Weekly Vulnerabilities Reports > December 8 to 14, 2014

Overview

204 new vulnerabilities reported during this period, including 41 critical vulnerabilities and 31 high severity vulnerabilities. This weekly summary report vulnerabilities in 172 products from 82 vendors including Microsoft, Apple, Adobe, X ORG, and Mozilla. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Improper Input Validation", "Code Injection", and "Resource Management Errors".

  • 189 reported vulnerabilities are remotely exploitables.
  • 8 reported vulnerabilities have public exploit available.
  • 45 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 173 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 50 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 37 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

41 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-12-11 CVE-2014-7192 Joyent Code Injection vulnerability in Joyent Node.Js 0.6.1/0.6.3

Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file.

10.0
2014-12-10 CVE-2014-9165 Adobe
Apple
Microsoft
Use After Free Remote Code Execution vulnerability in Adobe Reader and Acrobat

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-8455.

10.0
2014-12-10 CVE-2014-9164 Adobe
Apple
Microsoft
Linux
Code Injection vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0587.

10.0
2014-12-10 CVE-2014-9163 Adobe
Apple
Microsoft
Linux
Stack Based Buffer Overflow vulnerability in Adobe Flash Player

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014.

10.0
2014-12-10 CVE-2014-9162 Adobe
Apple
Microsoft
Linux
Information Exposure vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to obtain sensitive information via unspecified vectors.

10.0
2014-12-10 CVE-2014-9159 Adobe
Apple
Microsoft
Heap Buffer Overflow vulnerability in Adobe Reader and Acrobat

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-8460.

10.0
2014-12-10 CVE-2014-9158 Adobe
Apple
Microsoft
Code Injection vulnerability in multiple products

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, and CVE-2014-8461.

10.0
2014-12-10 CVE-2014-8461 Adobe
Apple
Microsoft
Code Injection vulnerability in multiple products

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, and CVE-2014-9158.

10.0
2014-12-10 CVE-2014-8460 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-9159.

10.0
2014-12-10 CVE-2014-8459 Adobe
Apple
Microsoft
Code Injection vulnerability in multiple products

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8461, and CVE-2014-9158.

10.0
2014-12-10 CVE-2014-8458 Adobe
Apple
Microsoft
Code Injection vulnerability in multiple products

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.

10.0
2014-12-10 CVE-2014-8457 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8460 and CVE-2014-9159.

10.0
2014-12-10 CVE-2014-8456 Adobe
Apple
Microsoft
Code Injection vulnerability in multiple products

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.

10.0
2014-12-10 CVE-2014-8455 Adobe
Apple
Microsoft
Use After Free Remote Code Execution vulnerability in Adobe Reader and Acrobat

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-9165.

10.0
2014-12-10 CVE-2014-8454 Adobe
Apple
Microsoft
Use After Free Remote Code Execution vulnerability in Adobe Reader and Acrobat

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8455 and CVE-2014-9165.

10.0
2014-12-10 CVE-2014-8449 Adobe
Apple
Microsoft
Numeric Errors vulnerability in multiple products

Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10.0
2014-12-10 CVE-2014-8447 Adobe
Apple
Microsoft
Code Injection vulnerability in multiple products

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.

10.0
2014-12-10 CVE-2014-8446 Adobe
Apple
Microsoft
Memory Corruption vulnerability in Adobe Reader and Acrobat

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.

10.0
2014-12-10 CVE-2014-8445 Adobe
Apple
Microsoft
Code Injection vulnerability in multiple products

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.

10.0
2014-12-10 CVE-2014-8443 Adobe
Apple
Microsoft
Linux
Use After Free Remote Code Execution vulnerability in Adobe Flash Player

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors.

10.0
2014-12-10 CVE-2014-0587 Adobe
Apple
Microsoft
Linux
Code Injection vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9164.

10.0
2014-12-10 CVE-2014-0580 Adobe
Apple
Microsoft
Linux
Permissions, Privileges, and Access Controls vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

10.0
2014-12-10 CVE-2014-8496 Digicom Credentials Management vulnerability in Digicom Dg-5514T Adsl Router Firmware 3.2

Digicom DG-5514T ADSL router with firmware 3.2 generates predictable session IDs, which allows remote attackers to gain administrator privileges via a brute force session hijacking attack.

10.0
2014-12-08 CVE-2013-2810 Emerson Command Injection vulnerability in Emerson products

Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack.

10.0
2014-12-11 CVE-2014-8966 Microsoft Improper Input Validation vulnerability in Microsoft Internet Explorer 6/7/8

Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-12-11 CVE-2014-6376 Microsoft Improper Input Validation vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6327 and CVE-2014-6329.

9.3
2014-12-11 CVE-2014-6375 Microsoft Improper Input Validation vulnerability in Microsoft Internet Explorer 8

Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-12-11 CVE-2014-6374 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-12-11 CVE-2014-6373 Microsoft Improper Input Validation vulnerability in Microsoft Internet Explorer 10

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-12-11 CVE-2014-6369 Microsoft Improper Input Validation vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-12-11 CVE-2014-6366 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 6/7

Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-12-11 CVE-2014-6364 Microsoft Use After Free Remote Code Execution vulnerability in Microsoft Office 2007/2010/2013

Use-after-free vulnerability in Microsoft Office 2007 SP3; 2010 SP2; 2013 Gold, SP1, and SP2; and 2013 RT Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerability." <a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>

9.3
2014-12-11 CVE-2014-6363 Microsoft Resource Management Errors vulnerability in Microsoft Internet Explorer and Vbscript

vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."

9.3
2014-12-11 CVE-2014-6361 Microsoft Code Injection vulnerability in Microsoft Excel and Office Compatibility Pack

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold and SP1, Excel 2013 RT Gold and SP1, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Excel Invalid Pointer Remote Code Execution Vulnerability."

9.3
2014-12-11 CVE-2014-6360 Microsoft Code Injection vulnerability in Microsoft Excel and Office Compatibility Pack

Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Global Free Remote Code Execution in Excel Vulnerability."

9.3
2014-12-11 CVE-2014-6357 Microsoft Use After Free Memory Corruption vulnerability in Microsoft Office

Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 Gold and SP1, and Office Web Apps 2010 SP2 and 2013 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Use After Free Word Remote Code Execution Vulnerability." <a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>

9.3
2014-12-11 CVE-2014-6356 Microsoft Code Injection vulnerability in Microsoft Office Compatibility Pack and Word

Array index error in Microsoft Word 2007 SP3, Word 2010 SP2, and Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Invalid Index Remote Code Execution Vulnerability."

9.3
2014-12-11 CVE-2014-6330 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 9

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

9.3
2014-12-11 CVE-2014-6329 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6327 and CVE-2014-6376.

9.3
2014-12-11 CVE-2014-6327 Microsoft Improper Input Validation vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6329 and CVE-2014-6376.

9.3
2014-12-11 CVE-2014-8373 Vmware Permissions, Privileges, and Access Controls vulnerability in VMWare Vcloud Automation Center

The VMware Remote Console (VMRC) function in VMware vCloud Automation Center (vCAC) 6.0.1 through 6.1.1 allows remote authenticated users to gain privileges via vectors involving the "Connect (by) Using VMRC" function.

9.0

31 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-12-10 CVE-2014-7879 HP Improper Authentication vulnerability in HP Hp-Ux B.11.11/B.11.23/B.11.31

HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors.

8.5
2014-12-11 CVE-2014-8500 ISC Resource Management Errors vulnerability in ISC Bind

ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.

7.8
2014-12-13 CVE-2014-8269 Honeywell Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Honeywell Opos Suite

Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file that is improperly handled by the Open method.

7.5
2014-12-12 CVE-2014-7840 Qemu
Redhat
Improper Input Validation vulnerability in multiple products

The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.

7.5
2014-12-12 CVE-2014-6407 Docker Link Following vulnerability in Docker

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.

7.5
2014-12-12 CVE-2014-4323 Linux Improper Input Validation vulnerability in Linux Kernel

The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain start and length values within an ioctl call, which allows attackers to gain privileges via a crafted application.

7.5
2014-12-12 CVE-2014-7260 Ultrapop Code Injection vulnerability in Ultrapop I-Httpd

The Server Side Includes (SSI) implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives.

7.5
2014-12-11 CVE-2014-9264 SAP Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SAP SQL Anywhere

Stack-based buffer overflow in the .NET Data Provider in SAP SQL Anywhere allows remote attackers to execute arbitrary code via a crafted column alias.

7.5
2014-12-10 CVE-2014-4466 Apple Resource Management Errors vulnerability in Apple products

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

7.5
2014-12-10 CVE-2014-7866 Zohocorp Path Traversal vulnerability in Zohocorp products

Multiple directory traversal vulnerabilities in ZOHO ManageEngine OpManager 8 (build 88xx) through 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to write and execute arbitrary files via a ..

7.5
2014-12-10 CVE-2014-8298 Nvidia Data Processing Errors vulnerability in Nvidia GPU Driver

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service (segmentation fault and X server crash) or possibly execute arbitrary code via a crafted GLX indirect rendering protocol request.

7.5
2014-12-09 CVE-2014-9318 Ffmpeg Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg

The raw_decode function in libavcodec/rawdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via a crafted .cine file that triggers the avpicture_get_size function to return a negative frame size.

7.5
2014-12-09 CVE-2014-9317 Ffmpeg Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg

The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via an IDAT before an IHDR in a PNG file.

7.5
2014-12-09 CVE-2014-9316 Ffmpeg Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg

The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via vectors related to LJIF tags in an MJPEG file.

7.5
2014-12-09 CVE-2014-9275 Unrtf Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Unrtf Project Unrtf

UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file.

7.5
2014-12-09 CVE-2014-9274 Unrtf Project
Fedoraproject
Mageia Project
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".

7.5
2014-12-09 CVE-2014-8504 Canonical
GNU
Fedoraproject
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.

7.5
2014-12-09 CVE-2014-8503 Fedoraproject
GNU
Canonical
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file.

7.5
2014-12-09 CVE-2014-8502 Fedoraproject
GNU
Canonical
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file.

7.5
2014-12-09 CVE-2014-8501 GNU
Canonical
Fedoraproject
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable.

7.5
2014-12-09 CVE-2014-8485 Fedoraproject
Canonical
GNU
Code Injection vulnerability in multiple products

The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file.

7.5
2014-12-08 CVE-2014-9348 Robotstats SQL Injection vulnerability in Robotstats 1.0

SQL injection vulnerability in the formulaireRobot function in admin/robots.lib.php in RobotStats 1.0 allows remote attackers to execute arbitrary SQL commands via the robot parameter to admin/robots.php.

7.5
2014-12-08 CVE-2014-9347 Phpmyrecipes Project SQL Injection vulnerability in PHPmyrecipes Project PHPmyrecipes 1.2.2

SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the words_exact parameter.

7.5
2014-12-08 CVE-2014-9345 Guruperl SQL Injection vulnerability in Guruperl Advertise With Pleasure!

SQL injection vulnerability in Guruperl.net Advertise With Pleasure! Professional (aka AWP PRO) 6.6 and earlier allows remote attackers to execute arbitrary SQL commands via the group_id parameter in a list_zone action to cgi/client.cgi.

7.5
2014-12-08 CVE-2014-9280 Mantisbt Code Injection vulnerability in Mantisbt

The current_user_get_bug_filter function in core/current_user_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary PHP code via the filter parameter.

7.5
2014-12-08 CVE-2014-9029 Jasper Project Numeric Errors vulnerability in Jasper Project Jasper 1.900.1

Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.

7.5
2014-12-08 CVE-2014-4880 Hikvision Buffer Errors vulnerability in Hikvision DVR Ds-7204 Firmware 2.2.10

Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other models and versions, allows remote attackers to execute arbitrary code via an RTSP PLAY request with a long Authorization header.

7.5
2014-12-08 CVE-2014-1693 Erlang Command Injection vulnerability in Erlang Erlang/Otp R15B03

Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the (1) user, (2) account, (3) cd, (4) ls, (5) nlist, (6) rename, (7) delete, (8) mkdir, (9) rmdir, (10) recv, (11) recv_bin, (12) recv_chunk_start, (13) send, (14) send_bin, (15) send_chunk_start, (16) append_chunk_start, (17) append, or (18) append_bin command.

7.5
2014-12-12 CVE-2014-8956 K7Computing Buffer Errors vulnerability in K7Computing K7Av Sentry Device Driver 12.8.0.118

Stack-based buffer overflow in the K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via unspecified vectors.

7.2
2014-12-12 CVE-2014-7136 K7Computing Buffer Errors vulnerability in K7Computing K7Firewall Packet Driver 14.0.1.15

Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call.

7.2
2014-12-10 CVE-2014-8003 Cisco Improper Input Validation vulnerability in Cisco Unified Computing System

Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998.

7.2

119 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-12-12 CVE-2014-8515 Bittorrent Command Injection vulnerability in Bittorrent

The web interface in BitTorrent allows remote attackers to execute arbitrary commands by leveraging knowledge of the pairing values and a crafted request to port 10000.

6.8
2014-12-11 CVE-2014-1594 Mozilla Improper Input Validation vulnerability in Mozilla Firefox, Firefox ESR and Seamonkey

Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.

6.8
2014-12-11 CVE-2014-1593 Mozilla Buffer Errors vulnerability in Mozilla Firefox, Firefox ESR and Seamonkey

Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.

6.8
2014-12-11 CVE-2014-1592 Mozilla Use After Free Memory Corruption vulnerability in Mozilla Firefox, Firefox ESR and Seamonkey

Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document during parsing.

6.8
2014-12-11 CVE-2014-1589 Mozilla Improper Access Control vulnerability in Mozilla Firefox and Seamonkey

Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.

6.8
2014-12-11 CVE-2014-1588 Mozilla Memory Corruption vulnerability in Mozilla Firefox/Thunderbird

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

6.8
2014-12-11 CVE-2014-1587 Mozilla Improper Input Validation vulnerability in Mozilla Firefox, Firefox ESR and Seamonkey

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

6.8
2014-12-10 CVE-2014-4475 Apple Resource Management Errors vulnerability in Apple products

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

6.8
2014-12-10 CVE-2014-4474 Apple Resource Management Errors vulnerability in Apple products

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

6.8
2014-12-10 CVE-2014-4473 Apple Resource Management Errors vulnerability in Apple products

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

6.8
2014-12-10 CVE-2014-4472 Apple Resource Management Errors vulnerability in Apple products

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

6.8
2014-12-10 CVE-2014-4471 Apple Resource Management Errors vulnerability in Apple products

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

6.8
2014-12-10 CVE-2014-4470 Apple Resource Management Errors vulnerability in Apple products

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

6.8
2014-12-10 CVE-2014-4469 Apple Resource Management Errors vulnerability in Apple products

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

6.8
2014-12-10 CVE-2014-4468 Apple Resource Management Errors vulnerability in Apple products

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

6.8
2014-12-10 CVE-2014-7809 Apache Cross-Site Request Forgery (CSRF) vulnerability in Apache Struts

Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable <s:token/> values, which allows remote attackers to bypass the CSRF protection mechanism.

6.8
2014-12-08 CVE-2014-9344 Globiz Solutions Cross-Site Request Forgery (CSRF) vulnerability in Globiz Solutions Snowfox Content Management System 1.0

Cross-site request forgery (CSRF) vulnerability in Snowfox CMS before 1.0.10 allows remote attackers to hijack the authentication of administrators for requests that add a new admin account via a submit action in the admin/accounts/create uri to snowfox/.

6.8
2014-12-08 CVE-2014-9268 Autodesk Improper Input Validation vulnerability in Autodesk Design Review 2011/2012/2013

The AdView.AdViewer.1 ActiveX control in Autodesk Design Review (ADR) before 2013 Hotfix 1 allows remote attackers to execute arbitrary code via a crafted DWF file.

6.8
2014-12-08 CVE-2014-9267 PTC Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in PTC Isoview

Heap-based buffer overflow in the PTC IsoView ActiveX control allows remote attackers to execute arbitrary code via a crafted ViewPort property value.

6.8
2014-12-08 CVE-2014-9266 Samsung Code Injection vulnerability in Samsung Smart Viewer

The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors.

6.8
2014-12-08 CVE-2014-9265 Samsung Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Samsung Smartviewer

Stack-based buffer overflow in the BackupToAvi method in the CNC_Ctrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors.

6.8
2014-12-08 CVE-2014-9263 3S Pocketnet Tech Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in 3S Pocketnet Tech 3S Pocketnet Tech Video Management Software

Multiple buffer overflows in the PocketNetNVRMediaClientAxCtrl.NVRMediaViewer.1 control in 3S Pocketnet Tech VMS allow remote attackers to execute arbitrary code via a crafted string to the (1) StartRecord, (2) StartRecordEx, (3) StartScheduledRecord, (4) SetDisplayText, (5) GetONVIFDeviceInformation, (6) GetONVIFProfiles, or (7) GetONVIFStreamUri method or a crafted filename to the (8) SaveCurrentImage or (9) SaveCurrentImageEx method.

6.8
2014-12-10 CVE-2014-8010 Cisco Improper Input Validation vulnerability in Cisco Unified Communications Domain Manager 8.0

The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute arbitrary OS commands via crafted values, aka Bug ID CSCuq50205.

6.5
2014-12-10 CVE-2014-8103 X ORG Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in X.Org Xorg-Server

X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) sproc_dri3_query_version, (2) sproc_dri3_open, (3) sproc_dri3_pixmap_from_buffer, (4) sproc_dri3_buffer_from_pixmap, (5) sproc_dri3_fence_from_fd, (6) sproc_dri3_fd_from_fence, (7) proc_present_query_capabilities, (8) sproc_present_query_version, (9) sproc_present_pixmap, (10) sproc_present_notify_msc, (11) sproc_present_select_input, or (12) sproc_present_query_capabilities function in the (a) DRI3 or (b) Present extension.

6.5
2014-12-10 CVE-2014-8102 X ORG
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length value.

6.5
2014-12-10 CVE-2014-8101 X ORG Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in X.Org X11, Xfree86 and Xorg-Server

The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcRRQueryVersion, (2) SProcRRGetScreenInfo, (3) SProcRRSelectInput, or (4) SProcRRConfigureOutputProperty function.

6.5
2014-12-10 CVE-2014-8100 X ORG Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in X.Org X11, Xfree86 and Xorg-Server

The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcRenderQueryVersion, (2) SProcRenderQueryVersion, (3) SProcRenderQueryPictFormats, (4) SProcRenderQueryPictIndexValues, (5) SProcRenderCreatePicture, (6) SProcRenderChangePicture, (7) SProcRenderSetPictureClipRectangles, (8) SProcRenderFreePicture, (9) SProcRenderComposite, (10) SProcRenderScale, (11) SProcRenderCreateGlyphSet, (12) SProcRenderReferenceGlyphSet, (13) SProcRenderFreeGlyphSet, (14) SProcRenderFreeGlyphs, or (15) SProcRenderCompositeGlyphs function.

6.5
2014-12-10 CVE-2014-8099 X ORG Buffer Errors vulnerability in X.Org X11, Xfree86 and Xorg-Server

The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXvQueryExtension, (2) SProcXvQueryAdaptors, (3) SProcXvQueryEncodings, (4) SProcXvGrabPort, (5) SProcXvUngrabPort, (6) SProcXvPutVideo, (7) SProcXvPutStill, (8) SProcXvGetVideo, (9) SProcXvGetStill, (10) SProcXvPutImage, (11) SProcXvShmPutImage, (12) SProcXvSelectVideoNotify, (13) SProcXvSelectPortNotify, (14) SProcXvStopVideo, (15) SProcXvSetPortAttribute, (16) SProcXvGetPortAttribute, (17) SProcXvQueryBestSize, (18) SProcXvQueryPortAttributes, (19) SProcXvQueryImageAttributes, or (20) SProcXvListImageFormats function.

6.5
2014-12-10 CVE-2014-8098 Debian
X ORG
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) __glXDisp_Render, (2) __glXDisp_RenderLarge, (3) __glXDispSwap_VendorPrivate, (4) __glXDispSwap_VendorPrivateWithReply, (5) set_client_info, (6) __glXDispSwap_SetClientInfoARB, (7) DoSwapInterval, (8) DoGetProgramString, (9) DoGetString, (10) __glXDispSwap_RenderMode, (11) __glXDisp_GetCompressedTexImage, (12) __glXDispSwap_GetCompressedTexImage, (13) __glXDisp_FeedbackBuffer, (14) __glXDispSwap_FeedbackBuffer, (15) __glXDisp_SelectBuffer, (16) __glXDispSwap_SelectBuffer, (17) __glXDisp_Flush, (18) __glXDispSwap_Flush, (19) __glXDisp_Finish, (20) __glXDispSwap_Finish, (21) __glXDisp_ReadPixels, (22) __glXDispSwap_ReadPixels, (23) __glXDisp_GetTexImage, (24) __glXDispSwap_GetTexImage, (25) __glXDisp_GetPolygonStipple, (26) __glXDispSwap_GetPolygonStipple, (27) __glXDisp_GetSeparableFilter, (28) __glXDisp_GetSeparableFilterEXT, (29) __glXDisp_GetConvolutionFilter, (30) __glXDisp_GetConvolutionFilterEXT, (31) __glXDisp_GetHistogram, (32) __glXDisp_GetHistogramEXT, (33) __glXDisp_GetMinmax, (34) __glXDisp_GetMinmaxEXT, (35) __glXDisp_GetColorTable, (36) __glXDisp_GetColorTableSGI, (37) GetSeparableFilter, (38) GetConvolutionFilter, (39) GetHistogram, (40) GetMinmax, or (41) GetColorTable function.

6.5
2014-12-10 CVE-2014-8097 X ORG Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in X.Org X11 and Xorg-Server

The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcDbeSwapBuffers or (2) SProcDbeSwapBuffers function.

6.5
2014-12-10 CVE-2014-8096 X ORG
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value.

6.5
2014-12-10 CVE-2014-8095 Debian
X ORG
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXChangeDeviceControl, (2) ProcXChangeDeviceControl, (3) ProcXChangeFeedbackControl, (4) ProcXSendExtensionEvent, (5) SProcXIAllowEvents, (6) SProcXIChangeCursor, (7) ProcXIChangeHierarchy, (8) SProcXIGetClientPointer, (9) SProcXIGrabDevice, (10) SProcXIUngrabDevice, (11) ProcXIUngrabDevice, (12) SProcXIPassiveGrabDevice, (13) ProcXIPassiveGrabDevice, (14) SProcXIPassiveUngrabDevice, (15) ProcXIPassiveUngrabDevice, (16) SProcXListDeviceProperties, (17) SProcXDeleteDeviceProperty, (18) SProcXIListProperties, (19) SProcXIDeleteProperty, (20) SProcXIGetProperty, (21) SProcXIQueryDevice, (22) SProcXIQueryPointer, (23) SProcXISelectEvents, (24) SProcXISetClientPointer, (25) SProcXISetFocus, (26) SProcXIGetFocus, or (27) SProcXIWarpPointer function.

6.5
2014-12-10 CVE-2014-8094 X ORG
Oracle
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, which triggers an out-of-bounds read or write.

6.5
2014-12-10 CVE-2014-8093 X ORG Integer Overflow vulnerability in X.Org X11, Xfree86 and Xorg-Server

Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) __glXDisp_ReadPixels, (2) __glXDispSwap_ReadPixels, (3) __glXDisp_GetTexImage, (4) __glXDispSwap_GetTexImage, (5) GetSeparableFilter, (6) GetConvolutionFilter, (7) GetHistogram, (8) GetMinmax, (9) GetColorTable, (10) __glXGetAnswerBuffer, (11) __GLX_GET_ANSWER_BUFFER, (12) __glXMap1dReqSize, (13) __glXMap1fReqSize, (14) Map2Size, (15) __glXMap2dReqSize, (16) __glXMap2fReqSize, (17) __glXImageSize, or (18) __glXSeparableFilter2DReqSize function, which triggers an out-of-bounds read or write.

6.5
2014-12-10 CVE-2014-8092 X ORG Integer Overflow vulnerability in X.Org X11 and Xorg-Server

Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write.

6.5
2014-12-08 CVE-2014-9305 Reality66 SQL Injection vulnerability in Reality66 Cart66 Lite 1.5.1.17

SQL injection vulnerability in the shortcodeProductsTable function in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.2 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a shortcode_products_table action to wp-admin/admin-ajax.php.

6.5
2014-12-08 CVE-2014-5462 Open EMR SQL Injection vulnerability in Open-Emr Openemr

Multiple SQL injection vulnerabilities in OpenEMR 4.1.2 (Patch 7) and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) layout_id parameter to interface/super/edit_layout.php; (2) form_patient_id, (3) form_drug_name, or (4) form_lot_number parameter to interface/reports/prescriptions_report.php; (5) payment_id parameter to interface/billing/edit_payment.php; (6) id parameter to interface/forms_admin/forms_admin.php; (7) form_pid or (8) form_encounter parameter to interface/billing/sl_eob_search.php; (9) sortby parameter to interface/logview/logview.php; form_facility parameter to (10) procedure_stats.php, (11) pending_followup.php, or (12) pending_orders.php in interface/orders/; (13) patient, (14) encounterid, (15) formid, or (16) issue parameter to interface/patient_file/deleter.php; (17) search_term parameter to interface/patient_file/encounter/coding_popup.php; (18) text parameter to interface/patient_file/encounter/search_code.php; (19) form_addr1, (20) form_addr2, (21) form_attn, (22) form_country, (23) form_freeb_type, (24) form_partner, (25) form_name, (26) form_zip, (27) form_state, (28) form_city, or (29) form_cms_id parameter to interface/practice/ins_search.php; (30) form_pid parameter to interface/patient_file/problem_encounter.php; (31) patient, (32) form_provider, (33) form_apptstatus, or (34) form_facility parameter to interface/reports/appointments_report.php; (35) db_id parameter to interface/patient_file/summary/demographics_save.php; (36) p parameter to interface/fax/fax_dispatch_newpid.php; or (37) patient_id parameter to interface/patient_file/reminder/patient_reminders.php.

6.5
2014-12-12 CVE-2014-8489 Pingidentity Remote Security vulnerability in Pingidentity Pingfederate 6.10.1

Open redirect vulnerability in startSSO.ping in the SP Endpoints in Ping Identity PingFederate 6.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the TargetResource parameter.

6.4
2014-12-10 CVE-2014-9360 Scalix Remote Security vulnerability in Scalix web Access 11.4.6.12377/12.2.0.14697

XML external entity (XXE) vulnerability in Scalix Web Access 11.4.6.12377 and 12.2.0.14697 allows remote attackers to read arbitrary files and trigger requests to intranet servers via a crafted request.

6.4
2014-12-09 CVE-2014-9351 Teeworlds Improper Input Validation vulnerability in Teeworlds 6.0/6.1/6.2

engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service (crash) via unspecified vectors.

6.4
2014-12-11 CVE-2014-3058 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Websphere Datapower Xc10 Appliance Firmware 2.1.0.0/2.5.0.0

Cross-site request forgery (CSRF) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

6.0
2014-12-12 CVE-2014-2516 EMC URI Redirection vulnerability in EMC RSA Authentication Manager 8.0/8.1

Open redirect vulnerability in EMC RSA Authentication Manager 8.x before 8.1 Patch 6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

5.8
2014-12-12 CVE-2014-9365 Python
Apple
TLS Certificate Validation Security Bypass vulnerability in Python

The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

5.8
2014-12-12 CVE-2014-6316 Mantisbt URI Redirection vulnerability in MantisBT

core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php.

5.8
2014-12-08 CVE-2014-9343 Globiz Solutions Remote Security vulnerability in Globiz Solutions Snowfox Content Management System 1.0

Open redirect vulnerability in modules/system/controller/selectlanguage.class.php in Snowfox CMS 1.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the rd parameter in a submit action to snowfox/.

5.8
2014-12-10 CVE-2014-9363 Meta Tags Quick Project Remote Security vulnerability in Meta Tags Quick

Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter.

5.5
2014-12-11 CVE-2014-8680 ISC Improper Input Validation vulnerability in ISC Bind 9.10.0/9.10.1

The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP databases for both IPv4 and IPv6, or (2) IPv6 support with certain options.

5.4
2014-12-12 CVE-2014-9374 Digium Denial of Service vulnerability in Multiple Asterisk Products WebSocket Server

Double free vulnerability in the WebSocket Server (res_http_websocket module) in Asterisk Open Source 11.x before 11.14.2, 12.x before 12.7.2, and 13.x before 13.0.2 and Certified Asterisk 11.6 before 11.6-cert9 allows remote attackers to cause a denial of service (crash) by sending a zero length frame after a non-zero length frame.

5.0
2014-12-12 CVE-2014-8124 Openstack
Fedoraproject
Opensuse
Oracle
Resource Exhaustion vulnerability in multiple products

OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page.

5.0
2014-12-12 CVE-2014-6408 Docker Permissions, Privileges, and Access Controls vulnerability in Docker 1.3.0/1.3.1

Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image.

5.0
2014-12-12 CVE-2014-8270 BMC Permissions, Privileges, and Access Controls vulnerability in BMC Track-It! 11.3.0

BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system account, then performing a password reset.

5.0
2014-12-12 CVE-2014-7250 BSD
Freebsd
Netbsd
Openbsd
Resource Management Errors vulnerability in multiple products

The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.

5.0
2014-12-11 CVE-2014-9192 Trihedral Numeric Errors vulnerability in Trihedral Vtscada

Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service (server crash) via a crafted request, which triggers a large memory allocation.

5.0
2014-12-11 CVE-2014-6114 IBM Information Exposure vulnerability in IBM products

The Hosted Transparent Decision Service in the Rule Execution Server in IBM WebSphere ILOG JRules 7.1 before MP1 FP5 IF43; WebSphere Operational Decision Management 7.5 before FP3 IF41; and Operational Decision Manager 8.0 before MP1 FP2 IF34, 8.5 before MP1 FP1 IF43, and 8.6 before IF8 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

5.0
2014-12-11 CVE-2014-6355 Microsoft Information Exposure vulnerability in Microsoft products

The Graphics Component in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly process JPEG images, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Graphics Component Information Disclosure Vulnerability."

5.0
2014-12-11 CVE-2014-6328 Microsoft Improper Input Validation vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6365.

5.0
2014-12-11 CVE-2014-6319 Microsoft Improper Access Control vulnerability in Microsoft Exchange Server 2007/2010/2013

Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative Update 6 does not properly validate tokens in requests, which allows remote attackers to spoof the origin of e-mail messages via unspecified vectors, aka "Outlook Web App Token Spoofing Vulnerability."

5.0
2014-12-10 CVE-2014-9166 Adobe Unspecified vulnerability in Adobe Coldfusion 10.0/11.0

Adobe ColdFusion 10 before Update 15 and 11 before Update 3 allows attackers to cause a denial of service (resource consumption) via unspecified vectors.

5.0
2014-12-10 CVE-2014-8453 Adobe
Apple
Microsoft
Permissions, Privileges, and Access Controls vulnerability in multiple products

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

5.0
2014-12-10 CVE-2014-8452 Adobe
Apple
Microsoft
Information Exposure vulnerability in multiple products

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

5.0
2014-12-10 CVE-2014-8451 Adobe
Apple
Microsoft
Information Exposure vulnerability in multiple products

An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8448.

5.0
2014-12-10 CVE-2014-8448 Adobe
Apple
Microsoft
Information Exposure vulnerability in multiple products

An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8451.

5.0
2014-12-10 CVE-2014-8009 Cisco Information Exposure vulnerability in Cisco Unified Computing System

The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239.

5.0
2014-12-10 CVE-2014-4465 Apple Improper Input Validation vulnerability in Apple Iphone OS, Safari and Tvos

WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element.

5.0
2014-12-10 CVE-2014-8601 Debian
Powerdns
Resource Management Errors vulnerability in multiple products

PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service ("performance degradations") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it.

5.0
2014-12-10 CVE-2014-7807 Apache Improper Authentication vulnerability in Apache Cloudstack

Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to bypass authentication via a login request without a password, which triggers an unauthenticated bind.

5.0
2014-12-09 CVE-2014-9319 Ffmpeg Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg

The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted .bit file.

5.0
2014-12-09 CVE-2014-8484 GNU
Fedoraproject
Canonical
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.

5.0
2014-12-08 CVE-2014-9350 TP Link Data Processing Errors vulnerability in Tp-Link Tl-Wr740N and Tl-Wr740N Firmware

TP-Link TL-WR740N 4 with firmware 3.17.0 Build 140520, 3.16.6 Build 130529, and 3.16.4 Build 130205 allows remote attackers to cause a denial of service (httpd crash) via vectors involving a "new" value in the isNew parameter to PingIframeRpm.htm.

5.0
2014-12-08 CVE-2014-9279 Mantisbt Information Exposure vulnerability in Mantisbt

The print_test_result function in admin/upgrade_unattended.php in MantisBT 1.1.0a3 through 1.2.x before 1.2.18 allows remote attackers to obtain database credentials via a URL in the hostname parameter and reading the parameters in the response sent to the URL.

5.0
2014-12-08 CVE-2014-9130 Pyyaml Improper Input Validation vulnerability in Pyyaml Libyaml 0.1.5/0.1.6

scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.

5.0
2014-12-08 CVE-2014-9218 Phpmyadmin Resource Management Errors vulnerability in PHPmyadmin

libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service (resource consumption) via a long password.

5.0
2014-12-08 CVE-2014-9217 Torch Gmbh Improper Authentication vulnerability in Torch Gmbh Graylog2

Graylog2 before 0.92 allows remote attackers to bypass LDAP authentication via crafted wildcards.

5.0
2014-12-08 CVE-2014-4631 EMC Improper Authentication vulnerability in EMC RSA Adaptive Authentication On-Premise 6.0.2.1/7.0/7.1

RSA Adaptive Authentication (On-Premise) 6.0.2.1 through 7.1 P3, when using device binding in a Challenge SOAP call or using the RSA Adaptive Authentication Integration Adapters with Out-of-Band Phone (Authentify) functionality, conducts permanent device binding even when authentication fails, which allows remote attackers to bypass authentication.

5.0
2014-12-12 CVE-2014-8608 K7Computing NULL Pointer Dereference Denial of Service vulnerability in K7Computing K7Av Sentry Device Driver 12.8.0.118

The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to cause a denial of service (NULL pointer dereference) as demonstrated by a filename containing "crashme$$".

4.9
2014-12-09 CVE-2014-9066 XEN
Opensuse
Code vulnerability in multiple products

Xen 4.4.x and earlier, when using a large number of VCPUs, does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability than CVE-2014-9065.

4.7
2014-12-10 CVE-2014-9091 Icecast Permissions, Privileges, and Access Controls vulnerability in Icecast

Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.

4.6
2014-12-08 CVE-2014-9273 Opensuse
Redhat
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.

4.6
2014-12-08 CVE-2014-8106 Qemu Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Qemu

Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions.

4.6
2014-12-09 CVE-2014-9065 XEN
Opensuse
Code vulnerability in multiple products

common/spinlock.c in Xen 4.4.x and earlier does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability to CVE-2014-9066.

4.4
2014-12-13 CVE-2014-3364 Cisco Cross-Site Scripting vulnerability in Cisco Prime Security Manager

Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Prime Security Manager (aka PRSM) 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) Access Policies or (2) Device Summary Dashboard parameter, aka Bug ID CSCuq80661.

4.3
2014-12-12 CVE-2014-4633 EMC Cross-Site Scripting vulnerability in EMC RSA Archer Egrc

Cross-site scripting (XSS) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-12-12 CVE-2014-4628 EMC Cross-Site Scripting vulnerability in EMC Isilon Insightiq

Cross-site scripting (XSS) vulnerability in EMC Isilon InsightIQ 2.x and 3.x before 3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-12-12 CVE-2013-4399 Redhat Remote Denial Of Service vulnerability in libvirt

The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection.

4.3
2014-12-12 CVE-2014-7265 Linpha Cross-Site Scripting vulnerability in Linpha

Cross-site scripting (XSS) vulnerability in LinPHA allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-12-12 CVE-2014-4815 IBM Remote Security vulnerability in IBM Rational Lifecycle Integration Adapter for Windchill 1.0.0

Session fixation vulnerability in IBM Rational Lifecycle Integration Adapter for Windchill 1.x before 1.0.1 allows remote attackers to hijack web sessions via unspecified vectors.

4.3
2014-12-12 CVE-2014-7263 Ultrapop Cross-Site Scripting vulnerability in Ultrapop I-Httpd

Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261.

4.3
2014-12-12 CVE-2014-7262 Ultrapop Cross-Site Scripting vulnerability in Ultrapop I-Httpd

Cross-site scripting (XSS) vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string.

4.3
2014-12-12 CVE-2014-7261 Ultrapop Cross-Site Scripting vulnerability in Ultrapop I-Httpd

Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263.

4.3
2014-12-11 CVE-2014-7852 Redhat Cross-Site Scripting vulnerability in Redhat Jboss Enterprise Portal Platform 6.1.1

Cross-site scripting (XSS) vulnerability in JBoss RichFaces, as used in JBoss Portal 6.1.1, allows remote attackers to inject arbitrary web script or HTML via crafted URL, which is not properly handled in a CSS file.

4.3
2014-12-11 CVE-2014-8632 Mozilla Improper Access Control vulnerability in Mozilla Firefox and Seamonkey

The structured-clone implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 does not properly interact with XrayWrapper property filtering, which allows remote attackers to bypass intended DOM object restrictions by leveraging property availability after XrayWrapper removal.

4.3
2014-12-11 CVE-2014-8631 Mozilla Improper Access Control vulnerability in Mozilla Firefox and Seamonkey

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 supports native-interface passing, which allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method.

4.3
2014-12-11 CVE-2014-1591 Mozilla Information Management Errors vulnerability in Mozilla Firefox and Seamonkey

Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after a redirect.

4.3
2014-12-11 CVE-2014-1590 Mozilla Improper Input Validation vulnerability in Mozilla Firefox, Firefox ESR and Seamonkey

The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service (application crash) via a crafted JavaScript object.

4.3
2014-12-11 CVE-2014-8602 Nlnetlabs
Canonical
Debian
Resource Management Errors vulnerability in multiple products

iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.

4.3
2014-12-11 CVE-2014-6368 Microsoft Improper Input Validation vulnerability in Microsoft Internet Explorer 11

Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."

4.3
2014-12-11 CVE-2014-6365 Microsoft Improper Input Validation vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6328.

4.3
2014-12-11 CVE-2014-6326 Microsoft Cross-Site Scripting vulnerability in Microsoft Exchange Server 2013

Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability," a different vulnerability than CVE-2014-6325.

4.3
2014-12-11 CVE-2014-6325 Microsoft Cross-Site Scripting vulnerability in Microsoft Exchange Server 2013

Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability," a different vulnerability than CVE-2014-6326.

4.3
2014-12-10 CVE-2014-9364 Logintoboggan Project Cross-Site Scripting vulnerability in Logintoboggan Project Logintoboggan

Cross-site scripting (XSS) vulnerability in the Unified Login form in the LoginToboggan module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-12-10 CVE-2014-9361 Logintoboggan Project Information Exposure vulnerability in Logintoboggan Project Logintoboggan

The LoginToboggan module 7.x-1.x before 7.x-1.4 for Drupal does not properly unset the authorized user role for certain users, which allows remote attackers with the pre-authorized role to gain privileges and possibly obtain sensitive information by accessing a Page Not Found (404) page.

4.3
2014-12-10 CVE-2014-9120 Intelliants Cross-Site Scripting vulnerability in Intelliants Subrion

Cross-site scripting (XSS) vulnerability in Subrion CMS before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to subrion/search/.

4.3
2014-12-10 CVE-2014-8091 X ORG Denial of Service vulnerability in X.Org X Server

X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a crafted connection request.

4.3
2014-12-10 CVE-2014-8488 Yourls
Fedoraproject
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality.

4.3
2014-12-10 CVE-2014-8730 F5 Cryptographic Issues vulnerability in F5 products

The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).

4.3
2014-12-09 CVE-2014-9352 Scalix Cross-Site Scripting vulnerability in Scalix web Access 11.4.6.12377

Cross-site scripting (XSS) vulnerability in the mail administration login panel in Scalix Web Access 11.4.6.12377 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-12-09 CVE-2014-9281 Mantisbt Cross-Site Scripting vulnerability in Mantisbt

Cross-site scripting (XSS) vulnerability in admin/copy_field.php in MantisBT before 1.2.18 allows remote attackers to inject arbitrary web script or HTML via the dest_id field.

4.3
2014-12-08 CVE-2014-9349 Robotstats Cross-Site Scripting vulnerability in Robotstats 1.0

Multiple cross-site scripting (XSS) vulnerabilities in admin/robots.lib.php in RobotStats 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) nom or (2) user_agent parameter to admin/robots.php.

4.3
2014-12-08 CVE-2014-9270 Mantisbt Cross-Site Scripting vulnerability in Mantisbt

Cross-site scripting (XSS) vulnerability in the projax_array_serialize_for_autocomplete function in core/projax_api.php in MantisBT 1.1.0a3 through 1.2.17 allows remote attackers to inject arbitrary web script or HTML via the "profile/Platform" field.

4.3
2014-12-08 CVE-2014-9342 F5 Cross-Site Scripting vulnerability in F5 Big-Ip 11.3.0

Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php) feature in Application Security Manager (ASM) in F5 BIG-IP 11.3.0 allows remote attackers to inject arbitrary web script or HTML by accessing a crafted URL during automatic policy generation.

4.3
2014-12-08 CVE-2014-9219 Phpmyadmin Cross-Site Scripting vulnerability in PHPmyadmin

Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter.

4.3
2014-12-08 CVE-2014-8600 URS Wolfer
KDE
Opensuse
Cross-Site Scripting vulnerability in multiple products

Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the (1) zip, (2) trash, (3) tar, (4) thumbnail, (5) smtps, (6) smtp, (7) smb, (8) remote, (9) recentdocuments, (10) nntps, (11) nntp, (12) network, (13) mbox, (14) ldaps, (15) ldap, (16) fonts, (17) file, (18) desktop, (19) cgi, (20) bookmarks, or (21) ar scheme, which is not properly handled in an error message.

4.3
2014-12-08 CVE-2014-8371 Vmware Cryptographic Issues vulnerability in VMWare Vcenter Server Appliance 5.0/5.1/5.5

VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate certificates when connecting to a CIM Server on an ESXi host, which allows man-in-the-middle attackers to spoof CIM servers via a crafted certificate.

4.3
2014-12-08 CVE-2014-3797 Vmware Cross-Site Scripting vulnerability in VMWare Vcenter Server Appliance 5.1

Cross-site scripting (XSS) vulnerability in VMware vCenter Server Appliance (vCSA) 5.1 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-12-08 CVE-2014-3616 Nginx
Debian
Insufficient Session Expiration vulnerability in multiple products

nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key for multiple servers, can reuse a cached SSL session for an unrelated context, which allows remote attackers with certain privileges to conduct "virtual host confusion" attacks.

4.3
2014-12-12 CVE-2014-6210 IBM Improper Input Validation vulnerability in IBM DB2 and DB2 Connect

IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by specifying the same column within multiple ALTER TABLE statements.

4.0
2014-12-12 CVE-2014-6209 IBM Improper Input Validation vulnerability in IBM DB2

IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by specifying an identity column within a crafted ALTER TABLE statement.

4.0
2014-12-12 CVE-2014-6138 IBM Information Exposure vulnerability in IBM Websphere Datapower Xc10 Appliance Firmware 2.1.0.0/2.5.0.0

The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to bypass intended grid-data access restrictions via unspecified vectors.

4.0
2014-12-11 CVE-2014-8372 Vmware Information Exposure vulnerability in VMWare Airwatch 7.3.0.0/7.3.3.0

AirWatch by VMware On-Premise 7.3.x before 7.3.3.0 (FP3) allows remote authenticated users to obtain the organizational information and statistics from arbitrary tenants via vectors involving a direct object reference.

4.0

13 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-12-09 CVE-2014-8737 Canonical
GNU
Fedoraproject
Path Traversal vulnerability in multiple products

Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a ..

3.6
2014-12-12 CVE-2014-6145 IBM Cross-Site Scripting vulnerability in IBM Cognos Business Intelligence

Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence 10.1 before IF10, 10.1.1 before IF9, 10.2 before IF11, 10.2.1 before IF8, and 10.2.1.1 before IF7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5
2014-12-11 CVE-2014-7264 Chyrp Cross-Site Scripting vulnerability in Chyrp

Multiple cross-site scripting (XSS) vulnerabilities in admin/themes/default/pages/manage_users.twig in the Users Management feature in the admin component in Chyrp before 2.5.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user.email or (2) user.website field in a user registration.

3.5
2014-12-11 CVE-2014-6215 IBM Cross-Site Scripting vulnerability in IBM Websphere Portal

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 before 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5
2014-12-11 CVE-2014-6163 IBM Cross-Site Scripting vulnerability in IBM Websphere Datapower Xc10 Appliance Firmware 2.1.0.0/2.5.0.0

Cross-site scripting (XSS) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5
2014-12-11 CVE-2014-6336 Microsoft Improper Input Validation vulnerability in Microsoft Exchange Server 2013

Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 does not properly validate redirection tokens, which allows remote attackers to redirect users to arbitrary web sites and spoof the origin of e-mail messages via unspecified vectors, aka "Exchange URL Redirection Vulnerability."

3.5
2014-12-10 CVE-2014-9362 Meta Tags Quick Project Cross-Site Scripting vulnerability in Meta Tags Quick Project Meta Tags Quick

Cross-site scripting (XSS) vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users with the "Edit path based meta tags" permission to inject arbitrary web script or HTML via vectors related to deleting a Path-based Metatag.

3.5
2014-12-08 CVE-2014-9346 Hierarchical Select Project Cross-Site Scripting vulnerability in Hierarchical Select Project Hierarchical Select

Multiple cross-site scripting (XSS) vulnerabilities in the Hierarchical Select module 6.x-3.x before 6.x-3.9 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to the (1) taxonomy term title for instances with Save term lineage enabled or (2) entity type fields.

3.5
2014-12-12 CVE-2014-6381 Juniper Improper Input Validation vulnerability in Juniper Mobile System Software, Ringmaster and Smartpass

Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors.

2.9
2014-12-11 CVE-2014-6143 IBM Information Exposure vulnerability in IBM Websphere Datapower Xc10 Appliance Firmware 2.1.0.0/2.5.0.0

The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows local users to obtain sensitive information by reading a response.

2.1
2014-12-11 CVE-2014-1595 Mozilla
Apple
Information Management Errors vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird

Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, which allows local users to obtain sensitive information by reading /tmp files, as demonstrated by credential information.

2.1
2014-12-10 CVE-2014-2608 HP
Microsoft
Linux
Local Information Disclosure vulnerability in HP Smart Update Manager

Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1 on Windows, and 6.2.x through 6.4.x before 6.4.1 on Linux, allows local users to obtain sensitive information, and consequently gain privileges, via unknown vectors.

2.1
2014-12-12 CVE-2014-8134 Linux
Canonical
Opensuse
Suse
Oracle
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.
1.9