Weekly Vulnerabilities Reports > February 2 to 8, 2015

Overview

155 new vulnerabilities reported during this period, including 29 critical vulnerabilities and 44 high severity vulnerabilities. This weekly summary report vulnerabilities in 132 products from 69 vendors including Opensuse, Microsoft, Fedoraproject, Linux, and Apple. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", and "Information Exposure".

  • 141 reported vulnerabilities are remotely exploitables.
  • 16 reported vulnerabilities have public exploit available.
  • 42 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 139 reported vulnerabilities are exploitable by an anonymous user.
  • Opensuse has the most reported vulnerabilities, with 25 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 18 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

29 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-02-06 CVE-2014-9353 Netapp Permissions, Privileges, and Access Controls vulnerability in Netapp Oncommand Balance 4.2

NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors.

10.0
2015-02-06 CVE-2014-0605 Attachmate Path Traversal vulnerability in Attachmate Reflection FTP Client

Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to the SaveSettings method.

10.0
2015-02-06 CVE-2014-0604 Attachmate Path Traversal vulnerability in Attachmate Reflection FTP Client

Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to the StartLog method.

10.0
2015-02-06 CVE-2014-0603 Attachmate Code Injection vulnerability in Attachmate Reflection FTP Client

The rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to cause a denial of service (memory corruption) and execute arbitrary code via vectors related to the (1) GetGlobalSettings or (2) GetSiteProperties3 methods, which triggers a dereference of an arbitrary memory address.

10.0
2015-02-06 CVE-2015-0330 Adobe
Apple
Microsoft
Linux
Security vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0329.

10.0
2015-02-06 CVE-2015-0329 Adobe
Linux
Apple
Microsoft
Security vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0330.

10.0
2015-02-06 CVE-2015-0328 Adobe
Apple
Microsoft
Linux
Security vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0326.

10.0
2015-02-06 CVE-2015-0327 Adobe
Apple
Microsoft
Linux
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Player

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0323.

10.0
2015-02-06 CVE-2015-0326 Adobe
Apple
Microsoft
Linux
Security vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0328.

10.0
2015-02-06 CVE-2015-0325 Adobe
Linux
Apple
Microsoft
Security vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0326 and CVE-2015-0328.

10.0
2015-02-06 CVE-2015-0324 Adobe
Apple
Microsoft
Linux
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Player

Buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors.

10.0
2015-02-06 CVE-2015-0323 Adobe
Apple
Microsoft
Linux
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Player

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0327.

10.0
2015-02-06 CVE-2015-0322 Adobe
Linux
Apple
Microsoft
Security vulnerability in Adobe Flash Player

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and CVE-2015-0320.

10.0
2015-02-06 CVE-2015-0321 Adobe
Linux
Apple
Microsoft
Security vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0329, and CVE-2015-0330.

10.0
2015-02-06 CVE-2015-0320 Adobe
Linux
Apple
Microsoft
Security vulnerability in Adobe Flash Player

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and CVE-2015-0322.

10.0
2015-02-06 CVE-2015-0319 Adobe
Linux
Apple
Microsoft
Security vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0317.

10.0
2015-02-06 CVE-2015-0318 Adobe
Apple
Microsoft
Linux
Security vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330.

10.0
2015-02-06 CVE-2015-0317 Adobe
Linux
Apple
Microsoft
Security vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0319.

10.0
2015-02-06 CVE-2015-0316 Adobe
Linux
Apple
Microsoft
Security vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330.

10.0
2015-02-06 CVE-2015-0315 Adobe
Apple
Microsoft
Linux
Security vulnerability in Adobe Flash Player

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0320, and CVE-2015-0322.

10.0
2015-02-06 CVE-2015-0314 Adobe
Linux
Apple
Microsoft
Security vulnerability in Adobe Flash Player

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330.

10.0
2015-02-03 CVE-2015-0930 Servision Credentials Management vulnerability in Servision HVG Video Gateway Firmware 2.2.26A100/2.2.26A77

The web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote attackers to obtain access via an HTTP session.

10.0
2015-02-03 CVE-2015-0929 Servision Improper Access Control vulnerability in Servision HVG Video Gateway Firmware 2.2.26A77

time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 allows remote attackers to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response.

10.0
2015-02-02 CVE-2015-0313 Adobe
Linux
Apple
Microsoft
Remote Code Execution vulnerability in Adobe Flash Player

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.

10.0
2015-02-02 CVE-2015-1449 Siemens Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Siemens Ruggedcom Firmware Bs4.4.4621.31/Ss4.4.4624.34

Buffer overflow in the integrated web server on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to execute arbitrary code via unspecified vectors.

10.0
2015-02-02 CVE-2015-1448 Siemens Permissions, Privileges, and Access Controls vulnerability in Siemens Ruggedcom Firmware Bs4.4.4621.31/Ss4.4.4624.34

The integrated management service on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to bypass authentication and perform administrative actions via unspecified vectors.

10.0
2015-02-03 CVE-2014-9574 Fluxbb Path Traversal vulnerability in Fluxbb

Directory traversal vulnerability in install.php in FluxBB before 1.5.8 allows remote attackers to include and execute arbitrary local install.php files via a ..

9.3
2015-02-07 CVE-2015-0589 Cisco Improper Input Validation vulnerability in Cisco Webex Meetings Server 1.0/1.1/1.5

The administrative web interface in Cisco WebEx Meetings Server 1.0 through 1.5 allows remote authenticated users to execute arbitrary OS commands with root privileges via unspecified fields, aka Bug ID CSCuj40460.

9.0
2015-02-03 CVE-2015-1469 Servision Permissions, Privileges, and Access Controls vulnerability in Servision HVG Video Gateway Firmware 2.2.26A100/2.2.26A77

time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930.

9.0

44 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-02-02 CVE-2014-6141 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Monitoring

IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands.

8.5
2015-02-03 CVE-2015-1348 Arubanetworks Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Arubanetworks Instant Access Point Firmware

Heap-based buffer overflow in Aruba Instant (IAP) with firmware before 4.0.0.7 and 4.1.x before 4.1.1.2 allows remote attackers to cause a denial of service (crash or reset to factory default) via a malformed frame to the wireless interface.

7.8
2015-02-02 CVE-2015-1452 Fortinet Code vulnerability in Fortinet Fortios 5.0.7

The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote attackers to cause a denial of service (locked CAPWAP Access Controller) via a large number of ClientHello DTLS messages.

7.8
2015-02-02 CVE-2014-8613 Freebsd Remote Denial of Service vulnerability in Freebsd 10.1/8.4/9.3

The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted RE_CONFIG chunk.

7.8
2015-02-08 CVE-2014-9674 Canonical
Oracle
Fedoraproject
Redhat
Opensuse
Freetype
Remote vulnerability in FreeType Versions Prior to 2.5.4

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

7.5
2015-02-08 CVE-2014-9668 Opensuse
Fedoraproject
Canonical
Freetype
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file.

7.5
2015-02-08 CVE-2014-9665 Fedoraproject
Canonical
Freetype
Opensuse
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file.

7.5
2015-02-08 CVE-2014-9663 Freetype
Debian
Opensuse
Fedoraproject
Oracle
Canonical
Redhat
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.

7.5
2015-02-08 CVE-2014-9662 Opensuse
Debian
Canonical
Fedoraproject
Freetype
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.

7.5
2015-02-08 CVE-2014-9661 Canonical
Debian
Redhat
Freetype
Opensuse
Fedoraproject
Remote vulnerability in FreeType Versions Prior to 2.5.4

type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.

7.5
2015-02-08 CVE-2014-9660 Opensuse
Canonical
Debian
Oracle
Fedoraproject
Redhat
Freetype
Null Pointer Dereference vulnerability in multiple products

The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.

7.5
2015-02-08 CVE-2014-9659 Oracle
Freetype
Fedoraproject
Opensuse
Canonical
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font.

7.5
2015-02-08 CVE-2014-9658 Oracle
Canonical
Fedoraproject
Freetype
Debian
Opensuse
Redhat
Out-Of-Bounds Read vulnerability in multiple products

The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.

7.5
2015-02-08 CVE-2014-9657 Opensuse
Redhat
Oracle
Fedoraproject
Freetype
Debian
Canonical
Out-Of-Bounds Read vulnerability in multiple products

The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.

7.5
2015-02-08 CVE-2014-9656 Fedoraproject
Freetype
Debian
Opensuse
Canonical
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font.

7.5
2015-02-06 CVE-2015-1514 Fancyfon SQL Injection vulnerability in Fancyfon Famoc 3.16.5

Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow (1) remote attackers to execute arbitrary SQL commands via the device ID REST parameter (PATH_INFO) to /ajax.php or (2) remote authenticated users to execute arbitrary SQL commands via the order parameter to index.php.

7.5
2015-02-06 CVE-2015-1513 Siphon SQL Injection vulnerability in Siphon Siphone Enterprise PBX

SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username.

7.5
2015-02-06 CVE-2015-1467 Fork CMS SQL Injection vulnerability in Fork-Cms Fork CMS

Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to private/en/locale/index.

7.5
2015-02-06 CVE-2015-1442 Aas9 SQL Injection vulnerability in Aas9 Zerocms 1.0/1.3.2/1.3.3

SQL injection vulnerability in views/zero_transact_user.php in the administrative backend in ZeroCMS 1.3.3, 1.3.2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the user_id parameter in a Modify Account action.

7.5
2015-02-06 CVE-2015-1212 Google
Apple
Linux
Microsoft
Multiple Security vulnerability in Google Chrome

Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5
2015-02-06 CVE-2015-1211 Google
Apple
Linux
Microsoft
Permissions, Privileges, and Access Controls vulnerability in Google Chrome

The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI.

7.5
2015-02-06 CVE-2015-1209 Google
Apple
Linux
Microsoft
Multiple Security vulnerability in Google Chrome

Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper handling of a shadow-root anchor.

7.5
2015-02-04 CVE-2015-1477 Cmsjunkie SQL Injection vulnerability in Cmsjunkie J-Classifiedsmanager

SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewad task to classifieds/offerring-ads.

7.5
2015-02-04 CVE-2015-1476 Ecommercemajor Project SQL Injection vulnerability in Ecommercemajor Project Ecommercemajor

Multiple SQL injection vulnerabilities in xlinkerz ecommerceMajor allow remote attackers to execute arbitrary SQL commands via the (1) productbycat parameter to product.php, or (2) username or (3) password parameter to __admin/index.php.

7.5
2015-02-04 CVE-2014-7864 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Opmanager

Multiple SQL injection vulnerabilities in the FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine OpManager 8 through 11.5 build 11400 and IT360 10.5 and earlier allow remote attackers and remote authenticated users to execute arbitrary SQL commands via the (1) customerName or (2) serverRole parameter in a standbyUpdateInCentral operation to servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.

7.5
2015-02-03 CVE-2015-1462 Fedoraproject
Clamav
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."

7.5
2015-02-03 CVE-2015-1461 Fedoraproject
Clamav
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."

7.5
2015-02-03 CVE-2015-1460 Huawei Permissions, Privileges, and Access Controls vulnerability in Huawei Quidway Firmware V200R003C00Spc300

Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet.

7.5
2015-02-03 CVE-2015-1455 Fortinet Credentials Management vulnerability in Fortinet Fortiauthenticator 3.0.0

Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the slony PostgreSQL user and (2) www-data for the www-data PostgreSQL user, which makes it easier for remote attackers to obtain access via unspecified vectors.

7.5
2015-02-03 CVE-2015-1441 Piwigo SQL Injection vulnerability in Piwigo

SQL injection vulnerability in Piwigo before 2.5.6, 2.6.x before 2.6.5, and 2.7.x before 2.7.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2015-02-03 CVE-2015-1428 Sefrengo SQL Injection vulnerability in Sefrengo 1.6.0/1.6.1

Multiple SQL injection vulnerabilities in Sefrengo before 1.6.2 allow (1) remote attackers to execute arbitrary SQL commands via the sefrengo cookie in a login to backend/main.php or (2) remote authenticated users to execute arbitrary SQL commands via the value_id parameter in a save_value action to backend/main.php.

7.5
2015-02-03 CVE-2015-1405 Content Rating Extbase Project SQL Injection vulnerability in Content Rating Extbase Project Content Rating Extbase 2.0.3

SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2015-02-03 CVE-2015-1403 Content Rating Project SQL Injection vulnerability in Content Rating Project Content Rating 1.0.3

SQL injection vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2015-02-03 CVE-2015-1400 Npds SQL Injection vulnerability in Npds Revolution 13.0

SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter.

7.5
2015-02-03 CVE-2014-9633 Comodo Permissions, Privileges, and Access Controls vulnerability in Comodo Backup 4.4.1

The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference.

7.5
2015-02-03 CVE-2014-9328 Fedoraproject
Clamav
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."

7.5
2015-02-02 CVE-2015-1450 Restaurantbiller SQL Injection vulnerability in Restaurantbiller Restaurant Biller

SQL injection vulnerability in Restaurant Biller allows remote attackers to execute arbitrary SQL commands via the cid parameter in a category action to index.php.

7.5
2015-02-06 CVE-2014-9643 K7Computing Permissions, Privileges, and Access Controls vulnerability in K7Computing products

K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call.

7.2
2015-02-06 CVE-2014-9642 Bullguard Permissions, Privileges, and Access Controls vulnerability in Bullguard products

bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.

7.2
2015-02-06 CVE-2014-9641 Trendmicro Permissions, Privileges, and Access Controls vulnerability in Trendmicro Tmeext.Sys 2.0.0.1014

The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.

7.2
2015-02-06 CVE-2014-9632 AVG Permissions, Privileges, and Access Controls vulnerability in AVG Internet Security and Protection

The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection before 2015.5315 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x830020f8 IOCTL call.

7.2
2015-02-02 CVE-2014-0998 Freebsd Numeric Errors vulnerability in Freebsd 10.1

Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service (crash) and possibly gain privileges via a negative value in a VT_WAITACTIVE ioctl call, which triggers an array index error and out-of-bounds kernel memory access.

7.2
2015-02-03 CVE-2014-8779 Pexip 7PK - Security Features vulnerability in Pexip Infinity 7.0

Pexip Infinity before 8 uses the same SSH host keys across different customers' installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these keys.

7.1
2015-02-02 CVE-2015-1454 Bluecoat Cryptographic Issues vulnerability in Bluecoat Proxyclient and Unified Agent

Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software updates, via a crafted certificate.

7.1

79 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-02-06 CVE-2015-1305 Mcafee
Microsoft
Permissions, Privileges, and Access Controls vulnerability in Mcafee Data Loss Prevention Endpoint

McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call.

6.9
2015-02-06 CVE-2014-5332 Linux Race Condition vulnerability in Linux Kernel 3.10

Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox.

6.9
2015-02-03 CVE-2015-1458 Fortinet Permissions, Privileges, and Access Controls vulnerability in Fortinet Fortiauthenticator 3.0.0

Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcore_enable_shell_access and executing the "shell" command.

6.9
2015-02-08 CVE-2014-9673 Canonical
Debian
Redhat
Opensuse
Freetype
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

6.8
2015-02-08 CVE-2014-9669 Canonical
Freetype
Redhat
Oracle
Opensuse
Debian
Fedoraproject
Out-Of-Bounds Read vulnerability in multiple products

Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.

6.8
2015-02-08 CVE-2014-9667 Debian
Canonical
Fedoraproject
Freetype
Opensuse
Redhat
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.

6.8
2015-02-08 CVE-2014-9666 Opensuse
Oracle
Canonical
Debian
Redhat
Fedoraproject
Freetype
Numeric Errors vulnerability in multiple products

The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.

6.8
2015-02-08 CVE-2014-9664 Redhat
Debian
Opensuse
Canonical
Fedoraproject
Freetype
Oracle
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.

6.8
2015-02-04 CVE-2014-9041 Owncloud Cross-Site Request Forgery (CSRF) vulnerability in Owncloud

The import functionality in the bookmarks application in ownCloud server before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 does not validate CSRF tokens, which allow remote attackers to conduct CSRF attacks.

6.8
2015-02-04 CVE-2014-9331 Zohocorp Cross-Site Request Forgery (CSRF) vulnerability in Zohocorp Manageengine Desktop Central

Cross-site request forgery (CSRF) vulnerability in ZOHO ManageEngine Desktop Central before 9 build 90130 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an addUser action to STATE_ID/1417736606982/roleMgmt.do.

6.8
2015-02-02 CVE-2015-1049 Siemens Improper Input Validation vulnerability in Siemens Scalance X-200 Series Firmware

The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors.

6.8
2015-02-02 CVE-2015-0596 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Meetings Server

Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj67163.

6.8
2015-02-04 CVE-2015-1481 Ansible Permissions, Privileges, and Access Controls vulnerability in Ansible Tower 2.0.4

Ansible Tower (aka Ansible UI) before 2.0.5 allows remote organization administrators to gain privileges by creating a superuser account.

6.5
2015-02-04 CVE-2015-1479 Zohocorp SQL Injection vulnerability in Zohocorp Servicedesk Plus 9.0

SQL injection vulnerability in reports/CreateReportTable.jsp in ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows remote authenticated users to execute arbitrary SQL commands via the site parameter.

6.5
2015-02-02 CVE-2015-1393 10Web SQL Injection vulnerability in 10Web Photo Gallery

SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php.

6.5
2015-02-07 CVE-2013-5557 Cisco Code vulnerability in Cisco Adaptive Security Appliance Software

The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP request that triggers a rewrite, aka Bug ID CSCug91577.

6.3
2015-02-08 CVE-2014-9672 Oracle
Debian
Canonical
Freetype
Opensuse
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.

5.8
2015-02-02 CVE-2015-0512 EMC Open Redirection vulnerability in EMC Unisphere Central 3.5.0

Open redirect vulnerability in EMC Unisphere Central before 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter.

5.8
2015-02-02 CVE-2014-8918 IBM Cryptographic Issues vulnerability in IBM Security Appscan

IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2015-02-02 CVE-2014-7882 HP Permissions, Privileges, and Access Controls vulnerability in HP Sitescope

Unspecified vulnerability in HP SiteScope 11.1x and 11.2x allows remote authenticated users to gain privileges via unknown vectors.

5.5
2015-02-08 CVE-2014-9675 Canonical
Freetype
Debian
Fedoraproject
Redhat
Opensuse
Permissions, Privileges, and Access Controls vulnerability in multiple products

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.

5.0
2015-02-07 CVE-2015-0602 Cisco Information Exposure vulnerability in Cisco Unified IP Phones 9900 Series Firmware 9.3(2)

The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive information by sniffing the network, aka Bug ID CSCuq12117.

5.0
2015-02-07 CVE-2015-0600 Cisco Improper Input Validation vulnerability in Cisco Unified IP Phones 9900 Series Firmware 9.3(2)

The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to cause a denial of service (logoff) via crafted packets, aka Bug ID CSCuq12139.

5.0
2015-02-07 CVE-2014-9203 GE
Mactek
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Buffer overflow in the Field Device Tool (FDT) Frame application in the HART Device Type Manager (DTM) library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM 1.00.0, GE SVI II AP Positioner DTM 2.00.1, and GE 12400 Level Transmitter DTM 1.00.0, allows remote attackers to cause a denial of service (DTM outage) via crafted packets.

5.0
2015-02-07 CVE-2015-0604 Cisco Improper Input Validation vulnerability in Cisco products

The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424.

5.0
2015-02-06 CVE-2014-9636 Unzip Project
Canonical
Debian
Fedoraproject
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.

5.0
2015-02-06 CVE-2015-1210 Google
Apple
Linux
Microsoft
Permissions, Privileges, and Access Controls vulnerability in Google Chrome

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

5.0
2015-02-04 CVE-2015-1482 Ansible Information Exposure vulnerability in Ansible Tower 2.0.4

Ansible Tower (aka Ansible UI) before 2.0.5 allows remote attackers to bypass authentication and obtain sensitive information via a websocket connection to socket.io/1/.

5.0
2015-02-04 CVE-2014-9048 Owncloud Permissions, Privileges, and Access Controls vulnerability in Owncloud

The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote attackers to bypass the password-protection for shared files via the API.

5.0
2015-02-04 CVE-2014-9046 Owncloud Information Exposure vulnerability in Owncloud

The OC_Util::getUrlContent function in ownCloud Server before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote attackers to read arbitrary files via a file:// protocol.

5.0
2015-02-04 CVE-2014-9045 Owncloud Improper Authentication vulnerability in Owncloud

The FTP backend in user_external in ownCloud Server before 5.0.18 and 6.x before 6.0.6 allows remote attackers to bypass intended authentication requirements via a crafted password.

5.0
2015-02-04 CVE-2014-9044 Owncloud Information Exposure vulnerability in Owncloud 7.0.0/7.0.1/7.0.2

Asset Pipeline in ownCloud 7.x before 7.0.3 uses an MD5 hash of the absolute file paths of the original CSS and JS files as the name of the concatenated file, which allows remote attackers to obtain sensitive information via a brute force attack.

5.0
2015-02-04 CVE-2014-9043 Owncloud Improper Authentication vulnerability in Owncloud

The user_ldap (aka LDAP user and group backend) application in ownCloud before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote attackers to bypass authentication via a null byte in the password and a valid user name, which triggers an unauthenticated bind.

5.0
2015-02-03 CVE-2015-1463 Clamav
Fedoraproject
Code vulnerability in multiple products

ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."

5.0
2015-02-03 CVE-2015-1382 Debian
Privoxy
Opensuse
Improper Input Validation vulnerability in multiple products

parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header.

5.0
2015-02-03 CVE-2015-1381 Opensuse
Debian
Privoxy
Resource Management Errors vulnerability in multiple products

Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors.

5.0
2015-02-03 CVE-2015-1380 Privoxy
Oracle
Opensuse
Improper Input Validation vulnerability in multiple products

jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (abort) via a crafted chunk-encoded body.

5.0
2015-02-03 CVE-2014-9556 Libmspack Project
Opensuse
Numeric Errors vulnerability in Libmspack Project Libmspack 0.4

Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.

5.0
2015-02-02 CVE-2015-1453 Fortinet Cryptographic Issues vulnerability in Fortinet Forticlient 5.2.3.091

The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of FoRtInEt!AnDrOiD, which makes it easier for attackers to obtain passwords and possibly other sensitive data by leveraging the key to decrypt data in the Shared Preferences.

5.0
2015-02-02 CVE-2015-0223 Apache Permissions, Privileges, and Access Controls vulnerability in Apache Qpid

Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling.

5.0
2015-02-02 CVE-2015-1357 Siemens Information Exposure vulnerability in Siemens Ruggedcom Firmware Bs4.4.4621.31/Ss4.4.4624.34

Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allow context-dependent attackers to discover password hashes by reading (1) files or (2) security logs.

5.0
2015-02-02 CVE-2015-0597 Cisco Improper Input Validation vulnerability in Cisco Webex Meetings Server

The Forgot Password feature in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to enumerate administrative accounts via crafted packets, aka Bug IDs CSCuj67166 and CSCuj67159.

5.0
2015-02-02 CVE-2015-0595 Cisco Information Exposure vulnerability in Cisco Webex Meetings Server

The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading return messages from crafted GET requests, aka Bug ID CSCuj67079.

5.0
2015-02-02 CVE-2014-6170 IBM Information Exposure vulnerability in IBM Integration BUS and Websphere Message Broker

The HTTPInput node in IBM WebSphere Message Broker 7.0 before 7.0.0.8 and 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.4 allows remote attackers to obtain sensitive information by triggering a SOAP fault.

5.0
2015-02-02 CVE-2014-6136 IBM Cryptographic Issues vulnerability in IBM Security Appscan

IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 supports unencrypted sessions, which allows remote attackers to obtain sensitive information by sniffing the network.

5.0
2015-02-03 CVE-2014-8013 Cisco Improper Input Validation vulnerability in Cisco Nx-Os

The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial of service (device reload) via a long CLI command, aka Bug ID CSCur54182.

4.9
2015-02-03 CVE-2015-1457 Fortinet Information Exposure vulnerability in Fortinet Fortiauthenticator 3.0.0

Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command.

4.9
2015-02-07 CVE-2015-0603 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Unified IP Phones 9900 Series Firmware 9.3(2)

Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to cause a denial of service (persistent hang or reboot) by writing to a phone's filesystem, aka Bug ID CSCup90474.

4.6
2015-02-07 CVE-2015-0601 Cisco Improper Input Validation vulnerability in Cisco products

Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allow local users to cause a denial of service (device reload) via crafted commands, aka Bug ID CSCup92790.

4.6
2015-02-02 CVE-2014-8612 Freebsd Permissions, Privileges, and Access Controls vulnerability in Freebsd

Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to (1) gain privileges via the stream id to the setsockopt function, when setting the SCTIP_SS_VALUE option, or (2) read arbitrary kernel memory via the stream id to the getsockopt function, when getting the SCTP_SS_PRIORITY option.

4.6
2015-02-08 CVE-2014-9671 Redhat
Debian
Canonical
Oracle
Opensuse
Freetype
Remote vulnerability in FreeType Versions Prior to 2.5.4

Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.

4.3
2015-02-08 CVE-2014-9670 Debian
Opensuse
Fedoraproject
Oracle
Redhat
Canonical
Freetype
Numeric Errors vulnerability in multiple products

Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.

4.3
2015-02-07 CVE-2015-0072 Microsoft Cross-Site Scripting vulnerability in Microsoft Internet Explorer 10/11/9

Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy and inject arbitrary web script or HTML via vectors involving an IFRAME element that triggers a redirect, a second IFRAME element that does not trigger a redirect, and an eval of a WindowProxy object, aka "Universal XSS (UXSS)."

4.3
2015-02-07 CVE-2015-0871 Shiromuku Cross-Site Scripting vulnerability in Shiromuku Guestbook 1.61

Cross-site scripting (XSS) vulnerability in Mrs.

4.3
2015-02-07 CVE-2015-0605 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Asyncos

The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 8.5 and earlier allows remote attackers to bypass intended content restrictions via a crafted e-mail attachment with uuencode encoding, aka Bug ID CSCzv54343.

4.3
2015-02-06 CVE-2015-1512 Fancyfon Cross-Site Scripting vulnerability in Fancyfon Famoc 3.16.5

Multiple cross-site scripting (XSS) vulnerabilities in FancyFon FAMOC before 3.17.4 allow remote attackers to inject arbitrary web script or HTML via the (1) LoginForm[username] to ui/system/login or the (2) order or (3) myorgs to index.php.

4.3
2015-02-06 CVE-2015-1444 Fli4L Cross-Site Scripting vulnerability in Fli4L 3.10.0/4.0

Multiple cross-site scripting (XSS) vulnerabilities in the web administration frontend in the httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30 allow remote attackers to inject arbitrary web script or HTML via the (1) conntrack.cgi, (2) index.cgi, (3) log_syslog.cgi, (4) problems.cgi, (5) status.cgi, (6) status_network.cgi, or (7) status_system.cgi script in admin/.

4.3
2015-02-04 CVE-2014-9562 M2 Technologies Cross-Site Scripting vulnerability in M2 Technologies Optimalsite 0.1/2.4

Cross-site scripting (XSS) vulnerability in display_dialog.php in M2 OptimalSite 0.1 and 2.4 allows remote attackers to inject arbitrary web script or HTML via the image parameter.

4.3
2015-02-04 CVE-2014-9047 Owncloud Security vulnerability in ownCloud

Multiple unspecified vulnerabilities in the preview system in ownCloud 6.x before 6.0.6 and 7.x before 7.0.3 allow remote attackers to read arbitrary files via unknown vectors.

4.3
2015-02-04 CVE-2014-5341 Owncloud Information Exposure vulnerability in Owncloud

The SFTP external storage driver (files_external) in ownCloud Server before 6.0.5 validates the RSA Host key after login, which allows remote attackers to obtain sensitive information by sniffing the network.

4.3
2015-02-04 CVE-2015-1478 Cmsjunkie Cross-Site Scripting vulnerability in Cmsjunkie J-Classifiedsmanager

Cross-site scripting (XSS) vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the view parameter to /classifieds.

4.3
2015-02-04 CVE-2015-1475 Mylittleforum Cross-Site Scripting vulnerability in Mylittleforum MY Little Forum 1.7/2.2/2.3.3

Multiple cross-site scripting (XSS) vulnerabilities in my little forum 2.3.3, 2.2, and 1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) page or (2) category parameter to forum.php or the (3) page or (4) order parameter to (a) board_entry.php or (b) forum_entry.php.

4.3
2015-02-04 CVE-2015-1437 Asus Cross-Site Scripting vulnerability in Asus Rt-N10+D1 Firmware 2.1.1.1.70

Multiple cross-site scripting (XSS) vulnerabilities in Asus RT-N10+ D1 router with firmware 2.1.1.1.70 allow remote attackers to inject arbitrary web script or HTML via the flag parameter to (1) result_of_get_changed_status.asp or (2) error_page.htm.

4.3
2015-02-03 CVE-2015-0599 Cisco 7PK - Security Features vulnerability in Cisco Unified Computing System

The web interface in Cisco Integrated Management Controller in Cisco Unified Computing System (UCS) on C-Series Rack Servers does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCuf50138.

4.3
2015-02-03 CVE-2014-8021 Cisco Cross-Site Scripting vulnerability in Cisco Anyconnect Secure Mobility Client and Hostscan Engine

Cross-site scripting (XSS) vulnerability in Cisco AnyConnect Secure Mobility Client 3.1(.02043) and earlier and Cisco HostScan Engine 3.1(.05183) and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving an applet-path URL, aka Bug IDs CSCup82990 and CSCuq80149.

4.3
2015-02-03 CVE-2015-1459 Fortinet Cross-Site Scripting vulnerability in Fortinet Fortiauthenticator 3.0.0

Cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the operation parameter to cert/scep/.

4.3
2015-02-03 CVE-2015-1433 Roundcube
Opensuse
Fedoraproject
Cross-Site Scripting vulnerability in multiple products

program/lib/Roundcube/rcube_washtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the style attribute in an email.

4.3
2015-02-03 CVE-2015-1404 Content Rating Extbase Project Cross-Site Scripting vulnerability in Content Rating Extbase Project Content Rating Extbase 2.0.3

Cross-site scripting (XSS) vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2015-02-03 CVE-2015-1402 Content Rating Project Cross-Site Scripting vulnerability in Content Rating Project Content Rating 1.0.3

Cross-site scripting (XSS) vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2015-02-03 CVE-2015-1384 Banner Effect Header Project Cross-Site Scripting vulnerability in Banner Effect Header Project Banner Effect Header 1.2.6/1.2.7

Cross-site scripting (XSS) vulnerability in the Banner Effect Header plugin before 1.2.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the banner_effect_divid parameter in the BannerEffectOptions page to wp-admin/options-general.php.

4.3
2015-02-03 CVE-2014-9559 Snipsnap Cross-Site Scripting vulnerability in Snipsnap 0.5.2A/1.0B1/1.0B2

Cross-site scripting (XSS) vulnerability in SnipSnap 0.5.2a, 1.0b1, and 1.0b2 allows remote attackers to inject arbitrary web script or HTML via the query parameter to /snipsnap-search.

4.3
2015-02-03 CVE-2014-5360 Landesk Cross-Site Scripting vulnerability in Landesk Management Suite 8.7/8.8/9.6

Cross-site scripting (XSS) vulnerability in the admin interface in LANDESK Management Suite before 9.6 SP1 allows remote attackers to inject arbitrary web script or HTML via the AMTVersion parameter to remote/serverlist_grouptree.aspx.

4.3
2015-02-02 CVE-2015-1385 Blubrry Cross-Site Scripting vulnerability in Blubrry Powerpress Podcasting

Cross-site scripting (XSS) vulnerability in the Blubrry PowerPress Podcasting plugin before 6.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cat parameter in a powerpress-editcategoryfeed action in the powerpressadmin_categoryfeeds.php page to wp-admin/admin.php.

4.3
2015-02-02 CVE-2015-1383 GEO Mashup Project Cross-Site Scripting vulnerability in GEO Mashup Project GEO Mashup

Cross-site scripting (XSS) vulnerability in the geo search widget in the Geo Mashup plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search key.

4.3
2015-02-02 CVE-2015-0866 Zohocorp Cross-Site Scripting vulnerability in Zohocorp Manageengine Supportcenter Plus 7.9

Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.9 before hotfix 7941 allow remote attackers to inject arbitrary web script or HTML via the (1) fromCustomer, (2) username, or (3) password parameter to HomePage.do.

4.3
2015-02-06 CVE-2014-9354 Netapp Information Exposure vulnerability in Netapp Oncommand Balance 4.2

NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage.

4.0
2015-02-04 CVE-2014-9049 Owncloud Information Exposure vulnerability in Owncloud

The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote authenticated users to obtain all valid session IDs via an unspecified API method.

4.0
2015-02-04 CVE-2015-1480 Manageengine Information Exposure vulnerability in Manageengine Servicedesk Plus

ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows remote authenticated users to obtain sensitive ticket information via a (1) getTicketData action to servlet/AJaxServlet or a direct request to (2) swf/flashreport.swf, (3) reports/flash/details.jsp, or (4) reports/CreateReportTable.jsp.

4.0
2015-02-03 CVE-2015-1456 Fortinet Information Exposure vulnerability in Fortinet Fortiauthenticator 3.0.0

Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/.

4.0

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-02-04 CVE-2014-9042 Owncloud Cross-Site Scripting vulnerability in Owncloud

Cross-site scripting (XSS) vulnerability in the import functionality in the bookmarks application in ownCloud before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote authenticated users to inject arbitrary web script or HTML by importing a link with an unspecified protocol.

3.5
2015-02-02 CVE-2015-1451 Fortinet Cross-Site Scripting vulnerability in Fortinet Fortios 5.0.7

Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join request.

3.5
2015-02-03 CVE-2014-9568 Voxpupuli Information Exposure vulnerability in Voxpupuli Rabbitmq 3.0.0/3.1.0/4.0.0

puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter.

2.1