Weekly Vulnerabilities Reports > February 16 to 22, 2015
Overview
93 new vulnerabilities reported during this period, including 9 critical vulnerabilities and 14 high severity vulnerabilities. This weekly summary report vulnerabilities in 107 products from 56 vendors including Cisco, IBM, Redhat, MIT, and Mcafee. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Input Validation", "Information Exposure", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".
- 79 reported vulnerabilities are remotely exploitables.
- 7 reported vulnerabilities have public exploit available.
- 30 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 71 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 13 reported vulnerabilities.
- MIT has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
9 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-02-21 | CVE-2015-0331 | Adobe Apple Microsoft Linux | Use After Free Remote Code Execution vulnerability in Adobe Flash Player Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322. | 10.0 |
2015-02-20 | CVE-2015-2033 | Infoblox | Improper Authentication vulnerability in Infoblox Netmri Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request. | 10.0 |
2015-02-16 | CVE-2015-1498 | Persistent Systems | Permissions, Privileges, and Access Controls vulnerability in Persistent Systems Radia Client Automation Persistent Systems Radia Client Automation does not properly restrict access to certain request, which allows remote attackers to (1) enumerate user accounts via a getUsers request, (2) assign a role to a user account via an addAssigneesToRole request, (3) remove a role from a user account via a removeAssigneesFromRole request, or (4) have other unspecified impact. | 10.0 |
2015-02-16 | CVE-2015-1497 | Persistent Systems | Code Injection vulnerability in Persistent Systems Radia Client Automation radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465. | 10.0 |
2015-02-16 | CVE-2015-1474 | Numeric Errors vulnerability in Google Android Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial of service (memory corruption) via vectors that trigger a large number of (1) file descriptors or (2) integer values. | 10.0 | |
2015-02-17 | CVE-2015-1427 | Elastic Redhat | The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script. | 9.8 |
2015-02-19 | CVE-2014-9421 | MIT | Remote Code Execution vulnerability in MIT Kerberos 5 'kadmind' Daemon The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR deserialization, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via malformed XDR data, as demonstrated by data sent to kadmind. | 9.0 |
2015-02-19 | CVE-2014-5352 | MIT | Double Free Remote Code Execution vulnerability in MIT krb5 kadmind The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via crafted GSSAPI traffic, as demonstrated by traffic to kadmind. | 9.0 |
2015-02-16 | CVE-2014-9375 | Lexmark | Path Traversal vulnerability in Lexmark Markvision Enterprise Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. | 9.0 |
14 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-02-16 | CVE-2015-1499 | Samsung | Permissions, Privileges, and Access Controls vulnerability in Samsung Security Manager 1.30 The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 allows remote attackers to delete arbitrary files, and consequently cause a denial of service, via a DELETE request. | 8.5 |
2015-02-17 | CVE-2014-8757 | LG | Improper Access Control vulnerability in LG On-Screen Phone 4.3.009 LG On-Screen Phone (OSP) before 4.3.010 allows remote attackers to bypass authorization via a crafted request. | 8.3 |
2015-02-18 | CVE-2015-0621 | Cisco | Data Processing Errors vulnerability in Cisco Telepresence MCU 4500 Series Software 4.5(1.45) Cisco TelePresence MCU devices with software 4.5(1.45) allow remote attackers to cause a denial of service (device reload) via an unspecified series of TCP packets, aka Bug ID CSCur50347. | 7.8 |
2015-02-20 | CVE-2014-3682 | Redhat | Remote Security vulnerability in Jbpm-Designer 6.0.0/6.0.1/6.2.0 XML external entity (XXE) vulnerability in the JBPMBpmn2ResourceImpl function in designer/bpmn2/resource/JBPMBpmn2ResourceImpl.java in jbpm-designer 6.0.x and 6.2.x allows remote attackers to read arbitrary files and possibly have other unspecified impact by importing a crafted BPMN2 file. | 7.5 |
2015-02-19 | CVE-2015-1592 | Debian Sixapart | Injection vulnerability in multiple products Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors. | 7.5 |
2015-02-19 | CVE-2015-1587 | Maarch | Arbitrary File Upload vulnerability in Maarch Gec/Ged and Letterbox Unrestricted file upload vulnerability in file_to_index.php in Maarch LetterBox 2.8 and earlier and GEC/GED 1.4 and earlier allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a request to a predictable filename in tmp/. | 7.5 |
2015-02-22 | CVE-2014-6184 | IBM | Out-of-bounds Write vulnerability in IBM Tivoli Storage Manager Stack-based buffer overflow in dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4 through 5.4.3.6, 5.5 through 5.5.4.3, 6.1 through 6.1.5.6, 6.2 before 6.2.5.4, and 6.3 before 6.3.2.3 on UNIX, Linux, and OS X allows local users to gain privileges via unspecified vectors. | 7.2 |
2015-02-20 | CVE-2015-0584 | Cisco | Improper Input Validation vulnerability in Cisco Desktop Collaboration Experience Dx650 The image-upgrade implementation on Cisco Desktop Collaboration Experience (aka Collaboration Desk Experience or DX) DX650 endpoints allows local users to execute arbitrary OS commands via an unspecified parameter, aka Bug ID CSCus38947. | 7.2 |
2015-02-19 | CVE-2015-1515 | Softsphere | Permissions, Privileges, and Access Controls vulnerability in Softsphere Defensewall Personal Firewall 3.24 The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222000, 0x00222004, 0x00222008, 0x0022200c, or 0x00222010 IOCTL call. | 7.2 |
2015-02-16 | CVE-2015-1496 | Motorola | Permissions, Privileges, and Access Controls vulnerability in Motorola Scanner SDK Motorola Scanner SDK uses weak permissions for (1) CoreScanner.exe, (2) rsmdriverproviderservice.exe, and (3) ScannerService.exe, which allows local users to gain privileges via unspecified vectors. | 7.2 |
2015-02-21 | CVE-2015-0631 | Cisco | Race Condition vulnerability in Cisco IPS Sensor Software 7.2(1)E4/7.2(2)E4 Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688. | 7.1 |
2015-02-21 | CVE-2015-0618 | Cisco | Data Processing Errors vulnerability in Cisco Carrier Routing System and IOS XR Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241. | 7.1 |
2015-02-19 | CVE-2015-0622 | Cisco | Improper Input Validation vulnerability in Cisco Wireless LAN Controller The Wireless Intrusion Detection (aka WIDS) functionality on Cisco Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service (device outage) via crafted packets that are improperly handled during rendering of the Signature Events Summary page, aka Bug ID CSCus46861. | 7.1 |
2015-02-16 | CVE-2015-0609 | Cisco | Race Condition vulnerability in Cisco IOS Race condition in the Common Classification Engine (CCE) in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCuj96752. | 7.1 |
60 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-02-20 | CVE-2015-2039 | Acobot Live Chat Contact Form Project | Cross-Site Request Forgery (CSRF) vulnerability in Acobot Live Chat & Contact Form Project Acobot Live Chat & Contact Form 2.0 Multiple cross-site request forgery (CSRF) vulnerabilities in the Acobot Live Chat & Contact Form plugin 2.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or (2) conduct cross-site scripting (XSS) attacks via the acobot_token parameter in the acobot page to wp-admin/options-general.php. | 6.8 |
2015-02-20 | CVE-2014-8114 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat Uberfire The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet. | 6.8 |
2015-02-20 | CVE-2015-0880 | Crear NE JP | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Crear.Ne.Jp Al-Mail32 1.13 Buffer overflow in CREAR AL-Mail32 before 1.13d allows remote attackers to execute arbitrary code via a long filename of an attachment. | 6.8 |
2015-02-19 | CVE-2015-1614 | Image Metadata Cruncher Project | Cross-Site Request Forgery (CSRF) vulnerability in Image Metadata Cruncher Project Image Metadata Cruncher Multiple cross-site request forgery (CSRF) vulnerabilities in the Image Metadata Cruncher plugin for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) image_metadata_cruncher[alt] or (2) image_metadata_cruncher[caption] parameter in an update action in the image_metadata_cruncher_title page to wp-admin/options.php or (3) custom image meta tag to the image metadata cruncher page. | 6.8 |
2015-02-19 | CVE-2015-1585 | Fatfreecrm | Cross-Site Request Forgery (CSRF) vulnerability in Fatfreecrm FAT Free CRM Fat Free CRM before 0.13.6 allows remote attackers to conduct cross-site request forgery (CSRF) attacks via a request without the authenticity_token, as demonstrated by a crafted HTML page that creates a new administrator account. | 6.8 |
2015-02-19 | CVE-2014-9679 | Apple Canonical Fedoraproject Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Cups Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow. | 6.8 |
2015-02-16 | CVE-2015-1501 | Solarwinds | Code Injection vulnerability in Solarwinds Server and Application Monitor The factory.loadExtensionFactory function in TSUnicodeGraphEditorControl in SolarWinds Server and Application Monitor (SAM) allow remote attackers to execute arbitrary code via a UNC path to a crafted binary. | 6.8 |
2015-02-16 | CVE-2015-1500 | Solarwinds | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Solarwinds Server and Application Monitor Multiple stack-based buffer overflows in the TSUnicodeGraphEditorControl in SolarWinds Server and Application Monitor (SAM) allow remote attackers to execute arbitrary code via unspecified vectors to (1) graphManager.load or (2) factory.load. | 6.8 |
2015-02-16 | CVE-2015-1495 | Motorola | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Motorola Scanner SDK Multiple stack-based buffer overflows in Motorola Scanner SDK allow remote attackers to execute arbitrary code via a crafted string to the Open method in (1) IOPOSScanner.ocx or (2) IOPOSScale.ocx. | 6.8 |
2015-02-20 | CVE-2015-2035 | Piwigo | SQL Injection vulnerability in Piwigo SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php. | 6.5 |
2015-02-20 | CVE-2014-8115 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat KIE Workbench 6.0.0/6.0.1 The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors. | 6.5 |
2015-02-19 | CVE-2015-1604 | Adminsystems CMS Project | Improper Input Validation vulnerability in Adminsystems CMS Project Adminsystems CMS 4.0.0 Unrestricted file upload vulnerability in asys/site/files.php in Adminsystems CMS before 4.0.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/files/. | 6.5 |
2015-02-17 | CVE-2015-1616 | Mcafee | SQL Injection vulnerability in Mcafee Data Loss Prevention Endpoint SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2015-02-16 | CVE-2015-1434 | Mylittleforum | SQL Injection vulnerability in Mylittleforum MY Little Forum Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the (1) letter parameter in a user action or (2) edit_category parameter to index.php. | 6.5 |
2015-02-19 | CVE-2014-5286 | Tibco | Permissions, Privileges, and Access Controls vulnerability in Tibco products The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveMatrix Policy Agent 3.x before 3.1.2, ActiveMatrix Policy Manager 3.x before 3.1.2, ActiveMatrix Management Agent 1.x before 1.2.1 for WCF, and ActiveMatrix Management Agent 1.x before 1.2.1 for WebSphere allows remote attackers to gain privileges and obtain sensitive information via unspecified vectors. | 6.4 |
2015-02-19 | CVE-2014-9422 | MIT | Improper Access Control vulnerability in MIT Kerberos 5 The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal. | 6.1 |
2015-02-20 | CVE-2015-1517 | Piwigo | SQL Injection vulnerability in Piwigo SQL injection vulnerability in Piwigo before 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php. | 6.0 |
2015-02-20 | CVE-2015-0878 | Almail | Path Traversal vulnerability in Almail Al-Mail32 Directory traversal vulnerability in CREAR AL-Mail32 before 1.13d allows remote attackers to write to arbitrary files via a crafted filename of an attachment. | 5.8 |
2015-02-19 | CVE-2015-1349 | ISC | Resource Management Errors vulnerability in ISC Bind named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. | 5.4 |
2015-02-20 | CVE-2014-5355 | MIT | Denial of Service vulnerability in MIT Kerberos 5 MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a denial of service (NULL pointer dereference) via a zero-byte version string or (2) cause a denial of service (out-of-bounds read) by omitting the '\0' character, related to appl/user_user/server.c and lib/krb5/krb/recvauth.c. | 5.0 |
2015-02-20 | CVE-2015-0628 | Cisco | Information Exposure vulnerability in Cisco web Security Appliance The proxy engine on Cisco Web Security Appliance (WSA) devices allows remote attackers to bypass intended proxying restrictions via a malformed HTTP method, aka Bug ID CSCus79174. | 5.0 |
2015-02-19 | CVE-2014-3578 | Pivotal Software | Path Traversal vulnerability in Pivotal Software Spring Framework Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL. | 5.0 |
2015-02-19 | CVE-2014-9465 | Fedoraproject Zarafa | Resource Management Errors vulnerability in multiple products senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x before 7.1.12 beta 1 and 7.2.x before 7.2.0 beta 1 allows remote attackers to cause a denial of service (/tmp disk consumption) by uploading a large number of files. | 5.0 |
2015-02-19 | CVE-2012-6687 | Fastcgi | Improper Input Validation vulnerability in Fastcgi Fcgi 2.4.0 FastCGI (aka fcgi and libfcgi) 2.4.0 allows remote attackers to cause a denial of service (segmentation fault and crash) via a large number of connections. | 5.0 |
2015-02-19 | CVE-2014-9423 | MIT | Information Exposure vulnerability in MIT Kerberos 5 The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap memory by sniffing the network for data in a handle field. | 5.0 |
2015-02-19 | CVE-2014-6304 | Pnmsoft | Information Exposure vulnerability in Pnmsoft Sequence Kinetics 7.5 The Form Controls CSS file in PNMsoft Sequence Kinetics before 7.7 allows remote attackers to obtain sensitive source-code information via unspecified vectors. | 5.0 |
2015-02-19 | CVE-2014-6303 | Pnmsoft | Resource Management Errors vulnerability in Pnmsoft Sequence Kinetics 7.5 The Monitoring Administration pages in PNMsoft Sequence Kinetics before 7.7 do not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | 5.0 |
2015-02-19 | CVE-2014-6302 | Pnmsoft | Remote Security vulnerability in Pnmsoft Sequence Kinetics 7.5 The Monitoring Administration pages in PNMsoft Sequence Kinetics before 7.7 allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 5.0 |
2015-02-18 | CVE-2015-1358 | Siemens | Cryptographic Issues vulnerability in Siemens Wincc 13.0 The remote-management module in the (1) Multi Panels, (2) Comfort Panels, and (3) RT Advanced functionality in Siemens SIMATIC WinCC (TIA Portal) before 13 SP1 and in the (4) panels and (5) runtime functionality in SIMATIC WinCC flexible before 2008 SP3 Up7 does not properly encrypt credentials in transit, which makes it easier for remote attackers to determine cleartext credentials by sniffing the network and conducting a decryption attack. | 5.0 |
2015-02-18 | CVE-2015-0617 | Cisco | Resource Management Errors vulnerability in Cisco ASR 5000 Series Software Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices allow remote attackers to cause a denial of service (CPU consumption and SNMP outage) via malformed SNMP packets, aka Bug ID CSCur13393. | 5.0 |
2015-02-16 | CVE-2015-0268 | XEN | Improper Input Validation vulnerability in XEN 4.5.0 The vgic_v2_to_sgi function in arch/arm/vgic-v2.c in Xen 4.5.x, when running on ARM hardware with general interrupt controller (GIC) version 2, allows local guest users to cause a denial of service (host crash) by writing an invalid value to the GICD.SGIR register. | 4.9 |
2015-02-17 | CVE-2015-0247 | E2Fsprogs Project Debian Canonical Fedoraproject | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image. | 4.6 |
2015-02-18 | CVE-2015-1356 | Siemens | Permissions, Privileges, and Access Controls vulnerability in Siemens Simatic Step 7 12.0/13.0/5.5 Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file. | 4.4 |
2015-02-21 | CVE-2015-0624 | Cisco | Improper Input Validation vulnerability in Cisco products The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and CSCur89639. | 4.3 |
2015-02-20 | CVE-2015-2040 | Cfdbplugin | Cross-site Scripting vulnerability in Cfdbplugin Contact Form DB 2.8.26 Cross-site scripting (XSS) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin 2.8.26 for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit_time parameter in the CF7DBPluginSubmissions page to wp-admin/admin.php. | 4.3 |
2015-02-20 | CVE-2015-2034 | Piwigo | Cross-site Scripting vulnerability in Piwigo Cross-site scripting (XSS) vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter to admin.php. | 4.3 |
2015-02-20 | CVE-2015-0167 | Textangular | Cross-site Scripting vulnerability in Textangular 1.3.6 Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in textAngular before 1.3.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the editor. | 4.3 |
2015-02-20 | CVE-2015-0881 | Squid Cache | HTTP Header Injection vulnerability in Squid CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted header in a response. | 4.3 |
2015-02-20 | CVE-2015-0879 | Almail | Improper Input Validation vulnerability in Almail Al-Mail32 CREAR AL-Mail32 before 1.13d allows remote attackers to cause a denial of service (application crash) via a (1) CON, (2) AUX, or (3) NUL device name in the filename of an attachment. | 4.3 |
2015-02-19 | CVE-2015-1879 | Google DOC Embedder | Cross-site Scripting vulnerability in Google DOC Embedder Google DOC Embedder 2.5.18 Cross-site scripting (XSS) vulnerability in the Google Doc Embedder plugin before 2.5.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the profile parameter in an edit action in the gde-settings page to wp-admin/options-general.php. | 4.3 |
2015-02-19 | CVE-2015-1603 | Adminsystems CMS Project | Cross-site Scripting vulnerability in Adminsystems CMS Project Adminsystems CMS 4.0.0 Multiple cross-site scripting (XSS) vulnerabilities in Adminsystems CMS before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php or (2) id parameter in a users_users action to asys/site/system.php. | 4.3 |
2015-02-19 | CVE-2014-9468 | Instantasp | Cross-site Scripting vulnerability in Instantasp Instantforum Multiple cross-site scripting (XSS) vulnerabilities in InstantASP InstantForum.NET 4.1.3, 4.1.2, 4.1.1, 4.0.0, 4.1.0, and 3.4.0 allow remote attackers to inject arbitrary web script or HTML via the SessionID parameter to (1) Join.aspx or (2) Logon.aspx. | 4.3 |
2015-02-19 | CVE-2014-8690 | Exponentcms | Cross-site Scripting vulnerability in Exponentcms Exponent CMS Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS before 2.1.4 patch 6, 2.2.x before 2.2.3 patch 9, and 2.3.x before 2.3.1 patch 4 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, the (2) src parameter in a none action to index.php, or the (3) "First Name" or (4) "Last Name" field to users/edituser. | 4.3 |
2015-02-19 | CVE-2014-6301 | Pnmsoft | Cross-site Scripting vulnerability in Pnmsoft Sequence Kinetics 7.5 Multiple cross-site scripting (XSS) vulnerabilities in the tables-management module in PNMsoft Sequence Kinetics before 7.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-02-19 | CVE-2015-0626 | Cisco | Improper Input Validation vulnerability in Cisco Hosted Collaboration Solution The SOAP interface in Cisco Hosted Collaboration Solution (HCS) allows remote attackers to obtain access to system-management tools via crafted Challenge SOAP calls, aka Bug ID CSCuc38114. | 4.3 |
2015-02-19 | CVE-2015-0623 | Cisco | Cross-site Scripting vulnerability in Cisco web Security Appliance Cross-site scripting (XSS) vulnerability in the Administrator report page on Cisco Web Security Appliance (WSA) devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus40627. | 4.3 |
2015-02-18 | CVE-2015-0108 | IBM | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Maximo Asset Management 7.1 through 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain other products, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-0104, CVE-2015-0107, and CVE-2015-0109. | 4.3 |
2015-02-17 | CVE-2015-1494 | Colorlib | Cross-site Scripting vulnerability in Colorlib Fancybox The FancyBox for WordPress plugin before 3.0.3 for WordPress does not properly restrict access, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an mfbfw[*] parameter in an update action to wp-admin/admin-post.php, as demonstrated by the mfbfw[padding] parameter and exploited in the wild in February 2015. | 4.3 |
2015-02-16 | CVE-2015-1436 | Easing Slider Project | Cross-site Scripting vulnerability in Easing Slider Project Easing Slider Cross-site scripting (XSS) vulnerability in the Easing Slider plugin before 2.2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the (1) easingslider_manage_customizations or (2) easingslider_edit_sliders page to wp-admin/admin.php. | 4.3 |
2015-02-16 | CVE-2015-1435 | Mylittleforum | Cross-site Scripting vulnerability in Mylittleforum MY Little Forum Cross-site scripting (XSS) vulnerability in my little forum before 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the back parameter to index.php. | 4.3 |
2015-02-16 | CVE-2014-6137 | IBM | Cross-site Scripting vulnerability in IBM Tivoli Endpoint Manager Cross-site scripting (XSS) vulnerability in the Relay Diagnostic page in IBM Tivoli Endpoint Manager 9.1 before 9.1.1229 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-02-16 | CVE-2014-6113 | IBM | Cross-site Scripting vulnerability in IBM Tivoli Endpoint Manager Cross-site scripting (XSS) vulnerability in the Web Reports component in IBM Tivoli Endpoint Manager 9.1 before 9.1.1229 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-02-18 | CVE-2015-0620 | Cisco | Improper Input Validation vulnerability in Cisco Telepresence Management Suite The XML parser in Cisco TelePresence Management Suite (TMS) 14.3(.2) and earlier does not properly handle external entities, which allows remote authenticated users to cause a denial of service via POST requests, aka Bug ID CSCus51494. | 4.0 |
2015-02-17 | CVE-2015-1618 | Mcafee | Information Exposure vulnerability in Mcafee Data Loss Prevention Endpoint The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to obtain sensitive password information via a crafted URL. | 4.0 |
2015-02-17 | CVE-2014-9466 | Open Xchange | Permissions, Privileges, and Access Controls vulnerability in Open-Xchange Appsuite 7.4.2/7.6.0/7.6.1 Open-Xchange (OX) AppSuite and Server before 7.4.2-rev42, 7.6.0 before 7.6.0-rev36, and 7.6.1 before 7.6.1-rev14 does not properly handle directory permissions, which allows remote authenticated users to read files via unspecified vectors, related to the "folder identifier." | 4.0 |
2015-02-17 | CVE-2014-8023 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Adaptive Security Appliance Software Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID CSCtz48533. | 4.0 |
2015-02-17 | CVE-2014-6194 | IBM | Path Traversal vulnerability in IBM products Directory traversal vulnerability in an unspecified web form in IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX007, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allows remote authenticated users to read arbitrary files via a .. | 4.0 |
2015-02-16 | CVE-2015-1613 | Rhodecode | Information Exposure vulnerability in Rhodecode Enterprise 2.2.6 RhodeCode before 2.2.7 allows remote authenticated users to obtain API keys and other sensitive information via the (1) update_repo, (2) get_locks, or (3) get_user_groups API method. | 4.0 |
2015-02-16 | CVE-2015-0260 | Kallithea Rhodecode | Information Exposure vulnerability in multiple products RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the get_repo API method. | 4.0 |
2015-02-16 | CVE-2015-1608 | Topline Systems | Permissions, Privileges, and Access Controls vulnerability in Topline Systems Opportunity Form Topline Opportunity Form (aka XLS Opp form) before 2015-02-15 does not properly restrict access to database-connection strings, which allows attackers to read the cleartext version of sensitive credential and e-mail address information via unspecified vectors. | 4.0 |
10 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-02-20 | CVE-2014-0005 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat products PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and JBoss BRMS before 6.0.3 roll up patch 2, allows remote authenticated users to read and modify the application sever configuration and state by deploying a crafted application. | 3.6 |
2015-02-18 | CVE-2015-0109 | IBM | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Maximo Asset Management 7.1 through 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain other products, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-0104, CVE-2015-0107, and CVE-2015-0108. | 3.5 |
2015-02-17 | CVE-2015-1621 | Webform Prepopulate Block Project | Cross-site Scripting vulnerability in Webform Prepopulate Block Project Webform Prepopulate Block 7.X3.0 Cross-site scripting (XSS) vulnerability in the Webform prepopulate block module before 7.x-3.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2015-02-17 | CVE-2015-1619 | Mcafee | Cross-site Scripting vulnerability in Mcafee Email Gateway Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest messages. | 3.5 |
2015-02-17 | CVE-2015-1617 | Mcafee | Cross-site Scripting vulnerability in Mcafee Data Loss Prevention Endpoint Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2015-02-19 | CVE-2014-1832 | Phusion | Incomplete Fix Insecure Temporary File Creation vulnerability in Ruby Phusion Passenger Phusion Passenger 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. | 2.1 |
2015-02-19 | CVE-2014-1831 | Phusion | Unspecified vulnerability in Phusion Passenger Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. | 2.1 |
2015-02-19 | CVE-2014-6147 | IBM | Information Exposure vulnerability in IBM Flex System Manager IBM Flex System Manager (FSM) 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.0, 1.3.1.0, and 1.3.2.0 allows local users to obtain sensitive information, and consequently gain privileges or conduct impersonation attacks, via unspecified vectors. | 2.1 |
2015-02-18 | CVE-2015-1355 | Siemens | Cryptographic Issues vulnerability in Siemens Simatic Step 7 12.0/13.0/5.5 Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password-hash algorithm, which makes it easier for local users to determine cleartext passwords by reading a project file and conducting a brute-force attack. | 2.1 |
2015-02-17 | CVE-2014-6102 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX008, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products do not properly handle logout actions, which allows remote attackers to bypass intended Cognos BI Direct Integration access restrictions by leveraging an unattended workstation. | 2.1 |