Weekly Vulnerabilities Reports > April 20 to 26, 2015

Overview

89 new vulnerabilities reported during this period, including 4 critical vulnerabilities and 10 high severity vulnerabilities. This weekly summary report vulnerabilities in 109 products from 73 vendors including Debian, Canonical, Apple, Cisco, and Haxx. Vulnerabilities are notably categorized as "Cross-site Scripting", "Cross-Site Request Forgery (CSRF)", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Permissions, Privileges, and Access Controls".

  • 83 reported vulnerabilities are remotely exploitables.
  • 4 reported vulnerabilities have public exploit available.
  • 34 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 60 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 11 reported vulnerabilities.
  • Cisco has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

4 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-04-21 CVE-2015-0135 IBM Numeric Errors vulnerability in IBM Domino

IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute arbitrary code or cause a denial of service (integer truncation and application crash) via a crafted GIF image, aka SPR KLYH9T7NT9.

10.0
2015-04-24 CVE-2015-3144 Oracle
Haxx
Canonical
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-length host name, as demonstrated by "http://:80" and ":80." The previous CVSS assessment 7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) was provided at the time of initial analysis based on the best available published information at that time.

9.0
2015-04-24 CVE-2015-0297 Redhat Improper Access Control vulnerability in Redhat Jboss Operations Network 3.3.1

Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methods via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager.

9.0
2015-04-21 CVE-2015-0702 Cisco Improper Input Validation vulnerability in Cisco Unified Meetingplace 8.6(1.9)

Unrestricted file upload vulnerability in the Custom Prompts upload implementation in Cisco Unified MeetingPlace 8.6(1.9) allows remote authenticated users to execute arbitrary code by using the languageShortName parameter to upload a file that provides shell access, aka Bug ID CSCus95712.

9.0

10 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-04-22 CVE-2015-3035 TP Link Path Traversal vulnerability in Tp-Link products

Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310 allows remote attackers to read arbitrary files via a ..

7.8
2015-04-24 CVE-2015-3416 Canonical
Sqlite
Debian
Apple
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.

7.5
2015-04-24 CVE-2015-3415 Apple
Debian
Canonical
Sqlite
Improper Input Validation vulnerability in multiple products

The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.

7.5
2015-04-24 CVE-2015-3414 Sqlite
Apple
Debian
Canonical
Improper Input Validation vulnerability in multiple products

SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement.

7.5
2015-04-24 CVE-2015-3145 Fedoraproject
Canonical
Debian
Haxx
Apple
Oracle
HP
Opensuse
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.

7.5
2015-04-21 CVE-2014-8125 Redhat XML External Entity Information Disclosure vulnerability in jBPM and Drools

XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file.

7.5
2015-04-21 CVE-2015-3346 Wikiwiki Project SQL Injection vulnerability in Wikiwiki Project Wikiwiki 6.X1.1

SQL injection vulnerability in the WikiWiki module before 6.x-1.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2015-04-21 CVE-2015-2825 Simple ADS Manager Project Unspecified vulnerability in Simple ADS Manager Project Simple ADS Manager 2.5.94

Unrestricted file upload vulnerability in sam-ajax-admin.php in the Simple Ads Manager plugin before 2.5.96 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the directory specified by the path parameter.

7.5
2015-04-21 CVE-2014-5370 NEW Atlanta Path Traversal vulnerability in NEW Atlanta Bluedragon 7.1.1

Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a ..

7.5
2015-04-21 CVE-2015-1701 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability."

7.2

52 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-04-22 CVE-2015-1484 Symantec Local Privilege Escalation vulnerability in Symantec Workspace Streaming 6.1/7.5

Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.

6.9
2015-04-24 CVE-2015-3417 Ffmpeg
Debian
Denial of Service vulnerability in FFmpeg 'libavcodec/h264.c' Use After Free

Use-after-free vulnerability in the ff_h264_free_tables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references H.264 data.

6.8
2015-04-24 CVE-2012-2930 Tinywebgallery Cross-Site Request Forgery (CSRF) vulnerability in Tinywebgallery

Multiple cross-site request forgery (CSRF) vulnerabilities in TinyWebGallery (TWG) before 1.8.8 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user via an adduser action to admin/index.php or (2) conduct static PHP code injection attacks in .htusers.php via the user parameter to admin/index.php.

6.8
2015-04-22 CVE-2015-0705 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Meetingplace 8.6(1.9)

Cross-site request forgery (CSRF) vulnerability in the SOAP API endpoints of the web-services directory in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts, aka Bug ID CSCus97494.

6.8
2015-04-22 CVE-2015-0704 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Meetingplace 8.6(1.9)

Multiple cross-site request forgery (CSRF) vulnerabilities in API features in Cisco Unified MeetingPlace 8.6(1.9) allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus95884.

6.8
2015-04-21 CVE-2015-3370 Node Invite Project Cross-Site Request Forgery (CSRF) vulnerability in Node Invite Project Node Invite 6.X2.3

Cross-site request forgery (CSRF) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to hijack the authentication of users with the "node_invite_can_manage_invite" permission for requests that re-enable node invitations via unspecified vectors.

6.8
2015-04-21 CVE-2015-3367 Patterns Cross-Site Request Forgery (CSRF) vulnerability in Patterns 7.X2.1

Multiple cross-site request forgery (CSRF) vulnerabilities in the Patterns module before 7.x-2.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) restore, (2) publish, or (3) unpublish a pattern via unspecified vectors.

6.8
2015-04-21 CVE-2015-3363 Joshics Cross-Site Request Forgery (CSRF) vulnerability in Joshics Contact Form Fields 6.X2.2

Cross-site request forgery (CSRF) vulnerability in the Contact Form Fields module before 6.x-2.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete fields via unspecified vectors.

6.8
2015-04-21 CVE-2015-3356 Tadaa Project Cross-Site Request Forgery (CSRF) vulnerability in Tadaa! Project Tadaa! 7.X1.3

Multiple cross-site request forgery (CSRF) vulnerabilities in the Tadaa! module before 7.x-1.4 for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) enable or (2) disable modules or (3) change variables via unspecified vectors.

6.8
2015-04-21 CVE-2015-3355 Batch Jobs Project Cross-Site Request Forgery (CSRF) vulnerability in Batch Jobs Project Batch Jobs 7.X1.1

Multiple cross-site request forgery (CSRF) vulnerabilities in the Batch Jobs module before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of certain users for requests that (1) delete a batch job record or (2) execute a task via unspecified vectors.

6.8
2015-04-21 CVE-2015-3352 Jammer Project Cross-Site Request Forgery (CSRF) vulnerability in Jammer Project Jammer

Multiple cross-site request forgery (CSRF) vulnerabilities in the Jammer module before 6.x-1.8 and 7.x-1.x before 7.x-1.4 for Drupal allow remote attackers to hijack the authentication of administrators for requests that delete a setting for (1) hidden form elements or (2) status messages via unspecified vectors, related to "report administration."

6.8
2015-04-21 CVE-2015-3351 LOG Watcher Project Cross-Site Request Forgery (CSRF) vulnerability in LOG Watcher Project LOG Watcher

Multiple cross-site request forgery (CSRF) vulnerabilities in the Log Watcher module before 6.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable, (2) disable, or (3) delete a report via unspecified vectors.

6.8
2015-04-21 CVE-2015-3350 Todo Filter Project Cross-Site Request Forgery (CSRF) vulnerability in Todo Filter Project Todo Filter 6.X1.0/7.X1.0/7.X1.Xdev

Cross-site request forgery (CSRF) vulnerability in the Todo Filter module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that toggle a task via unspecified vectors.

6.8
2015-04-21 CVE-2015-3349 Htaccess Project Cross-Site Request Forgery (CSRF) vulnerability in Htaccess Project Htaccess

Multiple cross-site request forgery (CSRF) vulnerabilities in the Htaccess module before 7.x-2.3 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) deploy or (2) delete an .htaccess file via unspecified vectors.

6.8
2015-04-21 CVE-2015-3347 Cloudwords Cross-Site Request Forgery (CSRF) vulnerability in Cloudwords for Multilingual 7.X2.2

Cross-site request forgery (CSRF) vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback.

6.8
2015-04-21 CVE-2015-3343 Opac Project Cross-Site Request Forgery (CSRF) vulnerability in Opac Project Opac 7.X2.0

Cross-site request forgery (CSRF) vulnerability in the OPAC module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims for requests that remove a mapping via unknown vectors.

6.8
2015-04-21 CVE-2014-5361 Landesk Cross-Site Request Forgery (CSRF) vulnerability in Landesk Management Suite 8.7/8.8/9.6

Multiple cross-site request forgery (CSRF) vulnerabilities in Landesk Management Suite 9.6 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) start, (2) stop, or (3) restart services via a request to remote/serverServices.aspx.

6.8
2015-04-22 CVE-2015-1889 IBM SQL Injection vulnerability in IBM Infosphere Biginsights 3.0.0.0/3.0.0.1/3.0.0.2

The Big SQL component in IBM InfoSphere BigInsights 3.0 through 3.0.0.2 allows remote authenticated users to bypass intended HDFS data-access restrictions via (1) a crafted CREATE HADOOP TABLE statement referencing the data of an arbitrary user or (2) an import of a certain Hive table definition with the HCAT_SYNC_OBJECTS procedure.

6.5
2015-04-21 CVE-2015-3345 Phplist Integration Project SQL Injection vulnerability in PHPlist Integration Project PHPlist Integration 6.X1.6

SQL injection vulnerability in the PHPlist Integration Module before 6.x-1.7 for Drupal allows remote administrators to execute arbitrary SQL commands via unspecified vectors, related to the "phpList database."

6.5
2015-04-24 CVE-2011-4403 ZEN Cart Cross-Site Request Forgery (CSRF) vulnerability in Zen-Cart ZEN Cart 1.3.9H

Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.php.

5.8
2015-04-23 CVE-2015-0706 Cisco HTTP Open Redirection vulnerability in Cisco Firesight System Software 5.3.1.1/5.3.1.2/6.0.0

Open redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0 in FireSIGHT Management Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted HTTP header, aka Bug IDs CSCut06060, CSCut06056, and CSCus98966.

5.8
2015-04-21 CVE-2015-3393 Fibonacciorange Unspecified vulnerability in Fibonacciorange Wedeal 7.X1.2

Open redirect vulnerability in the Commerce WeDeal module before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter.

5.8
2015-04-21 CVE-2015-3388 Balanced Cross-Site Request Forgery (CSRF) vulnerability in Balanced Commerce Balanced Payments 7.X1.2

Cross-site request forgery (CSRF) vulnerability in the Commerce Balanced Payments module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete the user's configured bank accounts via unspecified vectors.

5.8
2015-04-21 CVE-2015-3383 Insite Cross-Site Scripting and Cross Site Request Forgery vulnerability in Insite Node Basket 7.X1.0

Open redirect vulnerability in the Node basket module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

5.8
2015-04-21 CVE-2015-3382 Insite Cross-Site Request Forgery (CSRF) vulnerability in Insite Node Basket 7.X1.0

Multiple cross-site request forgery (CSRF) vulnerabilities in the Node basket module for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add or (2) remove nodes from a basket via unspecified vectors.

5.8
2015-04-21 CVE-2015-3380 Funnymonkey Cross-Site Request Forgery (CSRF) vulnerability in Funnymonkey Feature SET 7.X1.0Beta1

Multiple cross-site request forgery (CSRF) vulnerabilities in the Feature Set module for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable or (2) disable a module via unspecified vectors.

5.8
2015-04-21 CVE-2015-3375 Niif Cross-Site Request Forgery (CSRF) vulnerability in Niif Shibboleth Authentication 6.X4.0/7.X4.0

Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6.x-4.1 and 7.x-4.x before 7.x-4.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete user role matching rules via unspecified vectors.

5.8
2015-04-21 CVE-2015-3374 Corner Project Cross-Site Request Forgery (CSRF) vulnerability in Corner Project Corner

Multiple cross-site request forgery (CSRF) vulnerabilities in the Corner module for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable or (2) disable corners via unspecified vectors.

5.8
2015-04-21 CVE-2015-3371 Node Invite Project Input Validation vulnerability in Node Invite Project Node Invite 6.X2.3

Open redirect vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter.

5.8
2015-04-21 CVE-2015-3366 Alfresco Cross-Site Request Forgery (CSRF) vulnerability in Alfresco 6.X1.2

Cross-site request forgery (CSRF) vulnerability in the Alfresco module before 6.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete an alfresco node via unspecified vectors.

5.8
2015-04-21 CVE-2015-3358 Tadaa Project Cross-Site Request Forgery vulnerability in Tadaa! Project Tadaa! 7.X1.3

Multiple open redirect vulnerabilities in the Tadaa! module before 7.x-1.4 for Drupal allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a destination parameter, related to callbacks that (1) enable and disable modules or (2) change variables.

5.8
2015-04-21 CVE-2015-3354 Wishlist Project Cross-Site Request Forgery (CSRF) vulnerability in Wishlist Project Wishlist 7.X2.5/7.X2.6/7.X2.Xdev

Cross-site request forgery (CSRF) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete wishlist purchase intentions via unspecified vectors.

5.8
2015-04-21 CVE-2015-3342 Ubercart Currency Conversion Project Unspecified vulnerability in Ubercart Currency Conversion Project Ubercart Currency Conversion 6.X1.1

Open redirect vulnerability in the Ubercart Currency Conversion module before 6.x-1.2 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination query parameter.

5.8
2015-04-24 CVE-2015-3148 Fedoraproject
Canonical
Debian
Apple
Haxx
HP
Opensuse
Improper Access Control vulnerability in multiple products

cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.

5.0
2015-04-24 CVE-2015-3143 Haxx
Canonical
Debian
HP
Apple
Permissions, Privileges, and Access Controls vulnerability in multiple products

cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.

5.0
2015-04-24 CVE-2015-0846 Django Markupfield Project Information Exposure vulnerability in Django-Markupfield Project Django-Markupfield 1.3.1

django-markupfield before 1.3.2 uses the default docutils RESTRUCTUREDTEXT_FILTER_SETTINGS settings, which allows remote attackers to include and read arbitrary files via unspecified vectors.

5.0
2015-04-24 CVE-2012-5451 Tvmobili Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tvmobili

Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi before 2.1.0.3974 allow remote attackers to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.

5.0
2015-04-24 CVE-2015-0911 Dounokouno Path Traversal vulnerability in Dounokouno Transmitmail

Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling.

5.0
2015-04-21 CVE-2015-3391 Path Breadcrumbs Project Information Exposure vulnerability in Path Breadcrumbs Project Path Breadcrumbs 7.X3.0/7.X3.1

The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page.

5.0
2015-04-21 CVE-2014-8111 Apache Information Exposure vulnerability in Apache Tomcat Connectors 1.2.40

Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified vectors.

5.0
2015-04-21 CVE-2015-3373 Amazon AWS Project Information Exposure vulnerability in Amazon AWS Project Amazon AWS 7.X1.2

The Amazon AWS module before 7.x-1.3 for Drupal uses the base URL and AWS access key to generate the access token, which makes it easier for remote attackers to guess the token value and create backups via a crafted URL.

5.0
2015-04-21 CVE-2015-3378 Views Project Unspecified vulnerability in Views Project Views

Open redirect vulnerability in the Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal, when the Views UI submodule is enabled, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to the break lock page for edited views.

4.9
2015-04-21 CVE-2014-9718 Debian
Qemu
Resource Management Errors vulnerability in multiple products

The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions.

4.9
2015-04-21 CVE-2015-2042 Linux Code vulnerability in Linux Kernel

net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.

4.6
2015-04-21 CVE-2015-2041 Suse
Linux
Debian
Code vulnerability in multiple products

net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.

4.6
2015-04-24 CVE-2015-3310 Canonical
Debian
Point TO Point Protocol Project
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server.

4.3
2015-04-24 CVE-2012-2932 Tinywebgallery Cross-site Scripting vulnerability in Tinywebgallery

Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery (TWG) before 1.8.8 allow remote attackers to inject arbitrary web script or HTML via the selitems[] parameter in a (1) copy, (2) chmod, or (3) arch action to admin/index.php or (4) searchitem parameter in a search action to admin/index.php.

4.3
2015-04-24 CVE-2015-0910 Dounokouno Cross-site Scripting vulnerability in Dounokouno Transmitmail

Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename.

4.3
2015-04-21 CVE-2015-3364 Levelteninteractive Cross-site Scripting vulnerability in Levelteninteractive Content Analysis 6.X1.6

Cross-site scripting (XSS) vulnerability in the Content Analysis module before 6.x-1.7 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a log message.

4.3
2015-04-21 CVE-2015-0703 Cisco Cross-site Scripting vulnerability in Cisco Unified Meetingplace 8.6(1.9)

Cross-site scripting (XSS) vulnerability in the administrative web interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus95857.

4.3
2015-04-22 CVE-2015-3404 Certify Project Information Exposure vulnerability in Certify Project Certify 6.X2.2

The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF certificate information via vectors related to "showing (and creating) the PDF certificates."

4.0
2015-04-21 CVE-2015-3379 Views Project Permissions, Privileges, and Access Controls vulnerability in Views Project Views

The Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to the default views configurations, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

4.0

23 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-04-23 CVE-2015-0707 Cisco Cross-site Scripting vulnerability in Cisco Firesight System Software 5.3.1.1/6.0.0

Cross-site scripting (XSS) vulnerability in Cisco FireSIGHT System Software 5.3.1.1 and 6.0.0 in FireSIGHT Management Center allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCus85425.

3.5
2015-04-21 CVE-2015-3392 Ajax Timeline Project Cross-site Scripting vulnerability in Ajax Timeline Project Ajax Timeline 7.X1.0

Cross-site scripting (XSS) vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.

3.5
2015-04-21 CVE-2015-3390 Facebook Album Fetcher Project Cross-site Scripting vulnerability in Facebook Album Fetcher Project Facebook Album Fetcher 7.X1.Xdev

Cross-site scripting (XSS) vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors.

3.5
2015-04-21 CVE-2015-3389 Public Download Count Project Cross-site Scripting vulnerability in Public Download Count Project Public Download Count 7.X1.Xdev

Cross-site scripting (XSS) vulnerability in the Download counts report page in the Public Download Count module (pubdlcnt) 7.x-1.x-dev and earlier for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2015-04-21 CVE-2015-3387 Taxonomy Tools Project Cross-site Scripting vulnerability in Taxonomy Tools Project Taxonomy Tools

Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Tools module before 7.x-1.4 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via a (1) node or (2) taxonomy term title.

3.5
2015-04-21 CVE-2015-3386 Node Access Product Project Cross-site Scripting vulnerability in Node Access Product Project Node Access Product 7.X1.0

Cross-site scripting (XSS) vulnerability in the Node Access Product module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.

3.5
2015-04-21 CVE-2015-3385 Taxonomy Path Project Cross-site Scripting vulnerability in Taxonomy Path Project Taxonomy Path 7.X1.1

Cross-site scripting (XSS) vulnerability in the Taxonomy Path module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the "Link to path" field formatter.

3.5
2015-04-21 CVE-2015-3384 Commerce Balanced Payments Project Cross-site Scripting vulnerability in Commerce Balanced Payments Project Commerce Balanced Payments 7.X1.2

Cross-site scripting (XSS) vulnerability in the Bank Account Listing Page in the Commerce Balanced Payments module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2015-04-21 CVE-2015-3381 Insite Cross-site Scripting vulnerability in Insite Node Basket 7.X1.0

Cross-site scripting (XSS) vulnerability in the Node basket module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2015-04-21 CVE-2015-3376 Quizzler Project Cross-site Scripting vulnerability in Quizzler Project Quizzler 7.X1.15

Cross-site scripting (XSS) vulnerability in the Quizzler module before 7-x.1.16 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.

3.5
2015-04-21 CVE-2015-3372 Node Invite Project Cross-site Scripting vulnerability in Node Invite Project Node Invite 6.X2.3

Cross-site scripting (XSS) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.

3.5
2015-04-21 CVE-2015-3369 Taxonews Project Cross-site Scripting vulnerability in Taxonews Project Taxonews 6.X1.1/7.X1.0

Cross-site scripting (XSS) vulnerability in the Taxonews module before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a term name in a block.

3.5
2015-04-21 CVE-2015-3368 Osinet Cross-site Scripting vulnerability in Osinet Classified ADS 6.X3.1/7.X3.1

Cross-site scripting (XSS) vulnerability in the administration user interface in the Classified Ads module before 6.x-3.1 and 7.x-3.x before 7.x-3.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a category name.

3.5
2015-04-21 CVE-2015-3365 Nodeauthor Project Cross-site Scripting vulnerability in Nodeauthor Project Nodeauthor

Cross-site scripting (XSS) vulnerability in the nodeauthor module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a Profile2 field in a provided block.

3.5
2015-04-21 CVE-2015-3362 Video Project Cross-site Scripting vulnerability in Video Project Video 7.X2.10

Cross-site scripting (XSS) vulnerability in the Video module before 7.x-2.11 for Drupal, when using the video WYSIWYG plugin, allows remote authenticated users to inject arbitrary web script or HTML via a node title.

3.5
2015-04-21 CVE-2015-3360 Term Merge Project Cross-site Scripting vulnerability in Term Merge Project Term Merge 7.X1.1

Cross-site scripting (XSS) vulnerability in the Term Merge module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2015-04-21 CVE-2015-3359 Room Reservations Project Cross-site Scripting vulnerability in Room Reservations Project Room Reservations 7.X1.0

Multiple cross-site scripting (XSS) vulnerabilities in the Room Reservations module before 7.x-1.1 for Drupal allow remote authenticated users with the "Administer the room reservations system" permission to inject arbitrary web script or HTML via the (1) node title of a "Room Reservations Category" or (2) body of a "Room Reservations Room" node.

3.5
2015-04-21 CVE-2015-3357 Wishlist Project Cross-site Scripting vulnerability in Wishlist Project Wishlist 7.X2.5/7.X2.6/7.X2.Xdev

Cross-site scripting (XSS) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote authenticated users with the "access wishlists" permission to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a log message.

3.5
2015-04-21 CVE-2015-3353 Field Display Label Project Cross-site Scripting vulnerability in Field Display Label Project Field Display Label 7.X1.2

Cross-site scripting (XSS) vulnerability in the Field Display Label module before 7.x-1.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the alternate field label in content types settings.

3.5
2015-04-21 CVE-2015-3348 Cloudwords Cross-site Scripting vulnerability in Cloudwords for Multilingual 7.X2.2

Cross-site scripting (XSS) vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.

3.5
2015-04-21 CVE-2015-3344 DLC Solutions Cross-site Scripting vulnerability in DLC Solutions Course

Cross-site scripting (XSS) vulnerability in the Course module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.

3.5
2015-04-21 CVE-2014-3586 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Enterprise Application Platform

The default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly (formerly JBoss Application Server) uses weak permissions for .jboss-cli-history, which allows local users to obtain sensitive information via unspecified vectors.

2.1
2015-04-21 CVE-2015-3361 Linkit Project Cross-site Scripting vulnerability in Linkit Project Linkit

Cross-site scripting (XSS) vulnerability in the Linkit module before 7.x-2.7 and 7.x-3.x before 7.x-3.3 for Drupal, when the node search plugin is enabled, allows remote authenticated users to inject arbitrary web script or HTML via a node title.

2.1