

3.6
2014-05-30 CVE-2014-0925 IBM Open Redirection vulnerability in IBM Sterling Control Center 5.4.0/5.4.0.1/5.4.1.0

Open redirect vulnerability in IBM Sterling Control Center 5.4.0 before 5.4.0.1 iFix 3 and 5.4.1 before 5.4.1.0 iFix 2 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

3.5
2014-05-28 CVE-2014-0178 Samba Information Disclosure vulnerability in Samba Uninitialized Memory

Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request.

3.5
2014-05-27 CVE-2014-3840 Mayan Edms Cross-Site Scripting vulnerability in Mayan-Edms Mayan Edms 0.13

Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_form_title.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a (1) tag or the (2) title of a source in a Staging folder, (3) Name field in a bootstrap setup, or Title field in a (4) smart link or (5) web form.

3.5
2014-05-26 CVE-2014-0825 IBM Cross-Site Scripting vulnerability in IBM products

Cross-site scripting (XSS) vulnerability in openreport.jsp in IBM Maximo Asset Management 7.x before 7.1.1.12 IFIX.20140321-1336 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.x before 7.1.1.12 IFIX.20140218-1510 allows remote authenticated users to inject arbitrary web script or HTML via a crafted report parameter.

3.5
2014-05-26 CVE-2014-0824 IBM Cross-Site Scripting vulnerability in IBM products

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.8 LAFIX.20140319-0839 and 7.1.1.12 before IFIX.20140321-1336 and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.x before 7.1.1.8 LAFIX.20140319-0839 and 7.1.1.12 before IFIX.20140218-1510 allows remote authenticated users to inject arbitrary web script or HTML via an attachment URL.

3.5
2014-05-26 CVE-2013-6741 IBM Information Exposure vulnerability in IBM products

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.x before 7.1.1.7 LAFIX.20140319-0837 allow remote authenticated users to obtain potentially sensitive stack-trace information by triggering a Birt error.

3.5
2014-05-26 CVE-2013-5460 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Maximo Asset Management and Smartcloud Control Desk

IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to bypass intended access restrictions, and read communication logs associated with unrelated records, via unspecified vectors.

3.5
2014-05-26 CVE-2013-2998 IBM Information Exposure vulnerability in IBM Maximo Asset Management and Smartcloud Control Desk

frontcontroller.jsp in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote authenticated users to obtain sensitive information via an invalid action_code.

3.5
2014-05-26 CVE-2014-3014 IBM Cross-Site Scripting vulnerability in IBM Sametime

Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5
2014-05-26 CVE-2013-3984 IBM Information Exposure vulnerability in IBM Sametime

The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

2.9
2014-05-30 CVE-2014-2343 Trianglemicroworks Improper Input Validation vulnerability in Trianglemicroworks Scada Data Gateway

Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to cause a denial of service (excessive data processing) via a crafted DNP request over a serial line.

2.1
2014-05-30 CVE-2014-0202 Redhat Credentials Management vulnerability in Redhat Rhevm-Dwh

The setup script in ovirt-engine-dwh, as used in the Red Hat Enterprise Virtualization Manager data warehouse (rhevm-dwh) package before 3.3.3, stores the history database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file.

2.1
2014-05-30 CVE-2013-4143 David Bagley NULL Pointer Dereference Local Denial of Service vulnerability in xlockmore

The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemented in glibc 2.17 and later, which allows attackers to bypass the screen lock via vectors related to invalid salts.

2.1
2014-05-30 CVE-2012-5560 Mate Desktop Permissions, Privileges, and Access Controls vulnerability in Mate-Desktop Mate-Settings-Daemon 1.5.3

The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone for the system via a crafted D-Bus call.

2.1
2014-05-29 CVE-2014-0201 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Rhevm-Reports

ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package (rhevm-reports) before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files.

2.1
2014-05-29 CVE-2014-0200 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Rhevm-Reports

The Red Hat Enterprise Virtualization Manager reports (rhevm-reports) package before 3.3.3-1 uses world-readable permissions on the datasource configuration file (js-jboss7-ds.xml), which allows local users to obtain sensitive information by reading the file.

2.1
2014-05-29 CVE-2014-0199 Redhat Cryptographic Issues vulnerability in Redhat Rhevm-Reports

The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports (rhevm-reports) package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file.

2.1