Weekly Vulnerabilities Reports > December 22 to 28, 2014
Overview
87 new vulnerabilities reported during this period, including 5 critical vulnerabilities and 21 high severity vulnerabilities. This weekly summary report vulnerabilities in 60 products from 41 vendors including IBM, Cisco, Microfocus, Schneider Electric, and Facebook. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", "Information Exposure", and "Improper Input Validation".
- 74 reported vulnerabilities are remotely exploitables.
- 4 reported vulnerabilities have public exploit available.
- 32 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 62 reported vulnerabilities are exploitable by an anonymous user.
- IBM has the most reported vulnerabilities, with 19 reported vulnerabilities.
- Schneider Electric has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
5 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-12-27 | CVE-2014-8511 | Schneider Electric | Buffer Errors vulnerability in Schneider-Electric Proclima 6.0.1 Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8512. | 10.0 |
2014-12-24 | CVE-2014-9223 | Allegrosoft | Buffer Errors vulnerability in Allegrosoft Rompager 4.07 Multiple buffer overflows in AllegroSoft RomPager, as used in Huawei Home Gateway products and other vendors and products, allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors related to authorization. | 10.0 |
2014-12-24 | CVE-2014-9222 | Allegrosoft | Code vulnerability in Allegrosoft Rompager 4.07 AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability. | 10.0 |
2014-12-23 | CVE-2014-6119 | IBM | Code Injection vulnerability in IBM Security Appscan and Security Appscan Source IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote attackers to execute arbitrary code via a crafted executable file in an archive. | 9.3 |
2014-12-27 | CVE-2014-9188 | Schneider Electric | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Schneider Electric Proclima Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-8514. | 9.0 |
21 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-12-28 | CVE-2011-4722 | Ipswitch | Path Traversal vulnerability in Ipswitch Tftp Server 1.0.0.24 Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. | 7.8 |
2014-12-24 | CVE-2014-7999 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco products Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565. | 7.7 |
2014-12-28 | CVE-2014-6228 | Numeric Errors vulnerability in Facebook Hiphop Virtual Machine Integer overflow in the string_chunk_split function in hphp/runtime/base/zend-string.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted arguments to the chunk_split function. | 7.5 | |
2014-12-28 | CVE-2014-2208 | Code Injection vulnerability in Facebook Hiphop Virtual Machine CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) before 2.4.2 allows remote attackers to execute arbitrary commands by entering a \n (newline) character before the end of a string. | 7.5 | |
2014-12-28 | CVE-2013-4663 | Redmine | Command Injection vulnerability in Redmine GIT Hosting Plugin git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the service parameter to info/refs, related to the get_info_refs function or (2) the reqfile argument to the file_exists function. | 7.5 |
2014-12-27 | CVE-2013-4793 | Umbraco | Improper Authentication vulnerability in Umbraco CMS The update function in umbraco.webservices/templates/templateService.cs in the TemplateService component in Umbraco CMS before 6.0.4 does not require authentication, which allows remote attackers to execute arbitrary ASP.NET code via a crafted SOAP request. | 7.5 |
2014-12-27 | CVE-2014-8514 | Schneider Electric | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Schneider Electric Proclima Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-9188. | 7.5 |
2014-12-27 | CVE-2014-8513 | Schneider Electric | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Schneider Electric Proclima Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8514 and CVE-2014-9188. | 7.5 |
2014-12-27 | CVE-2014-8512 | Schneider Electric | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Schneider Electric Proclima Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8511. | 7.5 |
2014-12-26 | CVE-2010-1445 | Videolan | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Videolan VLC Media Player Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream in an RTMP session. | 7.5 |
2014-12-26 | CVE-2010-1442 | Videolan | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Videolan VLC Media Player VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) AVI, (2) ASF, or (3) Matroska (aka MKV) demuxer. | 7.5 |
2014-12-26 | CVE-2010-1441 | Videolan | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Videolan VLC Media Player Multiple heap-based buffer overflows in VideoLAN VLC media player before 1.0.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) A/52, (2) DTS, or (3) MPEG Audio decoder. | 7.5 |
2014-12-25 | CVE-2014-2217 | Telerik | Path Traversal vulnerability in Telerik UI FOR Asp.Net Ajax Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value. | 7.5 |
2014-12-24 | CVE-2014-8138 | Redhat Jasper Project | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file. | 7.5 |
2014-12-23 | CVE-2014-9115 | Piwigo | SQL Injection vulnerability in Piwigo SQL injection vulnerability in the rate_picture function in include/functions_rate.inc.php in Piwigo before 2.5.5, 2.6.x before 2.6.4, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary SQL commands via the rate parameter to picture.php, related to an improper data type in a comparison of a non-numeric value that begins with a digit. | 7.5 |
2014-12-22 | CVE-2014-5208 | Yokogawa | Improper Access Control vulnerability in Yokogawa Centum CS 3000, Centum VP and Exaopc BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbitrary files via a STOR operation, or obtain sensitive database-location information via a PMODE operation, a different vulnerability than CVE-2014-0784. | 7.5 |
2014-12-27 | CVE-2014-0748 | Cray | Improper Input Validation vulnerability in Cray Linux Environment 5.1 apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912. | 7.2 |
2014-12-25 | CVE-2014-7300 | Gnome Redhat | Resource Management Errors vulnerability in multiple products GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer. | 7.2 |
2014-12-24 | CVE-2014-4322 | Linux | Out-Of-Bounds Write vulnerability in Linux Kernel drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application. | 7.2 |
2014-12-24 | CVE-2014-7995 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco products Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077. | 7.2 |
2014-12-22 | CVE-2014-7286 | Symantec Microsoft | Buffer Errors vulnerability in Symantec Deployment Solution 6.9 Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors. | 7.2 |
44 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-12-28 | CVE-2012-1415 | Dflabs | Cross-Site Request Forgery (CSRF) vulnerability in Dflabs PTK 1.0.5 Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier allows remote attackers to hijack the authentication of administrators or investigators for requests that trigger a logout. | 6.8 |
2014-12-28 | CVE-2012-1203 | Syndeocms | Cross-Site Request Forgery (CSRF) vulnerability in Syndeocms Cross-site request forgery (CSRF) vulnerability in starnet/index.php in SyndeoCMS 3.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts via a save_user action. | 6.8 |
2014-12-24 | CVE-2014-9413 | IP BAN Project | Cross-Site Request Forgery (CSRF) vulnerability in IP BAN Project IP BAN 1.2.3 Multiple cross-site request forgery (CSRF) vulnerabilities in the IP Ban (simple-ip-ban) plugin 1.2.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ip_list, (2) user_agent_list, or (3) redirect_url parameter in the simple-ip-ban page to wp-admin/options-general.php. | 6.8 |
2014-12-24 | CVE-2014-9334 | Bird Feeder Project | Cross-Site Request Forgery (CSRF) vulnerability in Bird Feeder Project Bird Feeder 1.2.3 Multiple cross-site request forgery (CSRF) vulnerabilities in the Bird Feeder plugin 1.2.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) user or (2) password parameter in the bird-feeder page to wp-admin/options-general.php. | 6.8 |
2014-12-24 | CVE-2014-8137 | Jasper Project Redhat | Double Free Remote Code Execution vulnerability in JasPer Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file. | 6.8 |
2014-12-23 | CVE-2014-5217 | Microfocus | Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Access Manager 4.0/4.0.1 Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.1 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via an fw.SetPassword action. | 6.8 |
2014-12-24 | CVE-2014-8810 | Wpsymposiumpro | SQL Injection vulnerability in Wpsymposiumpro WP Symposium SQL injection vulnerability in ajax/mail_functions.php in the WP Symposium plugin before 14.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tray parameter in a getMailMessage action. | 6.5 |
2014-12-24 | CVE-2014-6187 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Websphere Service Registry and Repository Multiple cross-site request forgery (CSRF) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x before 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.2 allow remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | 6.0 |
2014-12-25 | CVE-2014-7193 | Sideway | Improper Access Control vulnerability in Sideway Hapi Crumb The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site that is visited by an application consumer. | 5.8 |
2014-12-23 | CVE-2014-6122 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Security Appscan and Security Appscan Source IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote authenticated users to write to arbitrary folders, and consequently execute arbitrary commands, via a modified argument. | 5.5 |
2014-12-24 | CVE-2014-7994 | Cisco | Improper Input Validation vulnerability in Cisco products Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and sending a request to an unspecified HTTP handler on the local network, aka Cisco-Meraki defect ID 00301991. | 5.4 |
2014-12-28 | CVE-2014-6229 | Information Exposure vulnerability in Facebook Hiphop Virtual Machine The HashContext class in hphp/runtime/ext/ext_hash.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 incorrectly expects that a certain key string uses '\0' for termination, which allows remote attackers to obtain sensitive information by leveraging read access beyond the end of the string, and makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging truncation of a string containing an internal '\0' character. | 5.0 | |
2014-12-28 | CVE-2014-5386 | Cryptographic Issues vulnerability in Facebook Hiphop Virtual Machine The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 does not seed the random number generator, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging the use of a single initialization vector. | 5.0 | |
2014-12-28 | CVE-2014-2209 | Permissions, Privileges, and Access Controls vulnerability in Facebook Hiphop Virtual Machine Facebook HipHop Virtual Machine (HHVM) before 3.1.0 does not drop supplemental group memberships within hphp/util/capability.cpp and hphp/util/light-process.cpp, which allows remote attackers to bypass intended access restrictions by leveraging group permissions for a file or directory. | 5.0 | |
2014-12-28 | CVE-2011-4720 | Hillstone Software | Improper Input Validation vulnerability in Hillstone Software HS Tftp Server 1.3.2 Hillstone HS TFTP Server 1.3.2 allows remote attackers to cause a denial of service (daemon crash) via a long filename in a (1) RRQ or (2) WRQ operation. | 5.0 |
2014-12-27 | CVE-2013-5958 | Sensiolabs | Resource Management Errors vulnerability in Sensiolabs Symfony The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a similar issue to CVE-2013-5750. | 5.0 |
2014-12-25 | CVE-2014-1449 | Maxthon | Improper Access Control vulnerability in Maxthon Cloud Browser 4.1.5.2000 The Maxthon Cloud Browser application before 4.1.6.2000 for Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses the history API. | 5.0 |
2014-12-25 | CVE-2014-3971 | Mongodb | Improper Input Validation vulnerability in Mongodb 2.6.0/2.6.1 The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate. | 5.0 |
2014-12-22 | CVE-2014-8017 | Cisco | Information Exposure vulnerability in Cisco Identity Services Engine Software The periodic-backup feature in Cisco Identity Services Engine (ISE) allows remote attackers to discover backup-encryption passwords via a crafted request that triggers inclusion of a password in a reply, aka Bug ID CSCur41673. | 5.0 |
2014-12-24 | CVE-2014-9416 | Huawei | DLL Loading Multiple Local Code Execution vulnerability in Huawei eSpace Desktop Multiple untrusted search path vulnerabilities in Huawei eSpace Desktop before V200R003C00 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc71enu.dll, (2) mfc71loc.dll, (3) tcapi.dll, or (4) airpcap.dll. | 4.4 |
2014-12-28 | CVE-2012-1303 | Amcharts | Cross-Site Scripting vulnerability in Amcharts Flash 1.0 Multiple cross-site scripting (XSS) vulnerabilities in amCharts Flash 1 allow remote attackers to inject arbitrary web script or HTML via the (1) data_file or (2) settings_file parameter to ampie.swf; the message element in the chart_data parameter to (3) amcolumn.swf, (4) amline.swf, (5) amradar.swf, or (6) amxy.sw; or (7) the settings_file parameter to amstock.swf. | 4.3 |
2014-12-28 | CVE-2012-1302 | Ammap Project | Cross-Site Scripting vulnerability in Ammap Project Ammap 2.6.3 Multiple cross-site scripting (XSS) vulnerabilities in amMap 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the (1) data_file or (2) settings_file parameter to ammap.swf, or (3) the data_file parameter to amtimeline.swf. | 4.3 |
2014-12-27 | CVE-2013-6919 | Phpthumb Project | Remote Security vulnerability in PHPthumb Project PHPthumb 1.7.11 The default configuration of phpThumb before 1.7.12 has a false value for the disable_debug option, which allows remote attackers to conduct Server-Side Request Forgery (SSRF) attacks via the src parameter. | 4.3 |
2014-12-26 | CVE-2013-4769 | Eucalyptus | Data Processing Errors vulnerability in Eucalyptus The cloud controller (aka CLC) component in Eucalyptus 3.3.x and 3.4.x before 3.4.2, when the dns.recursive.enabled setting is used, allows remote attackers to cause a denial of service (traffic amplification) via spoofed DNS queries. | 4.3 |
2014-12-24 | CVE-2014-8809 | Wpsymposiumpro | Cross-Site Scripting vulnerability in Wpsymposiumpro WP Symposium Multiple cross-site scripting (XSS) vulnerabilities in the WP Symposium plugin before 14.11 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) text parameter in an addComment action to ajax/profile_functions.php, (2) compose_text parameter in a sendMail action to ajax/mail_functions.php, (3) comment parameter in an add_comment action to ajax/lounge_functions.php, or (4) name parameter in a create_album action to ajax/gallery_functions.php. | 4.3 |
2014-12-24 | CVE-2014-6179 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Service Registry and Repository Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x before 7.5.0.4 and 8.0.x before 8.0.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-12-24 | CVE-2014-6153 | IBM | Cryptographic Issues vulnerability in IBM Websphere Service Registry and Repository The Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | 4.3 |
2014-12-23 | CVE-2014-9412 | Microfocus | Cross-Site Scripting vulnerability in Microfocus Access Manager 4.0/4.0.1 Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.1 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary parameter to roma/jsp/debug/debug.jsp or (2) an arbitrary parameter in a debug.DumpAll action to nps/servlet/webacc, a different issue than CVE-2014-5216. | 4.3 |
2014-12-23 | CVE-2014-5216 | Microfocus | Cross-Site Scripting vulnerability in Microfocus Access Manager 4.0/4.0.1 Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allow remote attackers to inject arbitrary web script or HTML via (1) the location parameter in a dev.Empty action to nps/servlet/webacc, (2) the error parameter to nidp/jsp/x509err.jsp, (3) the lang parameter to sslvpn/applet_agent.jsp, or (4) the secureLoggingServersA parameter to roma/system/cntl, a different issue than CVE-2014-9412. | 4.3 |
2014-12-23 | CVE-2014-8026 | Cisco | Cross-Site Scripting vulnerability in Cisco Jabber Guest Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco Jabber allows remote attackers to inject arbitrary web script or HTML via a (1) GET or (2) POST parameter, aka Bug ID CSCus08074. | 4.3 |
2014-12-23 | CVE-2014-8025 | Cisco | Information Exposure vulnerability in Cisco Jabber Guest The API in the Guest Server in Cisco Jabber, when HTML5 is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP (1) GET or (2) POST response, aka Bug ID CSCus19801. | 4.3 |
2014-12-23 | CVE-2014-8024 | Cisco | Information Exposure vulnerability in Cisco Jabber Guest The API in the Guest Server in Cisco Jabber, when the HTML5 CORS feature is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP (1) GET or (2) POST request, aka Bug ID CSCus19789. | 4.3 |
2014-12-23 | CVE-2014-6135 | IBM | Improper Input Validation vulnerability in IBM Security Appscan and Security Appscan Source IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | 4.3 |
2014-12-22 | CVE-2014-8992 | Modx | Cross-Site Scripting vulnerability in Modx Revolution 2.3.2 Cross-site scripting (XSS) vulnerability in manager/assets/fileapi/FileAPI.flash.image.swf in MODX Revolution 2.3.2-pl allows remote attackers to inject arbitrary web script or HTML via the callback parameter. | 4.3 |
2014-12-22 | CVE-2014-8018 | Cisco | Cross-Site Scripting vulnerability in Cisco Unified Communications Domain Manager 8.0 Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCur19651, CSCur18555, CSCur19630, and CSCur19661. | 4.3 |
2014-12-27 | CVE-2013-6241 | Open Xchange | Information Exposure vulnerability in Open-Xchange Appsuite The Birthday widget in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev25 and 7.4.x before 7.4.0-rev14, in certain user-id sharing scenarios, does not properly construct a SQL statement for next-year birthdays, which allows remote authenticated users to obtain sensitive birthday, displayname, firstname, and surname information via a birthdays action to api/contacts, aka bug 29315. | 4.0 |
2014-12-24 | CVE-2014-6186 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Service Registry and Repository IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.1 allows remote authenticated users to bypass intended object-access restrictions via the datagraph. | 4.0 |
2014-12-24 | CVE-2014-6181 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Service Registry and Repository IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0.0.5 does not perform access-control checks for contained objects, which allows remote authenticated users to obtain sensitive information via unspecified vectors. | 4.0 |
2014-12-24 | CVE-2014-6177 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Service Registry and Repository IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0.0.5 and 7.5.x before 7.5.0.3 does not perform access-control checks for depth-0 retrieve operations, which allows remote authenticated users to obtain sensitive information via unspecified vectors. | 4.0 |
2014-12-24 | CVE-2014-6155 | IBM | Path Traversal vulnerability in IBM Websphere Service Registry and Repository Multiple directory traversal vulnerabilities in the ServiceRegistry UI in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 allow remote authenticated users to read arbitrary files via unspecified vectors. | 4.0 |
2014-12-23 | CVE-2014-5215 | Microfocus | Information Exposure vulnerability in Microfocus Access Manager 4.0/4.0.1 NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated administrators to discover service-account passwords via a request to (1) roma/jsp/volsc/monitoring/dev_services.jsp or (2) roma/jsp/debug/debug.jsp. | 4.0 |
2014-12-23 | CVE-2014-5214 | Microfocus | Unspecified vulnerability in Microfocus Access Manager 4.0/4.0.1 nps/servlet/webacc in iManager in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated novlwww users to read arbitrary files via a query parameter containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 4.0 |
2014-12-22 | CVE-2014-8015 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Identity Services Engine Software The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obtain access to an arbitrary sponsor's guest account via a modified HTTP request, aka Bug ID CSCur64400. | 4.0 |
2014-12-22 | CVE-2014-8896 | IBM | Improper Authentication vulnerability in IBM products The Collaboration Server in IBM InfoSphere Master Data Management Server for Product Information Management 9.x through 9.1 and InfoSphere Master Data Management - Collaborative Edition 10.x through 10.1, 11.0 before FP7, and 11.3 and 11.4 before 11.4 FP1 allows remote authenticated users to modify the administrator's credentials and consequently gain privileges via unspecified vectors. | 4.0 |
17 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-12-26 | CVE-2013-4754 | OWL | Cross-Site Scripting vulnerability in OWL Intranet Knowledgebase 1.10 Multiple cross-site scripting (XSS) vulnerabilities in Owl Intranet Knowledgebase 1.10 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field to browse.php or (2) the Title field to prefs.php. | 3.5 |
2014-12-26 | CVE-2013-4753 | Claroline | Cross-Site Scripting vulnerability in Claroline Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.11.9 and earlier allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field in an inbox action to messaging/messagebox.php, (2) the "First name" field to auth/profile.php, or (3) the Speakers field in an rqAdd action to calendar/agenda.php. | 3.5 |
2014-12-26 | CVE-2011-3592 | Phpmyadmin | Cross-Site Scripting vulnerability in PHPmyadmin Multiple cross-site scripting (XSS) vulnerabilities in the PMA_unInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a (1) database name, (2) table name, or (3) column name that is not properly handled after an inline-editing operation. | 3.5 |
2014-12-26 | CVE-2011-3591 | Phpmyadmin | Cross-Site Scripting vulnerability in PHPmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted row that triggers an improperly constructed confirmation message after inline-editing and save operations, related to (1) js/functions.js and (2) js/tbl_structure.js. | 3.5 |
2014-12-24 | CVE-2014-6188 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Service Registry and Repository Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2014-12-24 | CVE-2014-6180 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Service Registry and Repository Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0.0.5 and 7.5.x before 7.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via the HTTP User-Agent header. | 3.5 |
2014-12-24 | CVE-2014-6178 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Service Registry and Repository Cross-site scripting (XSS) vulnerability in the widgets in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x before 7.5.0.4 and 8.0.x before 8.0.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2014-12-24 | CVE-2014-6132 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Service Registry and Repository Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3 through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2014-12-23 | CVE-2014-6121 | IBM | Cross-Site Scripting vulnerability in IBM Security Appscan and Security Appscan Source Cross-site scripting (XSS) vulnerability in IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2014-12-22 | CVE-2014-8899 | IBM | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in the Collaboration Server in IBM InfoSphere Master Data Management Server for Product Information Management 9.x through 9.1 and InfoSphere Master Data Management - Collaborative Edition 10.x through 10.1, 11.0 before FP7, and 11.3 and 11.4 before 11.4 FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8897 and CVE-2014-8898. | 3.5 |
2014-12-22 | CVE-2014-8898 | IBM | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in the Collaboration Server in IBM InfoSphere Master Data Management Server for Product Information Management 9.x through 9.1 and InfoSphere Master Data Management - Collaborative Edition 10.x through 10.1, 11.0 before FP7, and 11.3 and 11.4 before 11.4 FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8897 and CVE-2014-8899. | 3.5 |
2014-12-22 | CVE-2014-8897 | IBM | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in the Collaboration Server in IBM InfoSphere Master Data Management Server for Product Information Management 9.x through 9.1 and InfoSphere Master Data Management - Collaborative Edition 10.x through 10.1, 11.0 before FP7, and 11.3 and 11.4 before 11.4 FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8898 and CVE-2014-8899. | 3.5 |
2014-12-24 | CVE-2014-7993 | Cisco | Information Exposure vulnerability in Cisco products Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012. | 3.3 |
2014-12-28 | CVE-2010-5075 | Avast | Numeric Errors vulnerability in Avast! Internet Security 5.0 Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW. | 2.1 |
2014-12-24 | CVE-2014-9418 | Huawei | Buffer Errors vulnerability in Huawei Espace Desktop V100R001C02/V100R001C03/V200R001C03 The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified vectors. | 2.1 |
2014-12-24 | CVE-2014-9417 | Huawei | Improper Input Validation vulnerability in Huawei Espace Desktop V100R001C02/V100R001C03 The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted image. | 2.1 |
2014-12-24 | CVE-2014-9415 | Huawei | Improper Input Validation vulnerability in Huawei Espace Desktop V100R001C02/V100R001C03 Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES file. | 1.9 |