Weekly Vulnerabilities Reports > October 27 to November 2, 2014

Overview

102 new vulnerabilities reported during this period, including 3 critical vulnerabilities and 18 high severity vulnerabilities. This weekly summary report vulnerabilities in 111 products from 49 vendors including Mcafee, IBM, Opensuse, Cisco, and Openstack. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", and "Cryptographic Issues".

  • 84 reported vulnerabilities are remotely exploitables.
  • 7 reported vulnerabilities have public exploit available.
  • 31 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 83 reported vulnerabilities are exploitable by an anonymous user.
  • Mcafee has the most reported vulnerabilities, with 20 reported vulnerabilities.
  • GNU has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

3 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-10-31 CVE-2014-7985 Espocrm Path Traversal vulnerability in Espocrm

Directory traversal vulnerability in EspoCRM before 2.6.0 allows remote attackers to include and execute arbitrary local files via a ..

10.0
2014-10-27 CVE-2014-3954 Freebsd Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freebsd

Stack-based buffer overflow in rtsold in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted DNS parameters in a router advertisement message.

10.0
2014-10-29 CVE-2014-4877 GNU Path Traversal vulnerability in GNU Wget

Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicates that the filename is for a symlink.

9.3

18 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-10-27 CVE-2014-2988 Egroupware Code Injection vulnerability in Egroupware

EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 beta allows remote authenticated administrators to execute arbitrary PHP code via crafted callback values to the call_user_func PHP function, as demonstrated using the newsettings[system] parameter.

8.5
2014-10-27 CVE-2010-5077 Ioquake3
Openarena
Tremulous
Improper Input Validation vulnerability in multiple products

server/sv_main.c in Quake3 Arena, as used in ioquake3 before r1762, OpenArena, Tremulous, and other products, allows remote attackers to cause a denial of service (network traffic amplification) via a spoofed (1) getstatus or (2) rcon request.

7.8
2014-11-02 CVE-2014-3634 Sysklogd Project
Rsyslog
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.

7.5
2014-11-02 CVE-2014-2015 Freeradius Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freeradius

Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash.

7.5
2014-11-01 CVE-2014-8244 Linksys Information Exposure vulnerability in Linksys products

Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request.

7.5
2014-10-31 CVE-2014-8509 Bittorrent Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Bittorrent Bootstrap-Dht

The lazy_bdecode function in BitTorrent bootstrap-dht (aka Bootstrap) allows remote attackers to execute arbitrary code via a crafted packet, which triggers an out-of-bounds read, related to "Improper Indexing."

7.5
2014-10-31 CVE-2014-8081 Testlink Code Injection vulnerability in Testlink

lib/execute/execSetResults.php in TestLink before 1.9.13 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the filter_result_result parameter.

7.5
2014-10-30 CVE-2013-7409 Allplayer Buffer Errors vulnerability in Allplayer 5.6.2/5.7.0/5.8.1

Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.

7.5
2014-10-30 CVE-2014-3446 BSS SQL Injection vulnerability in BSS Continuity CMS 4.2.22640.0

SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in BSS Continuity CMS 4.2.22640.0 allows remote attackers to execute arbitrary SQL commands via the nodeid parameter.

7.5
2014-10-29 CVE-2014-8533 Mcafee Arbitrary Code Execution vulnerability in McAfee Network Data Loss Prevention 8.6/9.2.0/9.2.1

McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to execute arbitrary code via vectors related to ICMP redirection.

7.5
2014-10-29 CVE-2014-8530 Mcafee Security vulnerability in McAfee Network Data Loss Prevention 8.6/9.2.0/9.2.1

Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information, affect integrity, or cause a denial of service via unknown vectors, related to simultaneous logins.

7.5
2014-10-29 CVE-2014-8522 Mcafee Improper Authentication vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1

The MySQL database in McAfee Network Data Loss Prevention (NDLP) before 9.3 does not require a password, which makes it easier for remote attackers to obtain access.

7.5
2014-10-29 CVE-2014-3669 PHP Numeric Errors vulnerability in PHP

Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value.

7.5
2014-10-28 CVE-2014-8506 Etiko SQL Injection vulnerability in Etiko CMS

Multiple SQL injection vulnerabilities in Etiko CMS allow remote attackers to execute arbitrary SQL commands via the (1) page_id parameter to loja/index.php or (2) article_id parameter to index.php.

7.5
2014-10-27 CVE-2012-5580 Libproxy Project Code Injection vulnerability in Libproxy Project Libproxy 0.3.1

Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a proxy name, as demonstrated using the http_proxy environment variable or a PAC file.

7.5
2014-10-27 CVE-2003-1599 Wordpress Code Injection vulnerability in Wordpress 0.70

PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable.

7.5
2014-10-27 CVE-2011-4104 Djangoproject Improper Input Validation vulnerability in Djangoproject Tastypie 0.9.9

The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method.

7.5
2014-10-27 CVE-2011-4103 Djangoproject Improper Input Validation vulnerability in Djangoproject Piston 0.2.2.0

emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method.

7.5

61 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-10-30 CVE-2014-3684 Adaptivecomputing Permissions, Privileges, and Access Controls vulnerability in Adaptivecomputing Torque Resource Manager

The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows remote authenticated users to kill arbitrary processes via a crafted executable.

6.8
2014-10-29 CVE-2014-8523 Mcafee Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1

Cross-site request forgery (CSRF) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8
2014-10-29 CVE-2014-3670 PHP Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in PHP

The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function.

6.8
2014-10-28 CVE-2014-6125 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Websphere Portal 8.5.0.0

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

6.8
2014-10-27 CVE-2011-2702 GNU Code Injection vulnerability in GNU Eglibc and Glibc

Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function.

6.8
2014-10-27 CVE-2011-4953 Cobbler Project Improper Input Validation vulnerability in Cobbler Project Cobbler 2.2.1

The set_mgmt_parameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safe_load function, as demonstrated using Puppet.

6.8
2014-10-31 CVE-2014-8334 WP Dbmanager Project OS Command Injection vulnerability in Wp-Dbmanager Project Wp-Dbmanager

The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) $backup['filepath'] (aka "Path to Backup:" field) or (2) $backup['mysqldumppath'] variable.

6.5
2014-10-31 CVE-2014-3366 Cisco SQL Injection vulnerability in Cisco Unified Communications Manager

SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka Bug ID CSCup88089.

6.5
2014-10-29 CVE-2014-8531 Mcafee Cryptographic Issues vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1

The TLS/SSL Server in McAfee Network Data Loss Prevention (NDLP) before 9.3 uses weak cipher algorithms, which makes it easier for remote authenticated users to execute arbitrary code via unspecified vectors.

6.5
2014-10-28 CVE-2014-4808 IBM Remote Code Execution vulnerability in IBM WebSphere Portal

Unspecified vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 allows remote authenticated users to execute arbitrary code via unknown vectors.

6.5
2014-11-01 CVE-2014-8582 Fortinet Unspecified vulnerability in Fortinet products

FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to obtain access to arbitrary subnets via unspecified vectors.

6.4
2014-10-29 CVE-2014-3697 Pidgin Path Traversal vulnerability in Pidgin

Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar archive of a smiley theme.

6.4
2014-10-29 CVE-2014-3694 Opensuse
Canonical
Debian
Pidgin
Cryptographic Issues vulnerability in multiple products

The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

6.4
2014-10-29 CVE-2014-4839 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Tririga Application Platform

Cross-site request forgery (CSRF) vulnerability in birtviewer.query in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

6.0
2014-11-01 CVE-2014-6032 F5 XML External Entity Injection vulnerability in F5 Networks BIG-IP

Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PSM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4, and WOM 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allow remote authenticated users to read arbitrary files and cause a denial of service via a crafted request, as demonstrated using (1) viewList or (2) deal elements.

5.5
2014-10-29 CVE-2014-8538 Hijabmodern Cryptographic Issues vulnerability in Hijabmodern Hijab Modern 1.0

The Hijab Modern (aka com.Aisyaidea.HijabModern) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.4
2014-11-02 CVE-2014-3683 Rsyslog
Sysklogd Project
Numeric Errors vulnerability in multiple products

Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value.

5.0
2014-10-31 CVE-2014-8495 Citrix Cryptographic Issues vulnerability in Citrix Xenmobile

Citrix XenMobile MDX Toolkit before 9.0.4, when used to wrap iOS 8 applications, does not properly encrypt cached application data, which allows context-dependent attackers to obtain sensitive information by reading the cache.

5.0
2014-10-31 CVE-2014-8082 Testlink Information Exposure vulnerability in Testlink

lib/functions/database.class.php in TestLink before 1.9.13 allows remote attackers to obtain sensitive information via unspecified vectors, which reveals the installation path in an error message.

5.0
2014-10-31 CVE-2014-7986 Espocrm Permissions, Privileges, and Access Controls vulnerability in Espocrm

install/index.php in EspoCRM before 2.6.0 allows remote attackers to re-install the application via a 1 value in the installProcess parameter.

5.0
2014-10-31 CVE-2013-0334 Bundler
Opensuse
Fedoraproject
Improper Input Validation vulnerability in multiple products

Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source.

5.0
2014-10-30 CVE-2014-3623 Apache Improper Authentication vulnerability in Apache CXF and Wss4J

Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does not properly enforce the SAML SubjectConfirmation method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vectors.

5.0
2014-10-30 CVE-2014-3584 Apache Resource Management Errors vulnerability in Apache CXF

The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.

5.0
2014-10-30 CVE-2013-3304 Dell Path Traversal vulnerability in Dell Equallogic Ps4000 Firmware 6.0

Directory traversal vulnerability in Dell EqualLogic PS4000 with firmware 6.0 allows remote attackers to read arbitrary files via a ..

5.0
2014-10-29 CVE-2014-8525 Mcafee Information Exposure vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1

McAfee Network Data Loss Prevention (NDLP) before 9.3 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

5.0
2014-10-29 CVE-2014-8524 Mcafee Information Exposure vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1

McAfee Network Data Loss Prevention (NDLP) before 9.3 does not disable the autocomplete setting for the password and other fields, which allows remote attackers to obtain sensitive information via unspecified vectors.

5.0
2014-10-29 CVE-2014-8520 Mcafee Information Exposure vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1

McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information via vectors related to open network ports.

5.0
2014-10-29 CVE-2014-6149 IBM Path Traversal vulnerability in IBM Tivoli Application Dependency Discovery Manager

Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to read arbitrary files via unspecified vectors.

5.0
2014-10-29 CVE-2014-3698 Pidgin Information Exposure vulnerability in Pidgin

The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message.

5.0
2014-10-29 CVE-2014-3696 Pidgin Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Pidgin

nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that triggers a large memory allocation.

5.0
2014-10-29 CVE-2014-3695 Pidgin Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Pidgin

markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.

5.0
2014-10-29 CVE-2014-3668 PHP Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in PHP

Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) via (1) a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation.

5.0
2014-10-28 CVE-2014-4821 IBM Information Exposure vulnerability in IBM Websphere Portal

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 provides different web-server error codes depending on whether a requested file exists, which allows remote attackers to determine the validity of filenames via a series of requests.

5.0
2014-10-28 CVE-2014-3293 Cisco Resource Management Errors vulnerability in Cisco Asr901 and IOS

Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to use the CPU for IPv4 packet processing, which allows remote attackers to cause a denial of service (BGP neighbor flapping) by sending many crafted IPv4 packets, aka Bug ID CSCuo29736.

5.0
2014-10-27 CVE-2014-3955 Freebsd Improper Input Validation vulnerability in Freebsd

routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RIP request from a source not on a directly connected network.

5.0
2014-10-27 CVE-2014-3711 Freebsd Resource Management Errors vulnerability in Freebsd

namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (memory exhaustion) via vectors that trigger a sandboxed process to look up a large number of nonexistent path names.

5.0
2014-10-27 CVE-2014-0136 Redhat Improper Input Validation vulnerability in Redhat Cloudforms 3.0 Management Engine

The (1) get and (2) log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine (CFME) 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors.

5.0
2014-10-30 CVE-2014-7877 HP Local Denial Of Service vulnerability in HP Hp-Ux B.11.31

Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.

4.9
2014-10-29 CVE-2014-8535 Mcafee Unspecified vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0

McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to bypass intended restriction on unspecified functionality via unknown vectors.

4.6
2014-10-27 CVE-2012-1111 Robert Ancell Information Exposure vulnerability in Robert Ancell Lightdm

lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.

4.6
2014-10-27 CVE-2010-4820 Ghostscript Code Injection vulnerability in Ghostscript 8.62

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055.

4.4
2014-10-31 CVE-2014-3473 Openstack
Opensuse
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in the Horizon Orchestration dashboard in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2, when used with Heat, allows remote Orchestration template owners or catalogs to inject arbitrary web script or HTML via a crafted template.

4.3
2014-10-31 CVE-2014-8577 Croogo Cross-Site Scripting vulnerability in Croogo

Multiple cross-site scripting (XSS) vulnerabilities in Croogo before 2.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) data[Contact][title] parameter to admin/contacts/contacts/add page; (2) data[Block][title] or (3) data[Block][alias] parameter to admin/blocks/blocks/edit page; (4) data[Region][title] parameter to admin/blocks/regions/add page; (5) data[Menu][title] or (6) data[Menu][alias] parameter to admin/menus/menus/add page; or (7) data[Link][title] parameter to admin/menus/links/add/menu page.

4.3
2014-10-31 CVE-2014-7987 Espocrm Cross-Site Scripting vulnerability in Espocrm

Cross-site scripting (XSS) vulnerability in EspoCRM before 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the desc parameter in an errors action to install/index.php.

4.3
2014-10-31 CVE-2014-2336 Fortinet Cross-Site Scripting vulnerability in Fortinet Fortianalyzer Firmware and Fortimanager

Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335.

4.3
2014-10-31 CVE-2014-2335 Fortinet Cross-Site Scripting vulnerability in Fortinet Fortianalyzer Firmware

Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

4.3
2014-10-31 CVE-2014-2334 Fortinet Cross-Site Scripting vulnerability in Fortinet Fortianalyzer Firmware

Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

4.3
2014-10-31 CVE-2014-6101 IBM Cross-Site Scripting vulnerability in IBM Business Process Manager

Cross-site scripting (XSS) vulnerability in the redirect-login feature in IBM Business Process Manager (BPM) Advanced 7.5 through 8.5.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

4.3
2014-10-31 CVE-2014-3375 Cisco Cross-Site Scripting vulnerability in Cisco Unified Communications Manager

Multiple cross-site scripting (XSS) vulnerabilities in the CCM Service interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90597.

4.3
2014-10-31 CVE-2014-3374 Cisco Cross-Site Scripting vulnerability in Cisco Unified Communications Manager

Multiple cross-site scripting (XSS) vulnerabilities in the CCM admin interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90582.

4.3
2014-10-31 CVE-2014-3373 Cisco Cross-Site Scripting vulnerability in Cisco Unified Communications Manager

Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCup92550.

4.3
2014-10-31 CVE-2014-3372 Cisco Cross-Site Scripting vulnerability in Cisco Unified Communications Manager

Multiple cross-site scripting (XSS) vulnerabilities in the CCM reports interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90589.

4.3
2014-10-29 CVE-2014-3051 IBM Cryptographic Issues vulnerability in IBM Tivoli Composite Application Manager for Transactions

The Internet Service Monitor (ISM) agent in IBM Tivoli Composite Application Manager (ITCAM) for Transactions 7.1 and 7.2 before 7.2.0.3 IF28, 7.3 before 7.3.0.1 IF30, and 7.4 before 7.4.0.0 IF18 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain credential information via a crafted certificate.

4.3
2014-10-28 CVE-2014-6126 IBM Cross-Site Scripting vulnerability in IBM Websphere Portal 8.5.0.0

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-10-28 CVE-2014-8505 Etiko Cross-Site Scripting vulnerability in Etiko CMS

Multiple cross-site scripting (XSS) vulnerabilities in Etiko CMS allow remote attackers to inject arbitrary web script or HTML via the (1) page_id parameter to loja/index.php or (2) article_id parameter to index.php.

4.3
2014-10-28 CVE-2014-4023 F5 Cross-Site Scripting vulnerability in F5 products

Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-10-27 CVE-2014-4586 WP Football Project Cross-Site Scripting vulnerability in Wp-Football Project Wp-Football 1.0.1/1.1

Multiple cross-site scripting (XSS) vulnerabilities in the wp-football plugin 1.1 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the league parameter to (1) football_classification.php, (2) football_criteria.php, (3) templates/template_default_preview.php, or (4) templates/template_worldCup_preview.php; the (5) f parameter to football-functions.php; the id parameter in an "action" action to (6) football_groups_list.php, (7) football_matches_list.php, (8) football_matches_phase.php, or (9) football_phases_list.php; or the (10) id_league parameter in a delete action to football_matches_load.php.

4.3
2014-10-31 CVE-2014-8333 Redhat
Openstack
Resource Management Errors vulnerability in multiple products

The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.

4.0
2014-10-31 CVE-2014-7177 Enalean XML External Entity Information Disclosure vulnerability in Enalean Tuleap

XML External Entity vulnerability in Enalean Tuleap 7.2 and earlier allows remote authenticated users to read arbitrary files via a crafted xml document in a create action to plugins/tracker/.

4.0
2014-10-31 CVE-2014-3708 Openstack
Redhat
Resource Management Errors vulnerability in multiple products

OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an IP filter in a list active servers API request.

4.0
2014-10-27 CVE-2014-8327 FAL Sftp Project Information Disclosure vulnerability in FAL Sftp Project FAL Sftp 0.2.4

The fal_sftp extension before 0.2.6 for TYPO3 uses weak permissions for sFTP driver files and folders, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

4.0

20 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-10-29 CVE-2014-8532 Mcafee Information Disclosure Weakness in McAfee Network Data Loss Prevention 8.6/9.2.0/9.2.1

Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows local users to obtain sensitive information and impact integrity via unknown vectors, related to partition mounting.

3.6
2014-10-29 CVE-2014-8527 Mcafee Credentials Management vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1

McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information and affect integrity via vectors related to a "plain text password."

3.6
2014-10-31 CVE-2014-8578 Openstack Cross-Site Scripting vulnerability in Openstack Horizon

Cross-site scripting (XSS) vulnerability in the Groups panel in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-3475.

3.5
2014-10-31 CVE-2014-3475 Openstack
Opensuse
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in the Users panel (admin/users/) in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-8578.

3.5
2014-10-31 CVE-2014-3474 Openstack
Opensuse
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in horizon/static/horizon/js/horizon.instances.js in the Launch Instance menu in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to inject arbitrary web script or HTML via a network name.

3.5
2014-10-31 CVE-2014-6150 IBM Cross-Site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager

Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5
2014-10-31 CVE-2014-6148 IBM Improper Authentication vulnerability in IBM Tivoli Application Dependency Discovery Manager

IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted URL.

3.5
2014-10-29 CVE-2014-8521 Mcafee Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1

Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2014-10-28 CVE-2014-4814 IBM Resource Management Errors vulnerability in IBM Websphere Portal

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 does not properly detect recursion during entity expansion, which allows remote authenticated users to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

3.5
2014-11-01 CVE-2014-8243 Linksys Cryptographic Issues vulnerability in Linksys products

Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI.

3.3
2014-11-01 CVE-2014-3615 Qemu
Debian
Redhat
Canonical
Opensuse
Information Exposure vulnerability in multiple products

The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.

2.1
2014-10-31 CVE-2014-8399 Shim Project Unspecified vulnerability in Shim Project Shim 8

The default configuration in systemd-shim 8 enables the Abandon debugging clause, which allows local users to cause a denial of service via unspecified vectors.

2.1
2014-10-29 CVE-2014-8537 Mcafee Information Exposure vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0

McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading the logs.

2.1
2014-10-29 CVE-2014-8536 Mcafee Information Exposure vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0

McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages.

2.1
2014-10-29 CVE-2014-8534 Mcafee Unspecified vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0

Unspecified vulnerability in the login form in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to cause a denial of service via a crafted value in the domain field.

2.1
2014-10-29 CVE-2014-8529 Mcafee Cryptographic Issues vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1

McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors.

2.1
2014-10-29 CVE-2014-8528 Mcafee Information Exposure vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1

McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users to obtain sensitive information by reading the audit log.

2.1
2014-10-29 CVE-2014-8526 Mcafee Information Exposure vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1

McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information by reading a Java stack trace.

2.1
2014-10-29 CVE-2014-8519 Mcafee Local Information Disclosure vulnerability in McAfee Network Data Loss Prevention 8.6/9.2.0

Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to read arbitrary files via unknown vectors.

2.1
2014-10-29 CVE-2014-8518 Mcafee Credentials Management vulnerability in Mcafee products

The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and Removable Media Protection (FRP) 4.3.0.x, and Endpoint Encryption for Files and Folders (EEFF) 3.2.x through 4.2.x, uses a hard-coded salt, which makes it easier for local users to obtain passwords via a brute force attack.

2.1