Weekly Vulnerabilities Reports > May 4 to 10, 2015

Overview

19 new vulnerabilities reported during this period, including 2 critical vulnerabilities and 0 high severity vulnerabilities. This weekly summary report vulnerabilities in 16 products from 11 vendors including Apple, Owncloud, Cisco, IBM, and Debian. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Information Exposure", "SQL Injection", and "Command Injection".

  • 18 reported vulnerabilities are remotely exploitables.
  • 7 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 14 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 5 reported vulnerabilities.
  • Cisco has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

2 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-05-07 CVE-2015-0701 Cisco Improper Input Validation vulnerability in Cisco Unified Computing System Central Software

Cisco UCS Central Software before 1.3(1a) allows remote attackers to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCut46961.

10.0
2015-05-07 CVE-2015-0538 EMC Command Injection vulnerability in EMC Autostart 5.5.0

ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allows remote attackers to execute arbitrary commands via crafted packets.

9.3

0 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS

16 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-05-08 CVE-2015-1154 Apple Memory Corruption vulnerability in WebKit

WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1153.

6.8
2015-05-08 CVE-2015-1153 Apple Memory Corruption vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154.

6.8
2015-05-08 CVE-2015-1152 Apple Memory Corruption vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154.

6.8
2015-05-07 CVE-2015-0716 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unity Connection 11.0(0.98000.225)/11.0(0.98000.332)

Cross-site request forgery (CSRF) vulnerability in the CUCReports page in Cisco Unity Connection 11.0(0.98000.225) and 11.0(0.98000.332) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut33659.

6.8
2015-05-07 CVE-2015-0715 Cisco SQL Injection vulnerability in Cisco Unity Connection 11.0(0.98000.225)

SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCut33447 and CSCut33608.

6.5
2015-05-08 CVE-2015-3294 Thekelleys
Oracle
Data Processing Errors vulnerability in multiple products

The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.

6.4
2015-05-08 CVE-2015-3013 Owncloud Injection vulnerability in Owncloud

ownCloud Server before 5.0.19, 6.x before 6.0.7, and 7.x before 7.0.5 allows remote authenticated users to bypass the file blacklist and upload arbitrary files via a file path with UTF-8 encoding, as demonstrated by uploading a .htaccess file.

6.0
2015-05-07 CVE-2015-3610 Siemens Cryptographic Issues vulnerability in Siemens Homecontrol for Room Automation 2.0.0

The Siemens HomeControl for Room Automation application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information or modify data via a crafted certificate.

5.4
2015-05-07 CVE-2015-0531 EMC Improper Access Control vulnerability in EMC Sourceone Email Management 7.1

EMC SourceOne Email Management before 7.2 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

5.0
2015-05-08 CVE-2015-3012 Debian
Kogmbh
Owncloud
Cross-site Scripting vulnerability in multiple products

Multiple cross-site scripting (XSS) vulnerabilities in WebODF before 0.5.5, as used in ownCloud, allow remote attackers to inject arbitrary web script or HTML via a (1) style or (2) font name or (3) javascript or (4) data URI.

4.3
2015-05-08 CVE-2015-2347 Huawei Cross-site Scripting vulnerability in Huawei SEQ Analyst

Cross-site scripting (XSS) vulnerability in Huawei SEQ Analyst before V200R002C03LG0001CP0022 allows remote attackers to inject arbitrary web script or HTML via the command XML element in the req parameter to flexdata.action in (1) common/, (2) monitor/, or (3) psnpm/ or the (4) module XML element in the req parameter to flexdata.action in monitor/.

4.3
2015-05-08 CVE-2014-9716 Kogmbh Cross-site Scripting vulnerability in Kogmbh Webodf

Cross-site scripting (XSS) vulnerability in WebODF before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via a file name.

4.3
2015-05-08 CVE-2015-1156 Apple Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS and Safari

The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a link's target, and spoof the user interface, via a crafted web site.

4.3
2015-05-08 CVE-2015-1155 Apple Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS and Safari

The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.

4.3
2015-05-08 CVE-2015-1907 IBM Information Exposure vulnerability in IBM Rational License KEY Server

The Administration and Reporting Tool in IBM Rational License Key Server (RLKS) 8.1.4 before 8.1.4.7 allows remote authenticated users to read cookies via unspecified vectors.

4.0
2015-05-08 CVE-2014-0919 IBM Information Exposure vulnerability in IBM DB2

IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords during the processing of certain SQL statements by the monitoring and audit facilities, which allows remote authenticated users to obtain sensitive information via commands associated with these facilities.

4.0

1 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-05-08 CVE-2015-3011 Owncloud
Debian
Cross-site Scripting vulnerability in multiple products

Multiple cross-site scripting (XSS) vulnerabilities in the contacts application in ownCloud Server Community Edition before 5.0.19, 6.x before 6.0.7, and 7.x before 7.0.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted contact.

3.5