Weekly Vulnerabilities Reports > June 2 to 8, 2014

Overview

133 new vulnerabilities reported during this period, including 10 critical vulnerabilities and 30 high severity vulnerabilities. This weekly summary report vulnerabilities in 149 products from 77 vendors including Owncloud, Redhat, IBM, Typo3, and Fedoraproject. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Code Injection", and "Information Exposure".

  • 116 reported vulnerabilities are remotely exploitables.
  • 14 reported vulnerabilities have public exploit available.
  • 35 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 108 reported vulnerabilities are exploitable by an anonymous user.
  • Owncloud has the most reported vulnerabilities, with 20 reported vulnerabilities.
  • ROM Walton has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

10 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-06-06 CVE-2014-3984 Libav Security vulnerability in Libav

Multiple unspecified vulnerabilities in Libav before 0.8.12 allow remote attackers to have unknown impact and vectors.

10.0
2014-06-06 CVE-2012-5390 Condor Project Permissions, Privileges, and Access Controls vulnerability in Condor Project Condor

The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.

10.0
2014-06-04 CVE-2014-3913 Ericom Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ericom Accessnow Server

Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow Server allows remote attackers to execute arbitrary code via a request for a non-existent file.

10.0
2014-06-02 CVE-2014-3936 D Link Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in D-Link products

Stack-based buffer overflow in the do_hnap function in www/my_cgi.cgi in D-Link DSP-W215 (Rev.

10.0
2014-06-06 CVE-2013-2602 Myheritage Remote Security vulnerability in Myheritage Sequeryobject Activex Control 1.0.2.0

Multiple array index errors in the MyHeritage SEQueryObject ActiveX control (SearchEngineQuery.dll) 1.0.2.0 allow remote attackers to execute arbitrary code via the (1) seTokensArray, or (2) seTokensValuesArray parameter to the AddTokens method; (3) seLastNameTokensArray parameter to the AddLastNameTokens method; (4) seFrameIdArray, (5) seSourceIdArray, (6) seHasBreakdownArray, (7) seIsIndexedArray, (8) seAllConcatArray, (9) seRefererURLArray, or (10) seMandatoryFieldsArray parameter to the AddMultipleSearches method; (11) seSourceIdArray, (12) seIsIndexedArray, (13) seAllConcatArray, (14) seRefererURLArray, (15) seQATestsArray, (16) seAllSourceIDsArray, (17) seAllSourceTitlesArray, (18) seMandatoryFieldsArray, or (19) seAllSourceRootURLArray parameter to the TestYourself method.

9.3
2014-06-05 CVE-2013-0733 Corel DLL Loading Arbitrary Code Execution vulnerability in Corel PaintShop Pro X5 and X6 'dwmapi.dll'

Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 16.0.0.113, 15.2.0.2, and earlier allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .jpg file.

9.3
2014-06-05 CVE-2014-3912 Samsung Buffer Errors vulnerability in Samsung Ipolis Device Manager 1.8.2

Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value.

9.3
2014-06-02 CVE-2013-2298 ROM Walton Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in ROM Walton Boinc

Multiple stack-based buffer overflows in the XML parser in BOINC 7.x allow attackers to have unspecified impact via a crafted XML file, related to the scheduler.

9.3
2014-06-02 CVE-2013-2019 ROM Walton Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in ROM Walton Boinc 6.10.58/6.12.34

Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote attackers to have unspecified impact via multiple file_signature elements.

9.3
2014-06-02 CVE-2014-2959 Dell
Quantum
OS Command Injection vulnerability in multiple products

logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote attackers to execute arbitrary commands via shell metacharacters in a pathname parameter.

9.0

30 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-06-08 CVE-2014-2507 EMC OS Command Injection vulnerability in EMC Documentum Content Server

EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to unspecified methods.

8.5
2014-06-08 CVE-2014-2506 EMC Permissions, Privileges, and Access Controls vulnerability in EMC Documentum Content Server

EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to obtain super-user privileges for system-object creation, and bypass intended restrictions on data access and server actions, via unspecified vectors.

8.5
2014-06-05 CVE-2013-4860 Radiothermostat Permissions, Privileges, and Access Controls vulnerability in Radiothermostat products

Radio Thermostat CT80 And CT50 with firmware 1.4.64 and earlier does not restrict access to the API, which allows remote attackers to change the operation mode, wifi connection settings, temperature thresholds, and other settings via unspecified vectors.

8.3
2014-06-05 CVE-2014-1997 Aten Denial of Service vulnerability in Aten Cn8000 and Cn8000 Firmware

The ATEN CN8000 remote-access unit with firmware 1.6.154 and earlier allows remote attackers to cause a denial of service via unspecified vectors.

7.8
2014-06-02 CVE-2013-6433 Openstack
Canonical
Permissions, Privileges, and Access Controls vulnerability in multiple products

The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file.

7.6
2014-06-08 CVE-2014-2508 EMC Improper Input Validation vulnerability in EMC Documentum Content Server

EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended restrictions on database actions via vectors involving DQL hints.

7.5
2014-06-06 CVE-2014-2503 EMC Improper Input Validation vulnerability in EMC Documentum Digital Asset Manager 6.5

The thumbnail proxy server in EMC Documentum Digital Asset Manager (DAM) 6.5 SP3, 6.5 SP4, 6.5 SP5, and 6.5 SP6 before P13 allows remote attackers to conduct Documentum Query Language (DQL) injection attacks and bypass intended restrictions on querying objects via a crafted parameter in a query string.

7.5
2014-06-05 CVE-2014-3468 GNU
Redhat
Debian
Suse
F5
Incorrect Calculation of Buffer Size vulnerability in multiple products

The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.

7.5
2014-06-05 CVE-2014-3973 Frontaccounting SQL Injection vulnerability in Frontaccounting

Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2014-06-05 CVE-2014-2051 Owncloud Code Injection vulnerability in Owncloud

ownCloud Server before 5.0.15 and 6.0.x before 6.0.2 allows remote attackers to conduct an LDAP injection attack via unspecified vectors, as demonstrated using a "login query."

7.5
2014-06-04 CVE-2012-6143 Ingy Code Injection vulnerability in Ingy Spoon 0.24

Spoon::Cookie in the Spoon module 0.24 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized.

7.5
2014-06-04 CVE-2012-6142 Jochen Wiedmann Code Injection vulnerability in Jochen Wiedmann Html::Ep 0.2011

Session::Cookie in the HTML::EP module 0.2011 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized.

7.5
2014-06-04 CVE-2012-6141 Stephen Adkins Code Injection vulnerability in Stephen Adkins App::Context

The App::Context module 0.01 through 0.968 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request to (1) App::Session::Cookie or (2) App::Session::HTMLHidden, which is not properly handled when it is deserialized.

7.5
2014-06-04 CVE-2014-3962 Videos Tube Project SQL Injection vulnerability in Videos Tube Project Videos Tube 1.0

Multiple SQL injection vulnerabilities in Videos Tube 1.0 allow remote attackers to execute arbitrary SQL commands via the url parameter to (1) videocat.php or (2) single.php.

7.5
2014-06-04 CVE-2014-3961 Xnau SQL Injection vulnerability in Xnau Participants Database

SQL injection vulnerability in the Export CSV page in the Participants Database plugin before 1.5.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the query parameter in an "output CSV" action to pdb-signup/.

7.5
2014-06-04 CVE-2014-3834 Owncloud Permissions, Privileges, and Access Controls vulnerability in Owncloud

ownCloud Server before 6.0.3 does not properly check permissions, which allows remote authenticated users to (1) access the contacts of other users via the address book or (2) rename files via unspecified vectors.

7.5
2014-06-04 CVE-2014-2056 Owncloud
Phpdocx
XML External Entity Injection vulnerability in ownCloud

PHPDocX, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

7.5
2014-06-04 CVE-2014-2055 Fruux
Owncloud
XML External Entity Injection vulnerability in SabreDAV

SabreDAV before 1.7.11, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

7.5
2014-06-04 CVE-2014-2054 Owncloud
Phpexcel Project
XML External Entity Information Disclosure vulnerability in PHPExcel

PHPExcel before 1.8.0, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, does not disable external entity loading in libxml, which allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

7.5
2014-06-04 CVE-2014-2053 Getid3
Owncloud
XML External Entity Injection vulnerability in ownCloud

getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

7.5
2014-06-02 CVE-2014-3937 Ajaydsouza SQL Injection vulnerability in Ajaydsouza Contextual Related Posts

SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2014-06-02 CVE-2013-1412 Dleviet Code Injection vulnerability in Dleviet Datalife Engine 9.7

DataLife Engine (DLE) 9.7 allows remote attackers to execute arbitrary PHP code via the catlist[] parameter to engine/preview.php, which is used in a preg_replace function call with an e modifier.

7.5
2014-06-02 CVE-2013-1397 Sensiolabs Code Injection vulnerability in Sensiolabs Symfony

Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348.

7.5
2014-06-02 CVE-2013-1348 Sensiolabs Code Injection vulnerability in Sensiolabs Symfony

The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397.

7.5
2014-06-02 CVE-2014-3935 Xoops SQL Injection vulnerability in Xoops Glossaire Module 1.0

SQL injection vulnerability in glossaire-aff.php in the Glossaire module 1.0 for XOOPS allows remote attackers to execute arbitrary SQL commands via the lettre parameter.

7.5
2014-06-02 CVE-2014-3934 Phpnuke SQL Injection vulnerability in PHPnuke PHP-Nuke and Submit News Module

SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 allows remote attackers to execute arbitrary SQL commands via the topics[] parameter to modules.php.

7.5
2014-06-02 CVE-2014-3932 Cososys SQL Injection vulnerability in Cososys Endpoint Protector 4.3.0.4/4.4.0.2

SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.

7.5
2014-06-05 CVE-2014-3969 XEN Permissions, Privileges, and Access Controls vulnerability in XEN 4.4.0

Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors.

7.4
2014-06-07 CVE-2014-3153 Linux
Redhat
Opensuse
Suse
Improper Privilege Management vulnerability in multiple products

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

7.2
2014-06-05 CVE-2014-2345 Copadata Improper Input Validation vulnerability in Copadata Zenon Dnp3 NG Driver and Zenon Dnp3 Process Gateway

COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through 7.11 SP0 build 10238 and zenon DNP3 Process Gateway (DNP3 outstation) 7.11 SP0 build 10238 and earlier allow remote attackers to cause a denial of service (infinite loop and process crash) by sending a crafted DNP3 packet over TCP.

7.1

83 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-06-08 CVE-2014-3977 IBM Link Following vulnerability in IBM AIX and Vios

libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

6.9
2014-06-05 CVE-2014-0195 Openssl
Redhat
Fedoraproject
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.

6.8
2014-06-04 CVE-2014-3836 Owncloud Cross-Site Request Forgery (CSRF) vulnerability in Owncloud

Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud Server before 6.0.3 allow remote attackers to hijack the authentication of users for requests that (1) conduct cross-site scripting (XSS) attacks, (2) modify files, or (3) rename files via unspecified vectors.

6.8
2014-06-03 CVE-2014-3466 GNU Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GNU Gnutls

Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.

6.8
2014-06-02 CVE-2014-2946 Huawei Cross-Site Request Forgery (CSRF) vulnerability in Huawei E303 Modem, E303 Modem Firmware and Webui

Cross-site request forgery (CSRF) vulnerability in api/sms/send-sms in the Web UI 11.010.06.01.858 on Huawei E303 modems with software 22.157.18.00.858 allows remote attackers to hijack the authentication of administrators for requests that perform API operations and send SMS messages via a request element in an XML document.

6.8
2014-06-02 CVE-2013-7387 Dleviet Unspecified vulnerability in Dleviet Datalife Engine 9.7

Session fixation vulnerability in DataLife Engine (DLE) 9.7 and earlier allows remote attackers to hijack web sessions via the PHPSESSID cookie.

6.8
2014-06-02 CVE-2013-3476 Zemanta Cross-Site Request Forgery (CSRF) vulnerability in Zemanta Related Posts

Cross-site request forgery (CSRF) vulnerability in the WordPress Related Posts plugin before 2.6.2 for WordPress allows remote attackers to hijack the authentication of users for requests that change settings via unspecified vectors.

6.8
2014-06-02 CVE-2013-3258 Bufferapp Cross-Site Request Forgery (CSRF) vulnerability in Bufferapp Digg

Cross-site request forgery (CSRF) vulnerability in he Digg Digg plugin before 5.3.5 for WordPress allows remote attackers to hijack the authentication of users for requests that modify settings via unspecified vectors.

6.8
2014-06-02 CVE-2013-3257 Zemanta Cross-Site Request Forgery (CSRF) vulnerability in Zemanta Related Posts

Cross-site request forgery (CSRF) vulnerability in the Related Posts plugin before 2.7.2 for WordPress allows remote attackers to hijack the authentication of users for requests that modify settings via unspecified vectors.

6.8
2014-06-02 CVE-2013-2710 Ajaydsouza Cross-Site Request Forgery (CSRF) vulnerability in Ajaydsouza Contextual Related Posts

Cross-site request forgery (CSRF) vulnerability in the Contextual Related Posts plugin before 1.8.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via unspecified vectors.

6.8
2014-06-02 CVE-2012-5395 Mediawiki Session Fixation vulnerability in MediaWiki CentralAuth Extension

Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centralauth_Session cookie.

6.8
2014-06-02 CVE-2012-5391 Mediawiki Session Fixation vulnerability in MediaWiki

Session fixation vulnerability in Special:UserLogin in MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the session_id.

6.8
2014-06-06 CVE-2014-2575 Devexpress Path Traversal vulnerability in Devexpress Aspxfilemanager Control FOR Webforms and MVC

Directory traversal vulnerability in the File Manager component in DevExpress ASPxFileManager Control for ASP.NET WebForms and MVC before 13.1.10 and 13.2.x before 13.2.9 allows remote authenticated users to read or write arbitrary files via a ..

6.5
2014-06-08 CVE-2014-3048 IBM Local Privilege Escalation vulnerability in IBM products

Unspecified vulnerability on the IBM System Storage Virtualization Engine TS7700 allows local users to gain privileges by leveraging the TSSC service-user role to enter a crafted SSH command.

6.0
2014-06-08 CVE-2014-0929 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Connections

Cross-site request forgery (CSRF) vulnerability in the Profiles component in IBM Connections through 3.0.1.1 CR3 allows remote authenticated users to hijack the authentication of arbitrary users for requests that trigger follow actions.

6.0
2014-06-08 CVE-2014-0961 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Identity Manager and Tivoli Identity Manager

Cross-site request forgery (CSRF) vulnerability in IBM Tivoli Identity Manager (ITIM) 5.0 before 5.0.0.15 and 5.1 before 5.1.0.15 and IBM Security Identity Manager (ISIM) 6.0 before 6.0.0.2 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

6.0
2014-06-03 CVE-2014-3942 Typo3 Code Injection vulnerability in Typo3

The Color Picker Wizard component in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, and 6.1.0 before 6.1.9 allows remote authenticated editors to execute arbitrary PHP code via a serialized PHP object.

6.0
2014-06-06 CVE-2012-5583 Apereo Cryptographic Issues vulnerability in Apereo PHPcas

phpCAS before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

5.8
2014-06-05 CVE-2014-0224 Openssl
Redhat
Fedoraproject
Opensuse
Filezilla Project
Siemens
Inadequate Encryption Strength vulnerability in multiple products

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.

5.8
2014-06-03 CVE-2014-3944 Typo3 Improper Authentication vulnerability in Typo3

The Authentication component in TYPO3 6.2.0 before 6.2.3 does not properly invalidate timed out user sessions, which allows remote attackers to bypass authentication via unspecified vectors.

5.8
2014-06-02 CVE-2013-4596 Danielkorte Permissions, Privileges, and Access Controls vulnerability in Danielkorte Nodeaccesskeys 7.X1.0

The Node Access Keys module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote attackers to bypass access restrictions via a node listing.

5.8
2014-06-08 CVE-2014-3291 Cisco Improper Input Validation vulnerability in Cisco Wireless LAN Controller

Cisco Wireless LAN Controller (WLC) devices allow remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a zero value in Cisco Discovery Protocol packet data that is not properly handled during SNMP polling, aka Bug ID CSCuo12321.

5.7
2014-06-05 CVE-2014-3968 XEN
Opensuse
Denial of Service vulnerability in Xen

The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged.

5.5
2014-06-05 CVE-2014-3967 XEN
Opensuse
Denial of Service vulnerability in Xen 'HVM MSI injection'

The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.

5.5
2014-06-04 CVE-2014-3835 Owncloud Permissions, Privileges, and Access Controls vulnerability in Owncloud

ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not check permissions to the files_external application, which allows remote authenticated users to add external storage via unspecified vectors.

5.5
2014-06-08 CVE-2014-3286 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Webex Meetings Server

The web framework in Cisco WebEx Meeting Server does not properly restrict the content of reply messages, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug IDs CSCuj81685, CSCuj81688, CSCuj81665, CSCuj81744, and CSCuj81661.

5.0
2014-06-08 CVE-2014-3281 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Communications Domain Manager

The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly implement access control, which allows remote attackers to obtain potentially sensitive user information by visiting an unspecified BVSMWeb web page, aka Bug IDs CSCun46071 and CSCun46101.

5.0
2014-06-08 CVE-2014-3278 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Communications Domain Manager

The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly implement access control, which allows remote attackers to enumerate accounts by visiting an unspecified BVSMWeb web page, aka Bug IDs CSCun39619 and CSCun45572.

5.0
2014-06-06 CVE-2013-4728 Ddsn Information Exposure vulnerability in Ddsn CM3 Acora Content Management System

DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to obtain sensitive information via a ..

5.0
2014-06-06 CVE-2013-4727 Ddsn Information Exposure vulnerability in Ddsn CM3 Acora Content Management System

DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to obtain sensitive information via a request to Admin/top.aspx.

5.0
2014-06-06 CVE-2013-4725 Ddsn Information Exposure vulnerability in Ddsn CM3 Acora Content Management System

DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

5.0
2014-06-06 CVE-2013-4724 Ddsn Information Exposure vulnerability in Ddsn CM3 Acora Content Management System

DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

5.0
2014-06-06 CVE-2013-0250 Corosync Unspecified vulnerability in Corosync

The init_nss_hash function in exec/totemcrypto.c in Corosync 2.0 before 2.3 does not properly initialize the HMAC key, which allows remote attackers to cause a denial of service (crash) via a crafted packet.

5.0
2014-06-05 CVE-2014-3469 GNU
Redhat
Debian
Suse
Null Pointer Dereference vulnerability in multiple products

The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.

5.0
2014-06-05 CVE-2014-3467 GNU
Redhat
Debian
Suse
F5
Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.
5.0
2014-06-05 CVE-2013-3739 Network Weathermap Path Traversal vulnerability in Network-Weathermap .Network Weathermap 0.97

Directory traversal vulnerability in editor.php in Network Weathermap 0.97c and earlier allows remote attackers to read arbitrary files via a ..

5.0
2014-06-05 CVE-2014-3976 A10Networks Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in A10Networks Advanced Core Operating System 2.7.0/2.7.1

Buffer overflow in A10 Networks Advanced Core Operating System (ACOS) before 2.7.0-p6 and 2.7.1 before 2.7.1-P1_55 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long session id in the URI to sys_reboot.html.

5.0
2014-06-05 CVE-2014-3975 Auracms Path Traversal vulnerability in Auracms 3.0

Absolute path traversal vulnerability in filemanager.php in AuraCMS 3.0 allows remote attackers to list a directory via a full pathname in the viewdir parameter.

5.0
2014-06-05 CVE-2013-0302 Owncloud
Amazon
Information Disclosure vulnerability in ownCloud

Unspecified vulnerability in ownCloud Server before 4.0.12 allows remote attackers to obtain sensitive information via unspecified vectors related to "inclusion of the Amazon SDK testing suite." NOTE: due to lack of details, it is not clear whether the issue exists in ownCloud itself, or in Amazon SDK.

5.0
2014-06-04 CVE-2013-1941 Owncloud Cryptographic Issues vulnerability in Owncloud

The installation routine in ownCloud Server before 4.0.14, 4.5.x before 4.5.9, and 5.0.x before 5.0.4 uses the time function to seed the generation of the PostgreSQL database user password, which makes it easier for remote attackers to guess the password via a brute force attack.

5.0
2014-06-03 CVE-2014-3941 Typo3 Improper Input Validation vulnerability in Typo3

TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."

5.0
2014-06-03 CVE-2013-0191 Lucas Clemente Vella Improper Authentication vulnerability in Lucas Clemente Vella Libpam-Pgsql 0.7

libpam-pgsql (aka pam_pgsql) 0.7 does not properly handle a NULL value returned by the password search query, which allows remote attackers to bypass authentication via a crafted password.

5.0
2014-06-02 CVE-2013-7386 ROM Walton USE of Externally-Controlled Format String vulnerability in ROM Walton Boinc 7.2.33

Format string vulnerability in the PROJECT::write_account_file function in client/cs_account.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the gui_urls item in an account file.

5.0
2014-06-02 CVE-2013-6470 Redhat Improper Authentication vulnerability in Redhat Openstack 4.0

The default configuration in the standalone controller quickstack manifest in openstack-foreman-installer, as used in Red Hat Enterprise Linux OpenStack Platform 4.0, disables authentication for Qpid, which allows remote attackers to gain access by connecting to Qpid.

5.0
2014-06-02 CVE-2013-2014 Openstack
Fedoraproject
Improper Input Validation vulnerability in multiple products

OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long requests.

5.0
2014-06-02 CVE-2013-1818 Mediawiki Information Exposure vulnerability in Mediawiki

maintenance/mwdoc-filter.php in MediaWiki before 1.20.3 allows remote attackers to read arbitrary files via unspecified vectors.

5.0
2014-06-02 CVE-2011-5280 ROM Walton Buffer Errors vulnerability in ROM Walton Boinc 6.13.0/6.13.1

Multiple stack-based buffer overflows in BOINC 6.13.x allow remote attackers to cause a denial of service (crash) via a long trickle-up to (1) client/cs_trickle.cpp or (2) db/db_base.cpp.

5.0
2014-06-04 CVE-2013-0204 Owncloud Code Injection vulnerability in Owncloud

settings/personal.php in ownCloud 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via crafted mount point settings.

4.6
2014-06-04 CVE-2014-0935 IBM Local Privilege Escalation vulnerability in IBM products

Unspecified vulnerability in IBM Smart Analytics System 7700 before FP 2.1.3.0 and 7710 before FP 2.1.3.0 allows local users to gain privileges via vectors related to events.

4.6
2014-06-08 CVE-2014-3036 IBM Unauthorized Access vulnerability in IBM API Management 3.0.0.0

Unspecified vulnerability in IBM API Management 3.0.0.0, when basic authentication is used for APIs, allows remote attackers to bypass intended restrictions on topology access, and obtain sensitive information, via unknown vectors.

4.3
2014-06-08 CVE-2014-0936 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Security Appscan Source

IBM Security AppScan Source 8.0 through 9.0, when the publish-assessment permission is not properly restricted for the configured database server, transmits cleartext assessment data, which allows remote attackers to obtain sensitive information by sniffing the network.

4.3
2014-06-05 CVE-2014-3470 Openssl
Redhat
Fedoraproject
Cryptographic Issues vulnerability in multiple products

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.

4.3
2014-06-05 CVE-2014-0221 Openssl
Redhat
Fedoraproject
Resource Management Errors vulnerability in multiple products

The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.

4.3
2014-06-05 CVE-2013-2618 Network Weathermap Cross-Site Scripting vulnerability in Network-Weathermap .Network Weathermap 0.97

Cross-site scripting (XSS) vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the map_title parameter.

4.3
2014-06-05 CVE-2012-4728 Corel NULL Pointer Dereference Denial of Service vulnerability in Corel Quattro PRO X6 16.0.0.388

The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in QPW160.dll in Corel Quattro Pro X6 Standard Edition 16.0.0.388 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted QPW file.

4.3
2014-06-05 CVE-2014-3974 Auracms Cross-Site Scripting vulnerability in Auracms 3.0

Cross-site scripting (XSS) vulnerability in filemanager.php in AuraCMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the viewdir parameter.

4.3
2014-06-05 CVE-2014-3878 Ipswitch Cross-Site Scripting vulnerability in Ipswitch Imail Server 12.3/12.4

Multiple cross-site scripting (XSS) vulnerabilities in the web client interface in Ipswitch IMail Server 12.3 and 12.4, possibly before 12.4.1.15, allow remote attackers to inject arbitrary web script or HTML via (1) the Name field in an add new contact action in the Contacts section or unspecified vectors in (2) an Add Group task in the Contacts section, (3) an add new event action in the Calendar section, or (4) the Task section.

4.3
2014-06-05 CVE-2014-2577 Bottomline Cross-Site Scripting vulnerability in Bottomline Transform Foundation Server 4.3.1/5.2

Multiple cross-site scripting (XSS) vulnerabilities in the Transform Content Center in Bottomline Technologies Transform Foundation Server before 4.3.1 Patch 8 and 5.x before 5.2 Patch 7 allow remote attackers to inject arbitrary web script or HTML via the (1) pn parameter to index.fsp/document.pdf, (2) db or (3) referer parameter to index.fsp/index.fsp, or (4) PATH_INFO to the default URI.

4.3
2014-06-05 CVE-2014-1998 N I Agroinformatics Cross-Site Scripting vulnerability in N-I-Agroinformatics SOY CMS 1.4.0

Cross-site scripting (XSS) vulnerability in Nippon Institute of Agroinformatics SOY CMS 1.4.0c and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-06-04 CVE-2014-3960 Opennms Cross-Site Scripting vulnerability in Opennms

Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.12.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-06-04 CVE-2014-3948 Alex Kellner
Typo3
Cross-Site Scripting vulnerability in Alex Kellner Powermail

Cross-site scripting (XSS) vulnerability in the HTML export wizard in the backend module in the powermail extension before 1.6.11 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-06-04 CVE-2014-3833 Owncloud Cross-Site Scripting vulnerability in Owncloud

Multiple cross-site scripting (XSS) vulnerabilities in the (1) Gallery and (2) core components in ownCloud Server before 5.016 and 6.0.x before 6.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the print_unescaped function.

4.3
2014-06-04 CVE-2014-3832 Owncloud Cross-Site Scripting vulnerability in Owncloud 6.0.0/6.0.1/6.0.2

Cross-site scripting (XSS) vulnerability in the Documents component in ownCloud Server 6.0.x before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the print_unescaped function.

4.3
2014-06-04 CVE-2014-3786 Lucidcrew Cross-Site Scripting vulnerability in Lucidcrew Pixie 1.04

Multiple cross-site scripting (XSS) vulnerabilities in the contact module (admin/modules/contact.php) in Pixie CMS 1.04 allow remote attackers to inject arbitrary web script or HTML via the (1) uemail or (2) subject parameter in the Contact form to contact/.

4.3
2014-06-04 CVE-2012-5057 Owncloud Unspecified vulnerability in Owncloud

CRLF injection vulnerability in ownCloud Server before 4.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the url path parameter.

4.3
2014-06-04 CVE-2012-5056 Owncloud Cross-Site Scripting vulnerability in Owncloud

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) readyCallback parameter to apps/files_odfviewer/src/webodf/webodf/flashput/PUT.swf, the (2) root parameter to apps/gallery/templates/index.php, or a (3) malformed query to lib/db.php.

4.3
2014-06-04 CVE-2014-2502 EMC Cross-Site Scripting vulnerability in EMC RSA Adaptive Authentication Hosted 11.0

Cross-site scripting (XSS) vulnerability in rsa_fso.swf in EMC RSA Adaptive Authentication (Hosted) 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-06-03 CVE-2014-3959 F5 Cross-Site Scripting vulnerability in F5 products

Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

4.3
2014-06-02 CVE-2014-2939 Alfresco Cross-Site Scripting vulnerability in Alfresco 4.1.6

Multiple cross-site scripting (XSS) vulnerabilities in Alfresco Enterprise before 4.1.6.13 allow remote attackers to inject arbitrary web script or HTML via (1) an XHTML document, (2) a <% tag, or (3) the taskId parameter to share/page/task-edit.

4.3
2014-06-02 CVE-2014-0042 Redhat Cryptographic Issues vulnerability in Redhat Openstack 4.0

OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets gpgcheck to 0 for certain templates, which disables GPG signature checking on downloaded packages and allows man-in-the-middle attackers to install arbitrary packages via unspecified vectors.

4.3
2014-06-02 CVE-2014-0041 Redhat Cryptographic Issues vulnerability in Redhat Openstack 4.0

OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets sslverify to false for certain Yum repositories, which disables SSL protection and allows man-in-the-middle attackers to prevent updates via unspecified vectors.

4.3
2014-06-02 CVE-2014-0040 Redhat Man in The Middle Security vulnerability in Redhat Openstack 4.0

OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, uses an HTTP connection to download (1) packages and (2) signing keys from Yum repositories, which allows man-in-the-middle attackers to prevent updates via unspecified vectors.

4.3
2014-06-05 CVE-2013-2130 ZNC Unspecified vulnerability in ZNC 1.0

ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp.

4.0
2014-06-05 CVE-2014-3940 Redhat
Linux
Race Condition vulnerability in multiple products

The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.

4.0
2014-06-05 CVE-2014-2346 Copadata Improper Input Validation vulnerability in Copadata Zenon Dnp3 NG Driver and Zenon Dnp3 Process Gateway

COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through 7.11 SP0 build 10238 and zenon DNP3 Process Gateway (DNP3 outstation) 7.11 SP0 build 10238 and earlier allow physically proximate attackers to cause a denial of service (infinite loop and process crash) via crafted input over a serial line.

4.0
2014-06-05 CVE-2013-0304 Owncloud Permissions, Privileges, and Access Controls vulnerability in Owncloud

ownCloud Server before 4.5.7 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to /apps/calendar/export.php.

4.0
2014-06-04 CVE-2014-3963 Owncloud Permissions, Privileges, and Access Controls vulnerability in Owncloud

ownCloud Server before 6.0.1 does not properly check permissions, which allows remote authenticated users to access arbitrary preview pictures via unspecified vectors.

4.0
2014-06-04 CVE-2014-3838 Owncloud Permissions, Privileges, and Access Controls vulnerability in Owncloud

ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not properly check permissions, which allows remote authenticated users to read the names of files of other users by leveraging access to multiple accounts.

4.0
2014-06-04 CVE-2014-3837 Owncloud Permissions, Privileges, and Access Controls vulnerability in Owncloud

The document application in ownCloud Server before 6.0.3 uses sequential values for the file_id, which allows remote authenticated users to enumerate shared files via unspecified vectors.

4.0
2014-06-04 CVE-2012-5336 Owncloud Improper Input Validation vulnerability in Owncloud

lib/base.php in ownCloud before 4.0.8 does not properly validate the user_id session variable, which allows remote authenticated users to read arbitrary files via vectors related to WebDAV.

4.0
2014-06-03 CVE-2014-3946 Typo3 Information Exposure vulnerability in Typo3

The query caching functionality in the Extbase Framework component in TYPO3 6.2.0 before 6.2.3 does not properly validate group permissions, which allows remote authenticated users to read arbitrary queries via unspecified vectors.

4.0
2014-06-03 CVE-2014-3945 Typo3 Improper Authentication vulnerability in Typo3

The Authentication component in TYPO3 before 6.2, when salting for password hashing is disabled, does not require knowledge of the cleartext password if the password hash is known, which allows remote attackers to bypass authentication and gain access to the backend by leveraging knowledge of a password hash.

4.0
2014-06-03 CVE-2014-3280 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Communications Domain Manager

The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain potentially sensitive user information by visiting an unspecified Administration GUI web page, aka Bug IDs CSCun46045 and CSCun46116.

4.0

10 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-06-08 CVE-2014-3038 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Spss Modeler 16.0.0.0

IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop group privileges, which allows local users to bypass intended file-access restrictions by leveraging (1) gid 0 or (2) root's group memberships.

3.6
2014-06-04 CVE-2014-3949 JO Hasenau
Typo3
Cross-Site Scripting vulnerability in JO Hasenau Gridelements

Cross-site scripting (XSS) vulnerability in the layout wizard in the Grid Elements (gridelements) extension before 1.5.1 and 2.0.x before 2.0.3 for TYPO3 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2014-06-03 CVE-2014-3943 Typo3 Cross-Site Scripting vulnerability in Typo3

Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allow remote authenticated editors to inject arbitrary web script or HTML via unknown parameters.

3.5
2014-06-02 CVE-2014-3933 Newsignature Cross-Site Scripting vulnerability in Newsignature Addressfield Tokens

Cross-site scripting (XSS) vulnerability in the address components field formatter in the AddressField Tokens module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via an address field.

3.5
2014-06-08 CVE-2014-3986 Cisofy Link Following vulnerability in Cisofy Lynis

include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name.

3.3
2014-06-08 CVE-2014-3982 Cisofy Link Following vulnerability in Cisofy Lynis

include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.##### file.

3.3
2014-06-08 CVE-2014-3981 PHP Link Following vulnerability in PHP

acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.

3.3
2014-06-05 CVE-2014-3917 Suse
Redhat
Linux
Information Exposure vulnerability in multiple products

kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.

3.3
2014-06-06 CVE-2014-3966 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

Cross-site scripting (XSS) vulnerability in Special:PasswordReset in MediaWiki before 1.19.16, 1.21.x before 1.21.10, and 1.22.x before 1.22.7, when wgRawHtml is enabled, allows remote attackers to inject arbitrary web script or HTML via an invalid username.

2.6
2014-06-04 CVE-2014-3956 Freebsd
HP
Fedoraproject
Sendmail
Information Exposure vulnerability in multiple products

The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.

1.9