Weekly Vulnerabilities Reports > June 23 to 29, 2014

Overview

28 new vulnerabilities reported during this period, including 2 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 20 products from 17 vendors including IBM, Linux, HP, Microsoft, and Canonical. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Cross-Site Request Forgery (CSRF)", "Information Exposure", and "Improper Input Validation".

  • 23 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 10 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 16 reported vulnerabilities are exploitable by an anonymous user.
  • IBM has the most reported vulnerabilities, with 7 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

2 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-06-28 CVE-2014-4648 Piwigo Security vulnerability in Piwigo

Unspecified vulnerability in Piwigo before 2.6.3 has unknown impact and attack vectors, related to a "security failure."

10.0
2014-06-28 CVE-2014-2613 HP
Microsoft
Linux
Privilege Escalation vulnerability in HP Release Control

Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to gain privileges via unknown vectors.

9.0

1 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-06-25 CVE-2014-4644 Cacti SQL Injection vulnerability in Cacti Superlinks 1.42

SQL injection vulnerability in superlinks.php in the superlinks plugin 1.4-2 for Cacti allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5

20 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-06-25 CVE-2014-2005 Sophos Improper Authentication vulnerability in Sophos Enterprise Console 5.1/5.2/5.2.1

Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x before 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically proximate attackers to obtain desktop access by leveraging the absence of a login screen.

6.9
2014-06-28 CVE-2014-3881 Intercom Cross-Site Request Forgery (CSRF) vulnerability in Intercom web Kyukincho 3.0

Cross-site request forgery (CSRF) vulnerability in Intercom Web Kyukincho 3.x before 3.0.030 allows remote attackers to hijack the authentication of arbitrary users.

6.8
2014-06-25 CVE-2014-4030 Longtailvideo Cross-Site Request Forgery (CSRF) vulnerability in Longtailvideo JW Player FOR Flash & Html5 Video Plugin

Cross-site request forgery (CSRF) vulnerability in the JW Player plugin before 2.1.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that remove players via a delete action to wp-admin/admin.php.

6.8
2014-06-25 CVE-2014-3882 12Net Cross-Site Request Forgery (CSRF) vulnerability in 12Net Login Rebuilder

Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin before 1.2.0 for WordPress allows remote attackers to hijack the authentication of arbitrary users.

6.8
2014-06-25 CVE-2014-3299 Cisco Improper Input Validation vulnerability in Cisco IOS

Cisco IOS allows remote authenticated users to cause a denial of service (device reload) via malformed IPsec packets, aka Bug ID CSCui79745.

6.8
2014-06-28 CVE-2014-4649 Piwigo SQL Injection vulnerability in Piwigo

SQL injection vulnerability in the photo-edit subsystem in Piwigo 2.6.x and 2.7.x before 2.7.0beta2 allows remote authenticated administrators to execute arbitrary SQL commands via the associate[] field.

6.5
2014-06-28 CVE-2013-6311 IBM SQL Injection vulnerability in IBM Marketing Platform 9.1.0.0/9.1.0.1

SQL injection vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.5
2014-06-27 CVE-2011-1381 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Openpages GRC Platform 6.1.0.1

Unspecified vulnerability in IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers to bypass intended access restrictions via unknown vectors.

6.4
2014-06-28 CVE-2013-6309 IBM Code Injection vulnerability in IBM Marketing Platform 9.1.0.0/9.1.0.1

IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to hijack sessions, and consequently read records, modify records, or conduct transactions, via an unspecified link injection.

6.0
2014-06-23 CVE-2014-0203 Linux
Oracle
Use After Free vulnerability in multiple products

The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call.

5.5
2014-06-28 CVE-2014-0891 IBM Information Exposure vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.2 allows remote attackers to obtain sensitive information by leveraging incorrect request handling by the (1) Proxy or (2) ODR server.

5.0
2014-06-27 CVE-2014-3011 IBM Code Injection vulnerability in IBM Openpages GRC Platform 6.1.0.1

IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers to conduct link injection attacks via unspecified vectors.

5.0
2014-06-25 CVE-2014-4643 Coreftp Buffer Errors vulnerability in Coreftp Core FTP 2.2

Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in a reply to a (1) USER, (2) PASS, (3) PASV, (4) SYST, (5) PWD, or (6) CDUP command.

5.0
2014-06-28 CVE-2013-6308 IBM URI Redirection vulnerability in IBM Marketing Platform 9.1.0.0/9.1.0.1

IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to conduct phishing attacks and capture login credentials via an unspecified injection.

4.9
2014-06-23 CVE-2014-4508 Linux
Canonical
Numeric Errors vulnerability in multiple products

arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000.

4.7
2014-06-23 CVE-2014-4171 Linux
Canonical
Local Denial of Service vulnerability in Linux Kernel

mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to cause a denial of service (i_mutex hold) by using the mmap system call to access a hole, as demonstrated by interfering with intended shmem activity by blocking completion of (1) an MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call.

4.7
2014-06-28 CVE-2014-2006 Intercom Cross-Site Scripting vulnerability in Intercom web Kyukincho 3.0

Cross-site scripting (XSS) vulnerability in Intercom Web Kyukincho 3.x before 3.0.030 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-06-27 CVE-2014-3433 Symantec Cross-Site Scripting vulnerability in Symantec Data Insight 3.0/3.0.1/4.0

Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x before 4.5 allows remote attackers to inject arbitrary web script or HTML via an unspecified form field, related to an "HTML script injection" issue.

4.3
2014-06-27 CVE-2014-3432 Symantec Cross-Site Scripting vulnerability in Symantec Data Insight 3.0/3.0.1/4.0

Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x before 4.5 allows remote attackers to inject arbitrary web script or HTML via an unspecified form field.

4.3
2014-06-28 CVE-2014-2612 HP
Linux
Microsoft
Information Disclosure vulnerability in HP Release Control

Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain sensitive information via unknown vectors.

4.0

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-06-28 CVE-2014-4669 HP Information Exposure vulnerability in HP Enterprise Maps 1.00

HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to an XML External Entity (XXE) issue.

3.5
2014-06-28 CVE-2013-6310 IBM Cross-Site Scripting vulnerability in IBM Marketing Platform 9.1.0.0/9.1.0.1

Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2014-06-25 CVE-2014-4349 Phpmyadmin Cross-Site Scripting vulnerability in PHPmyadmin

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name that is improperly handled after a (1) hide or (2) unhide action.

3.5
2014-06-25 CVE-2014-4348 Phpmyadmin Cross-Site Scripting vulnerability in PHPmyadmin

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables.

3.5
2014-06-23 CVE-2014-0244 Samba Improper Input Validation vulnerability in Samba

The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.

3.3