Weekly Vulnerabilities Reports > November 10 to 16, 2014

Overview

121 new vulnerabilities reported during this period, including 37 critical vulnerabilities and 20 high severity vulnerabilities. This weekly summary report vulnerabilities in 129 products from 48 vendors including Microsoft, Linux, Apple, Adobe, and Canonical. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Resource Management Errors", "Information Exposure", "Code Injection", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 97 reported vulnerabilities are remotely exploitables.
  • 14 reported vulnerabilities have public exploit available.
  • 8 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 113 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 50 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 33 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

37 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-11-14 CVE-2014-7878 HP Cryptographic Issues vulnerability in HP Helion Cloud Development Platform 1.0

The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection.

10.0
2014-11-12 CVE-2014-1635 Belkin Buffer Errors vulnerability in Belkin products

Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with firmware before F9K1103_WW_1.10.17m allows remote attackers to execute arbitrary code via a long string in the jump parameter.

10.0
2014-11-11 CVE-2014-8441 Adobe
Apple
Microsoft
Linux
Memory Corruption vulnerability in Adobe Flash Player and AIR

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-0581, and CVE-2014-8440.

10.0
2014-11-11 CVE-2014-8440 Adobe
Apple
Microsoft
Linux
Memory Corruption vulnerability in Adobe Flash Player and AIR

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-0581, and CVE-2014-8441.

10.0
2014-11-11 CVE-2014-8438 Adobe
Apple
Microsoft
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-0588.

10.0
2014-11-11 CVE-2014-0590 Adobe
Apple
Microsoft
Linux
Type Confusion Remote Code Execution vulnerability in Adobe Flash Player and AIR

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, and CVE-2014-0586.

10.0
2014-11-11 CVE-2014-0589 Adobe
Apple
Microsoft
Linux
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0582.

10.0
2014-11-11 CVE-2014-0588 Adobe
Apple
Microsoft
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-8438.

10.0
2014-11-11 CVE-2014-0586 Adobe
Apple
Microsoft
Linux
Code Injection vulnerability in Adobe products

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, and CVE-2014-0590.

10.0
2014-11-11 CVE-2014-0585 Adobe
Apple
Microsoft
Linux
Code Injection vulnerability in Adobe products

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0586, and CVE-2014-0590.

10.0
2014-11-11 CVE-2014-0584 Adobe
Apple
Microsoft
Linux
Code Injection vulnerability in Adobe products

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0585, CVE-2014-0586, and CVE-2014-0590.

10.0
2014-11-11 CVE-2014-0582 Adobe
Apple
Microsoft
Linux
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0589.

10.0
2014-11-11 CVE-2014-0581 Adobe
Apple
Microsoft
Linux
Memory Corruption vulnerability in Adobe Flash Player and AIR

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-8440, and CVE-2014-8441.

10.0
2014-11-11 CVE-2014-0577 Adobe
Apple
Microsoft
Linux
Code Injection vulnerability in Adobe products

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, and CVE-2014-0590.

10.0
2014-11-11 CVE-2014-0576 Adobe
Apple
Microsoft
Linux
Memory Corruption vulnerability in Adobe Flash Player and AIR

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0581, CVE-2014-8440, and CVE-2014-8441.

10.0
2014-11-11 CVE-2014-0574 Adobe
Apple
Microsoft
Linux
Code Injection vulnerability in Adobe products

Double free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors.

10.0
2014-11-11 CVE-2014-0573 Adobe
Apple
Microsoft
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0588 and CVE-2014-8438.

10.0
2014-11-11 CVE-2014-6321 Microsoft Code Injection vulnerability in Microsoft products

Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via crafted packets, aka "Microsoft Schannel Remote Code Execution Vulnerability."

10.0
2014-11-14 CVE-2014-8567 Uninett
Redhat
Resource Management Errors vulnerability in multiple products

The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.

9.4
2014-11-11 CVE-2014-6353 Microsoft Resource Management Errors vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-11-11 CVE-2014-6351 Microsoft Resource Management Errors vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-11-11 CVE-2014-6348 Microsoft Resource Management Errors vulnerability in Microsoft Internet Explorer 9

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6342.

9.3
2014-11-11 CVE-2014-6347 Microsoft Resource Management Errors vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-11-11 CVE-2014-6344 Microsoft Resource Management Errors vulnerability in Microsoft Internet Explorer 8/9

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-11-11 CVE-2014-6343 Microsoft Resource Management Errors vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-11-11 CVE-2014-6342 Microsoft Resource Management Errors vulnerability in Microsoft Internet Explorer 9

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6348.

9.3
2014-11-11 CVE-2014-6341 Microsoft Resource Management Errors vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4143.

9.3
2014-11-11 CVE-2014-6337 Microsoft Resource Management Errors vulnerability in Microsoft Internet Explorer 10/11

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-11-11 CVE-2014-6335 Microsoft Code Injection vulnerability in Microsoft Office Compatibility Pack, Office Word Viewer and Word

Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Invalid Pointer Remote Code Execution Vulnerability."

9.3
2014-11-11 CVE-2014-6334 Microsoft Code Injection vulnerability in Microsoft Office Compatibility Pack, Office Word Viewer and Word

Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Bad Index Remote Code Execution Vulnerability."

9.3
2014-11-11 CVE-2014-6333 Microsoft Code Injection vulnerability in Microsoft Office Compatibility Pack, Office Word Viewer and Word

Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Double Delete Remote Code Execution Vulnerability."

9.3
2014-11-11 CVE-2014-6332 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."

9.3
2014-11-11 CVE-2014-4149 Microsoft Improper Input Validation vulnerability in Microsoft .Net Framework

Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka "TypeFilterLevel Vulnerability."

9.3
2014-11-11 CVE-2014-4143 Microsoft Resource Management Errors vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6341.

9.3
2014-11-11 CVE-2014-4118 Microsoft Code Injection vulnerability in Microsoft products

XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (system-state corruption) via crafted XML content, aka "MSXML Remote Code Execution Vulnerability."

9.3
2014-11-11 CVE-2014-4077 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanese) Elevation of Privilege Vulnerability," as exploited in the wild in 2014.

9.3
2014-11-13 CVE-2014-8770 Magmi Project Code Injection vulnerability in Magmi Project Magmi

Unrestricted file upload vulnerability in magmi/web/magmi.php in the MAGMI (aka Magento Mass Importer) plugin 0.7.17a and earlier for Magento Community Edition (CE) allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP file, then accessing the PHP file via a direct request to it in magmi/plugins/.

9.0

20 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-11-10 CVE-2014-3687 Linux
Redhat
Canonical
Debian
Novell
Opensuse
Suse
Oracle
Resource Exhaustion vulnerability in multiple products

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.

7.8
2014-11-10 CVE-2014-3673 Linux
Redhat
Canonical
Debian
Opensuse
Suse
Oracle
Improper Input Validation vulnerability in multiple products

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.

7.8
2014-11-16 CVE-2014-0250 Freerdp
Opensuse
Numeric Errors vulnerability in multiple products

Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.

7.5
2014-11-15 CVE-2014-3158 Point TO Point Protocol Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Point-To-Point Protocol Project Point-To-Point Protocol

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "[corrupts] security-relevant variables."

7.5
2014-11-14 CVE-2014-5424 Rockwellautomation Permissions, Privileges, and Access Controls vulnerability in Rockwellautomation Connected Components Workbench

Rockwell Automation Connected Components Workbench (CCW) before 7.00.00 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an invalid property value to an ActiveX control that was built with an outdated compiler.

7.5
2014-11-13 CVE-2014-8554 Mantisbt SQL Injection vulnerability in Mantisbt

SQL injection vulnerability in the mc_project_get_attachments function in api/soap/mc_project_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary SQL commands via the project_id parameter.

7.5
2014-11-13 CVE-2014-3674 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Openshift

Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors.

7.5
2014-11-11 CVE-2014-8442 Adobe
Apple
Microsoft
Linux
Permissions, Privileges, and Access Controls vulnerability in Adobe products

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to complete a transition from Low Integrity to Medium Integrity by leveraging incorrect permissions.

7.5
2014-11-11 CVE-2014-0583 Adobe
Apple
Microsoft
Linux
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to complete a transition from Low Integrity to Medium Integrity via unspecified vectors.

7.5
2014-11-16 CVE-2013-0347 Webfs Information Exposure vulnerability in Webfs

The Gentoo init script for webfs uses world-readable permissions for /var/log/webfsd.log, which allows local users to have unspecified impact by reading the file.

7.2
2014-11-14 CVE-2014-3689 Qemu
Debian
Canonical
Improper Privilege Management vulnerability in multiple products

The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.

7.2
2014-11-13 CVE-2014-8359 Huawei Permissions, Privileges, and Access Controls vulnerability in Huawei products

Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory.

7.2
2014-11-11 CVE-2014-4076 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows Server 2003

Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."

7.2
2014-11-10 CVE-2014-7826 Linux
Opensuse
Suse
Null Pointer Dereference vulnerability in multiple products

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.

7.2
2014-11-10 CVE-2014-7825 Linux Out-Of-Bounds Read vulnerability in Linux Kernel

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application.

7.2
2014-11-16 CVE-2014-8952 Checkpoint Denial of Service vulnerability in Check Point Security Gateway

Multiple unspecified vulnerabilities in Check Point Security Gateway R75.40VS, R75.45, R75.46, R75.47, R76, R77, and R77.10, when the (1) IPS blade, (2) IPsec Remote Access, (3) Mobile Access / SSL VPN blade, (4) SSL Network Extender, (5) Identify Awareness blade, (6) HTTPS Inspection, (7) UserCheck, or (8) Data Leak Prevention blade module is enabled, allow remote attackers to cause a denial of service ("stability issue") via an unspecified "traffic condition."

7.1
2014-11-16 CVE-2014-8951 Checkpoint Denial of Service vulnerability in Check Point Security Gateway

Unspecified vulnerability in Check Point Security Gateway R75, R76, R77, and R77.10, when UserCheck is enabled and the (1) Application Control, (2) URL Filtering, (3) DLP, (4) Threat Emulation, (5) Anti-Bot, or (6) Anti-Virus blade is used, allows remote attackers to cause a denial of service (fwk0 process crash, core dump, and restart) via a redirect to the UserCheck page.

7.1
2014-11-16 CVE-2014-8950 Checkpoint Denial of Service vulnerability in Checkpoint Security Gateway R77/R77.10

Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the (1) URL Filtering or (2) Identity Awareness blade is used, allows remote attackers to cause a denial of service (crash) via vectors involving an HTTPS request.

7.1
2014-11-15 CVE-2014-7998 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco IOS

Cisco IOS on Aironet access points, when "dot11 aaa authenticator" debugging is enabled, allows remote attackers to cause a denial of service via a malformed EAP packet, aka Bug ID CSCul15509.

7.1
2014-11-11 CVE-2014-6317 Microsoft Improper Validation of Array Index vulnerability in Microsoft products

Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (reboot) via a crafted TrueType font, aka "Denial of Service in Windows Kernel Mode Driver Vulnerability."

7.1

55 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-11-16 CVE-2014-8948 Imember360 Cross-Site Request Forgery (CSRF) vulnerability in Imember360

Cross-site request forgery (CSRF) vulnerability in the iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote attackers to hijack the authentication of administrators for requests that with an unspecified impact via the i4w_trace parameter.

6.8
2014-11-16 CVE-2014-2682 Zend Data Processing Errors vulnerability in Zend products

Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0, when PHP-FPM is used, does not properly share the libxml_disable_entity_loader setting between threads, which might allow remote attackers to conduct XML External Entity (XXE) attacks via an XML external entity declaration in conjunction with an entity reference.

6.8
2014-11-16 CVE-2014-0233 Redhat Code Injection vulnerability in Redhat Openshift 2.0/2.1

Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartridge using the file: URI scheme.

6.5
2014-11-16 CVE-2014-2684 Zend Permissions, Privileges, and Access Controls vulnerability in Zend Framework and Zendopenid

The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 does not verify that the openid_op_endpoint value identifies the same Identity Provider as the provider used in the association handle, which allows remote attackers to bypass authentication and spoof arbitrary OpenID identities by using a malicious OpenID Provider that generates OpenID tokens with arbitrary identifier and claimed_id values.

6.4
2014-11-16 CVE-2014-2681 Zend Data Processing Errors vulnerability in Zend products

Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and memory consumption) via an XML External Entity (XXE) attack.

6.4
2014-11-15 CVE-2014-8566 Uninett
Oracle
Information Exposure vulnerability in multiple products

The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a "session overflow" involving "sessions overlapping in memory."

6.4
2014-11-15 CVE-2014-3500 Apache Code vulnerability in Apache Cordova

Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL.

6.4
2014-11-16 CVE-2014-3248 Puppet
Puppetlabs
Code vulnerability in multiple products

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine.

6.2
2014-11-15 CVE-2014-7997 Cisco Resource Management Errors vulnerability in Cisco IOS

The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cause a denial of service (device restart) by triggering a transition into a recovery state that was intended to involve a network-interface restart but actually involves a full device restart, aka Bug ID CSCtn16281.

6.1
2014-11-16 CVE-2014-8949 Imember360 Code Injection vulnerability in Imember360

The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the i4w_trace parameter.

6.0
2014-11-16 CVE-2012-2301 Ubercart Code Injection vulnerability in Ubercart

The Ubercart module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer product classes" permission to execute arbitrary PHP code via unspecified vectors.

6.0
2014-11-11 CVE-2014-4078 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Information Services 8.0/8.5

The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

5.1
2014-11-16 CVE-2014-3916 Rubyonrails Data Processing Errors vulnerability in Rubyonrails Rails 1.9.3/2.0.0/2.1.0

The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.

5.0
2014-11-16 CVE-2014-3756 Mumble Data Processing Errors vulnerability in Mumble

The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service (hang and resource consumption) via a crafted string that is treated as rich-text by a Qt widget, as demonstrated by the (1) user or (2) channel name in a Qt dialog, (3) subject common name or (4) email address to the Certificate Wizard, or (5) server name in a tooltip.

5.0
2014-11-16 CVE-2014-3755 Mumble Resource Management Errors vulnerability in Mumble

The QSvg module in Qt, as used in the Mumble client 1.2.x before 1.2.6, allows remote attackers to cause a denial of service (hang and resource consumption) via a local file reference in an (1) image tag or (2) XML stylesheet in an SVG file.

5.0
2014-11-16 CVE-2013-3737 Bestpractical Information Exposure vulnerability in Bestpractical Request Tracker

The MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Request Tracker (RT) 4.0.0 before 4.0.13, when using the file-based session store (Apache::Session::File) and certain authentication extensions, allows remote attackers to reuse unauthorized sessions and obtain user preferences and caches via unspecified vectors.

5.0
2014-11-16 CVE-2014-2268 Vtiger Permissions, Privileges, and Access Controls vulnerability in Vtiger CRM

views/Index.php in the Install module in vTiger 6.0 before Security Patch 2 does not properly restrict access, which allows remote attackers to re-install the application via a request that sets the X-Requested-With HTTP header, as demonstrated by executing arbitrary PHP code via the db_name parameter.

5.0
2014-11-16 CVE-2014-2683 Zend Code vulnerability in Zend products

Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0 allow remote attackers to cause a denial of service (CPU consumption) via (1) recursive or (2) circular references in an XML entity definition in an XML DOCTYPE declaration, aka an XML Entity Expansion (XEE) attack.

5.0
2014-11-15 CVE-2014-4975 Ruby Lang
Redhat
Debian
Canonical
Buffer Errors vulnerability in Ruby-Lang Ruby

Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.

5.0
2014-11-14 CVE-2014-7815 Qemu
Debian
Redhat
Canonical
Suse
Improper Input Validation vulnerability in multiple products

The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.

5.0
2014-11-13 CVE-2014-8564 GNU
Redhat
Opensuse
Canonical
Cryptographic Issues vulnerability in multiple products

The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.

5.0
2014-11-13 CVE-2014-7823 Redhat Credentials Management vulnerability in Redhat Libvirt

The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag.

5.0
2014-11-12 CVE-2014-8736 Open Atrium Project Information Exposure vulnerability in Open Atrium Project Open Atrium

The Open Atrium Core module for Drupal before 7.x-2.22 allows remote attackers to bypass access restrictions and read file attachments that have been removed from a node by leveraging a previous revision of the node.

5.0
2014-11-12 CVE-2014-8555 Progress Path Traversal vulnerability in Progress Openedge 11.2

Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a ..

5.0
2014-11-11 CVE-2014-8437 Adobe
Apple
Microsoft
Linux
Information Exposure vulnerability in Adobe products

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow remote attackers to discover session tokens via unspecified vectors.

5.0
2014-11-11 CVE-2014-6339 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer 8/9

Microsoft Internet Explorer 8 and 9 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."

5.0
2014-11-11 CVE-2014-6331 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Active Directory Federation Services 2.0/2.1/3.0

Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3.0, when a configured SAML Relying Party lacks a sign-out endpoint, does not properly process logoff actions, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation, aka "Active Directory Federation Services Information Disclosure Vulnerability."

5.0
2014-11-10 CVE-2014-8709 Linux Information Exposure vulnerability in Linux Kernel

The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets.

5.0
2014-11-10 CVE-2014-8652 Elipse Configuration vulnerability in Elipse E3 3.2

Elipse E3 3.x and earlier allows remote attackers to cause a denial of service (application crash and plant outage) via a rapid series of HTTP requests to index.html on TCP port 1681.

5.0
2014-11-10 CVE-2014-8559 Linux
Canonical
Novell
Opensuse
Suse
Oracle
Resource Exhaustion vulnerability in multiple products

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.

4.9
2014-11-10 CVE-2014-8481 Linux Resource Management Errors vulnerability in Linux Kernel

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes.

4.9
2014-11-10 CVE-2014-8480 Linux Resource Management Errors vulnerability in Linux Kernel

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application.

4.9
2014-11-10 CVE-2014-7207 Linux Local Denial of Service vulnerability in Linux Kernel

A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap device access.

4.9
2014-11-10 CVE-2014-3690 Linux
Novell
Opensuse
Suse
Redhat
Debian
Canonical
Resource Exhaustion vulnerability in multiple products

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.

4.9
2014-11-10 CVE-2014-3610 Linux
Canonical
Debian
Opensuse
Suse
The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c.
4.9
2014-11-10 CVE-2014-3646 Linux
Redhat
Canonical
Debian
Opensuse
Suse
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.
4.7
2014-11-10 CVE-2014-3611 Linux
Redhat
Canonical
Debian
Race Condition vulnerability in multiple products

Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.

4.7
2014-11-15 CVE-2014-5388 Qemu
Canonical
Off-By-One Error vulnerability in multiple products

Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption.

4.6
2014-11-10 CVE-2014-8369 Linux
Debian
Opensuse
Suse
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges.

4.6
2014-11-15 CVE-2014-3502 Apache Information Exposure vulnerability in Apache Cordova 3.5.0

Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent.

4.3
2014-11-15 CVE-2014-3501 Apache 7PK - Security Features vulnerability in Apache Cordova 3.5.0

Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView.

4.3
2014-11-15 CVE-2014-3707 Canonical
Apple
Opensuse
Oracle
Debian
Haxx
Information Exposure vulnerability in multiple products

The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.

4.3
2014-11-15 CVE-2014-7248 IPA Cross-Site Scripting vulnerability in IPA Ilogscanner 4.0

Cross-site scripting (XSS) vulnerability in IPA iLogScanner 4.0 allows remote attackers to inject arbitrary web script or HTML by triggering a crafted entry in a log file.

4.3
2014-11-14 CVE-2014-7991 Cisco Cryptographic Issues vulnerability in Cisco Unified Communications Manager

The Remote Mobile Access Subsystem in Cisco Unified Communications Manager (CM) 10.0(1) and earlier does not properly validate the Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof VCS core devices via a crafted certificate issued by a legitimate Certification Authority, aka Bug ID CSCuq86376.

4.3
2014-11-13 CVE-2014-8557 Jexperts Cross-Site Scripting vulnerability in Jexperts Channel Platform 5.0.33Ccb

Multiple cross-site scripting (XSS) vulnerabilities in JExperts Channel Platform 5.0.33_CCB allow remote attackers to inject arbitrary web script or HTML via the (1) usuario.nome variable in an editarUsuario action to usuario.do or (2) titulo.form variable in a novoChamado action to ticket.do.

4.3
2014-11-11 CVE-2014-6350 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer 10/11

Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6349.

4.3
2014-11-11 CVE-2014-6349 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer 10/11

Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6350.

4.3
2014-11-11 CVE-2014-6346 Microsoft Information Exposure vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 8 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."

4.3
2014-11-11 CVE-2014-6345 Microsoft Information Exposure vulnerability in Microsoft Internet Explorer 10/9

Microsoft Internet Explorer 9 and 10 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."

4.3
2014-11-11 CVE-2014-6340 Microsoft Information Exposure vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."

4.3
2014-11-11 CVE-2014-6323 Microsoft Information Exposure vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 7 through 11 allows remote attackers to obtain sensitive clipboard information via a crafted web site, aka "Internet Explorer Clipboard Information Disclosure Vulnerability."

4.3
2014-11-11 CVE-2014-6322 Microsoft Improper Input Validation vulnerability in Microsoft products

The Windows Audio service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted web site, as demonstrated by execution of web script in Internet Explorer, aka "Windows Audio Service Vulnerability."

4.3
2014-11-11 CVE-2014-6318 Microsoft Improper Authentication vulnerability in Microsoft products

The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly log unauthorized login attempts supplying valid credentials, which makes it easier for remote attackers to bypass intended access restrictions via a series of attempts, aka "Remote Desktop Protocol (RDP) Failure to Audit Vulnerability."

4.3
2014-11-11 CVE-2014-4116 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Foundation 2010

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2 allows remote authenticated users to inject arbitrary web script or HTML via a modified list, aka "SharePoint Elevation of Privilege Vulnerability."

4.3
2014-11-12 CVE-2014-8735 BAD Behavior Project Information Exposure vulnerability in BAD Behavior Project BAD Behavior

The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7.x-2.2216 for Drupal logs usernames and passwords, which allows remote authenticated users with the "administer bad behavior" permission to obtain sensitive information by reading a log file.

4.0

9 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-11-16 CVE-2014-0228 Apache Improper Access Control vulnerability in Apache Hive

Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for (1) import and (2) export statements, which allows remote authenticated users to obtain sensitive information via a crafted URI.

3.5
2014-11-14 CVE-2014-7246 Forgerock Improper Input Validation vulnerability in Forgerock Openam

The Core Server in OpenAM 9.5.3 through 9.5.5, 10.0.0 through 10.0.2, 10.1.0-Xpress, and 11.0.0 through 11.0.2, when deployed on a multi-server network, allows remote authenticated users to cause a denial of service (infinite loop) via a crafted cookie in a request.

3.5
2014-11-12 CVE-2014-8734 Drupal Permissions, Privileges, and Access Controls vulnerability in Drupal Organic Groups Menu 7.X2.0/7.X2.Xdev

The Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal allows remote authenticated users with the "access administration pages" permission to change module settings via unspecified vectors.

3.5
2014-11-16 CVE-2014-2667 Python Race Condition vulnerability in Python

Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the expected value.

3.3
2014-11-16 CVE-2014-3209 Nlnetlabs Permissions, Privileges, and Access Controls vulnerability in Nlnetlabs Ldns

The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.

2.1
2014-11-13 CVE-2014-8476 Freebsd Information Exposure vulnerability in Freebsd

The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initialize the buffer used to store the login name, which allows local users to obtain sensitive information from kernel memory via a call to getlogin, which returns the entire buffer.

2.1
2014-11-13 CVE-2014-3602 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Openshift

Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp.

2.1
2014-11-10 CVE-2014-3645 Linux Improper Input Validation vulnerability in Linux Kernel

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

2.1
2014-11-10 CVE-2014-3647 Linux
Redhat
Canonical
Debian
Opensuse
Suse
Oracle
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.
1.9