Weekly Vulnerabilities Reports > July 21 to 27, 2014

Overview

87 new vulnerabilities reported during this period, including 18 critical vulnerabilities and 18 high severity vulnerabilities. This weekly summary report vulnerabilities in 92 products from 52 vendors including Mozilla, Cisco, Siemens, Drupal, and IBM. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", and "Improper Input Validation".

  • 79 reported vulnerabilities are remotely exploitables.
  • 9 reported vulnerabilities have public exploit available.
  • 28 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 77 reported vulnerabilities are exploitable by an anonymous user.
  • Mozilla has the most reported vulnerabilities, with 14 reported vulnerabilities.
  • Mozilla has the most reported critical vulnerabilities, with 9 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

18 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-07-26 CVE-2014-2363 Morpho Hardcoded Credentials Security Bypass vulnerability in Morpho Itemiser 3 8.17

Morpho Itemiser 3 8.17 has hardcoded administrative credentials, which makes it easier for remote attackers to obtain access via a login request.

10.0
2014-07-24 CVE-2014-0607 Attachmate Arbitrary File Upload vulnerability in Attachmate Verastream Process Designer 6.0

Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD) before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file.

10.0
2014-07-23 CVE-2014-4502 Bfgminer
Sgminer Project
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Multiple heap-based buffer overflows in the parse_notify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a (1) large or (2) negative value in the Extranonc2_size parameter in a mining.subscribe response and a crafted mining.notify request.

10.0
2014-07-23 CVE-2014-4501 Sgminer Project
Cgminer Project
Bfgminer
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the (1) extract_sockaddr or (2) parse_reconnect functions in util.c.

10.0
2014-07-23 CVE-2014-1551 Mozilla
Microsoft
Use After Free Memory Corruption vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird

Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.

10.0
2014-07-23 CVE-2014-1550 Mozilla Use After Free Memory Corruption vulnerability in Mozilla Firefox and Thunderbird

Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.

10.0
2014-07-23 CVE-2014-1548 Mozilla Memory Corruption vulnerability in Mozilla Firefox and Thunderbird

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10.0
2014-07-23 CVE-2014-1547 Mozilla Memory Corruption vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10.0
2014-07-23 CVE-2014-1544 Mozilla Use After Free Memory Corruption vulnerability in Mozilla Firefox/Thunderbird

Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.

10.0
2014-07-22 CVE-2014-4947 Citrix Buffer Errors vulnerability in Citrix Xenserver 6.2.0

Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors.

10.0
2014-07-26 CVE-2014-2626 HP Path Traversal vulnerability in HP Network Virtualization 8.6

Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024.

9.4
2014-07-26 CVE-2014-4979 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime

Apple QuickTime allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed version number and flags in an mvhd atom.

9.3
2014-07-23 CVE-2014-3939 Autodesk Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Autodesk Sketchbook PRO 6.2.4/6.2.5

Heap-based buffer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer bitmap data in a PXD file.

9.3
2014-07-23 CVE-2014-3938 Autodesk Numeric Errors vulnerability in Autodesk Sketchbook PRO 6.2.4/6.2.5

Integer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer mask data in a PSD file, which triggers a heap-based buffer overflow.

9.3
2014-07-23 CVE-2014-1557 Oracle
Mozilla
Debian
Code Injection vulnerability in multiple products

The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image.

9.3
2014-07-23 CVE-2014-1556 Mozilla Code Injection vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird

Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library.

9.3
2014-07-23 CVE-2014-1555 Mozilla Use After Free Memory Corruption vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird

Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event.

9.3
2014-07-23 CVE-2014-1549 Mozilla Buffer Errors vulnerability in Mozilla Firefox and Thunderbird

The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.

9.3

18 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-07-26 CVE-2014-2625 HP Path Traversal vulnerability in HP Network Virtualization 8.6

Directory traversal vulnerability in the storedNtxFile function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to read arbitrary files via crafted input, aka ZDI-CAN-2023.

8.5
2014-07-24 CVE-2014-4927 Acme
D Link
Netgear
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long string in the URI in a GET request.

7.8
2014-07-24 CVE-2014-2362 Oleumtech Predictable Random Number Generator vulnerability in Oleumtech products

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by predicting the time of project creation.

7.8
2014-07-24 CVE-2014-2717 Honeywell Authentication Bypass vulnerability in Honeywell products

Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to bypass authentication and obtain administrative access by visiting the change-password page.

7.6
2014-07-27 CVE-2014-4726 Mailpoet Security vulnerability in WordPress MailPoet Newsletters Plugin

Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.8 for WordPress has unspecified impact and attack vectors.

7.5
2014-07-27 CVE-2014-4725 Mailpoet Improper Authentication vulnerability in Mailpoet Newsletters

The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows remote attackers to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using wp-admin/admin-post.php and accessing the theme in wp-content/uploads/wysija/themes/mailp/.

7.5
2014-07-26 CVE-2014-4858 Sabreairlinesolutions SQL Injection vulnerability in Sabreairlinesolutions products

Multiple SQL injection vulnerabilities in CWPLogin.aspx in Sabre AirCentre Crew products 2010.2.12.20008 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field.

7.5
2014-07-25 CVE-2014-5102 Vbulletin SQL Injection vulnerability in Vbulletin

SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 allows remote attackers to execute arbitrary SQL commands via the criteria[startswith] parameter to ajax/render/memberlist_items.

7.5
2014-07-24 CVE-2014-4736 Blogengine SQL Injection vulnerability in Blogengine E2 2.4

SQL injection vulnerability in E2 before 2.4 (2845) allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process.

7.5
2014-07-24 CVE-2014-2360 Oleumtech Improper Input Validation vulnerability in Oleumtech products

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets that report a high battery voltage.

7.5
2014-07-22 CVE-2014-3530 Redhat Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform 5.2.0/6.2.4

The org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory method in PicketLink, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 5.2.0 and 6.2.4, expands entity references, which allows remote attackers to read arbitrary code and possibly have other unspecified impact via unspecified vectors, related to an XML External Entity (XXE) issue.

7.5
2014-07-22 CVE-2014-4511 Gitlist Remote Code Execution vulnerability in GitList

Gitlist before 0.5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name in the URI of a request for a (1) blame, (2) file, or (3) stats page, as demonstrated by requests to blame/master/, master/, and stats/master/.

7.5
2014-07-22 CVE-2014-4326 Elastic OS Command Injection vulnerability in Elastic Logstash

Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/.

7.5
2014-07-22 CVE-2013-7392 Gitlist Arbitrary Command Execution vulnerability in GitList

Gitlist allows remote attackers to execute arbitrary commands via shell metacharacters in a file name to Source/.

7.5
2014-07-21 CVE-2014-5017 Limesurvey SQL Injection vulnerability in Limesurvey 2.05+

SQL injection vulnerability in CPDB in application/controllers/admin/participantsaction.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to execute arbitrary SQL commands via the sidx parameter in a JSON request to admin/participants/sa/getParticipants_json, related to a search parameter.

7.5
2014-07-21 CVE-2014-4960 Joomlaboat SQL Injection vulnerability in Joomlaboat COM Youtubegallery

Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x through 4.1.7, and possibly 3.x, for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) listid or (2) themeid parameter to index.php.

7.5
2014-07-26 CVE-2014-4971 Microsoft Improper Input Validation vulnerability in Microsoft Windows XP

Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.

7.2
2014-07-24 CVE-2014-2361 Oleumtech Local Security Bypass vulnerability in Oleumtech products

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.

7.2

46 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-07-24 CVE-2014-1419 Canonical Race Condition vulnerability in Canonical Acpi-Support and Ubuntu Linux

Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

6.9
2014-07-26 CVE-2014-3305 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Meetings Server

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuj81735.

6.8
2014-07-25 CVE-2014-5100 Omeka Cross-Site Request Forgery (CSRF) vulnerability in Omeka

Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user account via a request to admin/users/add, (2) insert cross-site scripting (XSS) sequences via the api_key_label parameter to admin/users/api-keys/1, or (3) disable file validation via a request to admin/settings/edit-security.

6.8
2014-07-24 CVE-2014-4686 Siemens Privilege Escalation vulnerability in Siemens Simatic Pcs7 and Wincc

The Project administration application in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, has a hardcoded encryption key, which allows remote attackers to obtain sensitive information by extracting this key from another product installation and then employing this key during the sniffing of network traffic on TCP port 1030.

6.8
2014-07-22 CVE-2014-3518 Redhat Code Injection vulnerability in Redhat products

jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 specification, which allows remote attackers to execute arbitrary code via unspecified vectors.

6.8
2014-07-22 CVE-2014-5023 Gitlist Remote Command Execution vulnerability in GitList

Repository.php in Gitter, as used in Gitlist, allows remote attackers with commit privileges to execute arbitrary commands via shell metacharacters in a branch name, as demonstrated by a "git checkout -b" command.

6.8
2014-07-26 CVE-2014-3326 Cisco SQL Injection vulnerability in Cisco Security Manager 4.5/4.6

SQL injection vulnerability in the web framework in Cisco Security Manager 4.5 and 4.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCup26957.

6.5
2014-07-22 CVE-2014-4948 Citrix Denial of Service and Information Disclosure vulnerability in Citrix Xenserver 6.2.0

Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (VHD).

6.4
2014-07-24 CVE-2014-3322 Cisco Improper Input Validation vulnerability in Cisco products

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.

6.1
2014-07-25 CVE-2014-2227 UI Permissions, Privileges, and Access Controls vulnerability in UI Unifi Video 2.1.3

The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi Video (formerly AirVision aka AirVision Controller) before 3.0.1 does not restrict access to the application, which allows remote attackers to bypass the Same Origin Policy via a crafted SWF file.

6.0
2014-07-24 CVE-2014-4684 Siemens Permissions, Privileges, and Access Controls vulnerability in Siemens Simatic Pcs7 and Wincc

The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433.

6.0
2014-07-24 CVE-2014-2369 Omron Cross-Site Request Forgery (CSRF) vulnerability in Omron products

Cross-site request forgery (CSRF) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

6.0
2014-07-23 CVE-2014-1561 Mozilla
Oracle
Permissions, Privileges, and Access Controls vulnerability in multiple products

Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization.

5.8
2014-07-23 CVE-2014-1552 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox and Thunderbird

Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect.

5.8
2014-07-26 CVE-2014-2966 Caucho Improper Input Validation vulnerability in Caucho Resin

The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as demonstrated by bypassing an XSS protection mechanism.

5.0
2014-07-26 CVE-2014-3328 Cisco Resource Exhaustion vulnerability in Cisco Unified Presence Server

The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.

5.0
2014-07-26 CVE-2014-3301 Cisco Information Exposure vulnerability in Cisco Webex Meetings Server

The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned messages, aka Bug ID CSCuj81700.

5.0
2014-07-24 CVE-2014-5015 Eterna
Netbsd
Permissions, Privileges, and Access Controls vulnerability in multiple products

bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme and access restrictions via a long path.

5.0
2014-07-24 CVE-2014-4682 Siemens Information Exposure vulnerability in Siemens Simatic Pcs7 and Wincc

The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request.

5.0
2014-07-23 CVE-2014-4980 Tenable Information Exposure vulnerability in Tenable Nessus and web UI

The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive information via the token parameter.

5.0
2014-07-22 CVE-2014-5019 Drupal Improper Input Validation vulnerability in Drupal

The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 allows remote attackers to cause a denial of service via a crafted HTTP Host header, related to determining which configuration file to use.

5.0
2014-07-22 CVE-2014-4911 Polarssl
Debian
Cryptographic Issues vulnerability in multiple products

The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3.8 allows remote attackers to cause a denial of service (crash) via vectors related to the GCM ciphersuites, as demonstrated using the Codenomicon Defensics toolkit.

5.0
2014-07-24 CVE-2014-4683 Siemens Permissions, Privileges, and Access Controls vulnerability in Siemens Simatic Pcs7 and Wincc

The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request.

4.9
2014-07-22 CVE-2014-5020 Drupal Permissions, Privileges, and Access Controls vulnerability in Drupal

The File module in Drupal 7.x before 7.29 does not properly check permissions to view files, which allows remote authenticated users with certain permissions to bypass intended restrictions and read files by attaching the file to content with a file field.

4.9
2014-07-24 CVE-2014-4910 X Path Traversal vulnerability in X Xf86-Video-Intel 2.99.911

Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows remote attackers to create or overwrite arbitrary files via a ..

4.6
2014-07-24 CVE-2014-4685 Siemens Permissions, Privileges, and Access Controls vulnerability in Siemens Simatic Pcs7 and Wincc

Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control.

4.6
2014-07-26 CVE-2014-4857 Gurock Cross-Site Scripting vulnerability in Gurock Testrail

Cross-site scripting (XSS) vulnerability in Gurock TestRail before 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the Created By field in a project activity.

4.3
2014-07-26 CVE-2014-4748 IBM Cross-Site Scripting vulnerability in IBM Sametime

Cross-site scripting (XSS) vulnerability in the Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

4.3
2014-07-26 CVE-2014-3324 Cisco Cross-Site Scripting vulnerability in Cisco Telepresence Server Software

Multiple cross-site scripting (XSS) vulnerabilities in the login page in the administrative web interface in Cisco TelePresence Server Software 4.0(2.8) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCup90060.

4.3
2014-07-26 CVE-2014-3071 IBM Cross-Site Scripting vulnerability in IBM Infosphere Information Server 11.3

Cross-site scripting (XSS) vulnerability in the Data Quality Console in IBM InfoSphere Information Server 11.3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL for adding a project connection.

4.3
2014-07-25 CVE-2014-5103 Zohocorp Cross-Site Scripting vulnerability in Zohocorp Manageengine Eventlog Analyzer 9.0

Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine EventLog Analyzer 9 build 9000 allows remote attackers to inject arbitrary web script or HTML via the j_username parameter to event/j_security_check.

4.3
2014-07-25 CVE-2014-5101 Webidsupport Cross-Site Scripting vulnerability in Webidsupport Webid 1.1.1

Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) TPL_address, (6) TPL_city, (7) TPL_prov, (8) TPL_zip, (9) TPL_phone, (10) TPL_pp_email, (11) TPL_authnet_id, (12) TPL_authnet_pass, (13) TPL_worldpay_id, (14) TPL_toocheckout_id, or (15) TPL_moneybookers_email in a first action to register.php or the (16) username parameter in a login action to user_login.php.

4.3
2014-07-25 CVE-2014-5027 Reviewboard Cross-Site Scripting vulnerability in Reviewboard Review Board

Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via a query parameter to a diff fragment page.

4.3
2014-07-24 CVE-2014-5024 Sonicwall Cross-Site Scripting vulnerability in Sonicwall Analyzer, Global Management System and UMA Em5000

Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id parameter.

4.3
2014-07-24 CVE-2014-3110 Honeywell Cross-Site Scripting vulnerability in Honeywell products

Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to inject arbitrary web script or HTML via invalid input.

4.3
2014-07-24 CVE-2014-2968 Huawei Cross-Site Scripting vulnerability in Huawei E355, E355 Firmware and E355 web UI

Cross-site scripting (XSS) vulnerability in the web interface on the Huawei E355 CH1E355SM modem with software 21.157.37.01.910 and Web UI 11.001.08.00.03 allows remote attackers to inject arbitrary web script or HTML via an SMS message.

4.3
2014-07-23 CVE-2014-4503 Sgminer Project
Cgminer Project
Improper Input Validation vulnerability in multiple products

The parse_notify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service (application exit) via a crafted (1) bbversion, (2) prev_hash, (3) nbit, or (4) ntime parameter in a mining.notify action stratum message.

4.3
2014-07-23 CVE-2014-1560 Mozilla Unspecified vulnerability in Mozilla Firefox and Thunderbird

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context.

4.3
2014-07-23 CVE-2014-1559 Mozilla Security vulnerability in Mozilla Firefox and Thunderbird

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558.

4.3
2014-07-23 CVE-2014-1558 Mozilla Security vulnerability in Mozilla Firefox and Thunderbird

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.

4.3
2014-07-22 CVE-2014-5022 Drupal Cross-Site Scripting vulnerability in Drupal

Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled textfield and a file field.

4.3
2014-07-22 CVE-2014-2385 Sophos Cross-Site Scripting vulnerability in Sophos Anti-Virus 9.5.1

Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter to exclusion/configure or (4) text:EmailServer or (5) newListList:Email parameter to notification/configure.

4.3
2014-07-21 CVE-2014-5018 Limesurvey Unspecified vulnerability in Limesurvey 2.05+

Incomplete blacklist vulnerability in the autoEscape function in common_helper.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to conduct cross-site scripting (XSS) attacks via the GBK charset in the loadname parameter to index.php, related to the survey resume.

4.3
2014-07-21 CVE-2014-5016 Limesurvey Cross-Site Scripting vulnerability in Limesurvey 2.05+

Multiple cross-site scripting (XSS) vulnerabilities in LimeSurvey 2.05+ Build 140618 allow remote attackers to inject arbitrary web script or HTML via (1) the pid attribute to the getAttribute_json function to application/controllers/admin/participantsaction.php in CPDB, (2) the sa parameter to application/views/admin/globalSettings_view.php, or (3) a crafted CSV file to the "Import CSV" functionality.

4.3
2014-07-21 CVE-2014-4734 E107 Cross-Site Scripting vulnerability in E107 2.0

Cross-site scripting (XSS) vulnerability in e107_admin/db.php in e107 2.0 alpha2 and earlier allows remote attackers to inject arbitrary web script or HTML via the type parameter.

4.3
2014-07-23 CVE-2014-3555 Openstack Permissions, Privileges, and Access Controls vulnerability in Openstack Neutron

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.

4.0

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-07-24 CVE-2014-2971 Micropact Cross-Site Scripting vulnerability in Micropact Icomplaints 8.0

Cross-site scripting (XSS) vulnerability in AddStdLetter.jsp in MicroPact iComplaints before 8.0.2.1.8.8014 allows remote authenticated users to inject arbitrary web script or HTML via the description parameter.

3.5
2014-07-24 CVE-2014-2370 Omron Cross-Site Scripting vulnerability in Omron products

Cross-site scripting (XSS) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to inject arbitrary web script or HTML via crafted data.

3.5
2014-07-26 CVE-2014-4747 IBM Information Exposure vulnerability in IBM Sametime

The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate attackers to discover a meeting password hash by leveraging access to an unattended workstation to read HTML source code within a victim's browser.

2.1
2014-07-22 CVE-2014-5021 Drupal Cross-Site Scripting vulnerability in Drupal

Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label.

2.1
2014-07-23 CVE-2014-3537 Apple
Canonical
Fedoraproject
Link Following vulnerability in multiple products

The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.

1.2