Weekly Vulnerabilities Reports > June 22 to 28, 2015

Overview

94 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 11 high severity vulnerabilities. This weekly summary report vulnerabilities in 103 products from 43 vendors including Cisco, IBM, Microsoft, Adobe, and Apple. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "7PK - Security Features", "Resource Management Errors", and "Permissions, Privileges, and Access Controls".

  • 87 reported vulnerabilities are remotely exploitables.
  • 5 reported vulnerabilities have public exploit available.
  • 29 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 71 reported vulnerabilities are exploitable by an anonymous user.
  • Cisco has the most reported vulnerabilities, with 25 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 5 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

6 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-06-26 CVE-2015-1158 Cups 7PK - Security Features vulnerability in Cups

The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code.

10.0
2015-06-24 CVE-2015-3112 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Bridge and Photoshop CC

Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10.0
2015-06-24 CVE-2015-3111 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Bridge and Photoshop CC

Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors.

10.0
2015-06-24 CVE-2015-3110 Adobe
Apple
Microsoft
Numeric Errors vulnerability in Adobe Bridge and Photoshop CC

Integer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors.

10.0
2015-06-24 CVE-2015-3109 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Photoshop CC

Adobe Photoshop CC before 16.0 (aka 2015.0.0) allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10.0
2015-06-23 CVE-2015-3113 Adobe
Apple
Microsoft
Linux
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Player

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.

10.0

11 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-06-28 CVE-2015-0550 EMC Path Traversal vulnerability in EMC Documentum Thumbnail Server

Directory traversal vulnerability in EMC Documentum Thumbnail Server 6.7SP1 before P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P01 allows remote attackers to bypass intended Content Server access restrictions via unspecified vectors.

8.5
2015-06-23 CVE-2015-2860 Avigilon Path Traversal vulnerability in Avigilon Control Center 4.12.0.53/5.4.2.21

Directory traversal vulnerability in Avigilon Control Center (ACC) 4 before 4.12.0.54 and 5 before 5.4.2.22 allows remote attackers to read arbitrary files via a crafted help/ URL.

7.8
2015-06-23 CVE-2015-4200 Cisco Resource Management Errors vulnerability in Cisco IOS 15.3(3)S/15.3S

Memory leak in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engine (PRE) module on UBR devices allows remote attackers to cause a denial of service (memory consumption) by triggering an error during CPE negotiation, aka Bug ID CSCug00885.

7.8
2015-06-24 CVE-2015-5068 SAP Information Disclosure vulnerability in SAP Mobile Platform 3.0

XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security Note 2159601.

7.5
2015-06-24 CVE-2015-5067 SAP Credentials Management vulnerability in SAP Netweaver

The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982.

7.5
2015-06-24 CVE-2015-4208 Cisco Information Exposure vulnerability in Cisco Webex Meeting Center

Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which allows remote attackers to obtain sensitive information or conduct SQL injection attacks via vectors involving read access to a request, aka Bug ID CSCup88398.

7.5
2015-06-23 CVE-2014-4882 Aptexx Improper Authentication vulnerability in Aptexx Resident Anywhere

Aptexx Resident Anywhere does not require authentication, which allows remote attackers to obtain sensitive information or modify data via a direct request.

7.5
2015-06-23 CVE-2015-4726 Audiosharescript Code Injection vulnerability in Audiosharescript Audioshare 2.0.2

PHP remote file inclusion vulnerability in ajax/myajaxphp.php in AudioShare 2.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the config['basedir'] parameter.

7.5
2015-06-26 CVE-2015-4224 Cisco OS Command Injection vulnerability in Cisco Wireless LAN Controller Software 7.0(240.0)

Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to execute arbitrary OS commands in a privileged context via crafted CLI commands, aka Bug ID CSCuj39474.

7.2
2015-06-24 CVE-2015-4211 Cisco
Microsoft
Permissions, Privileges, and Access Controls vulnerability in Cisco Anyconnect Secure Mobility Client 3.1(60)

Cisco AnyConnect Secure Mobility Client 3.1(60) on Windows does not properly validate pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCus65862.

7.2
2015-06-27 CVE-2015-4199 Cisco Race Condition vulnerability in Cisco IOS 15.3S

Race condition in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engine (PRE) module on UBR devices allows remote attackers to cause a denial of service (NULL pointer free and module crash) by triggering intermittent connectivity with many IPv6 CPE devices, aka Bug ID CSCug47366.

7.1

68 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-06-28 CVE-2015-1485 Symantec Cross-Site Request Forgery (CSRF) vulnerability in Symantec Data Loss Prevention

Cross-site request forgery (CSRF) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to hijack the authentication of administrators.

6.8
2015-06-28 CVE-2014-6198 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Network Protection Firmware 5.3

Cross-site request forgery (CSRF) vulnerability in IBM Security Network Protection 5.3 before 5.3.1 allows remote attackers to hijack the authentication of arbitrary users.

6.8
2015-06-25 CVE-2015-1851 Canonical
Openstack
Information Exposure vulnerability in multiple products

OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command.

6.8
2015-06-24 CVE-2015-2308 Sensiolabs Code Injection vulnerability in Sensiolabs Symfony

Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element.

6.8
2015-06-23 CVE-2015-4586 Alcatel Lucent Cross-Site Request Forgery (CSRF) vulnerability in Alcatel-Lucent Cellpipe 7130 RG 5Ae.M2013 HOL Firmware 1.0.0.20H.Hol

Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL with firmware 1.0.0.20h.HOL allows remote attackers to hijack the authentication of administrators for requests that create a user account via an add_user action in a request to password.cmd.

6.8
2015-06-23 CVE-2015-4189 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Data Center Analytics Framework 1.4.0

Cross-site request forgery (CSRF) vulnerability in Cisco Data Center Analytics Framework (DCAF) 1.4 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun26807.

6.8
2015-06-23 CVE-2015-4204 Cisco Resource Management Errors vulnerability in Cisco IOS 12.2/12.2(33)

Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE) module on uBR10000 devices allows remote authenticated users to cause a denial of service (memory consumption or PXF process crash) by sending docsIfMCmtsMib SNMP requests quickly, aka Bug ID CSCue65051.

6.8
2015-06-28 CVE-2015-0126 IBM Arbitrary File Upload vulnerability in IBM Leads

IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to bypass intended file-upload restrictions via a modified extension.

6.5
2015-06-28 CVE-2015-1974 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Directory Server

The web administration tool in IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 allows remote authenticated users to bypass intended command restrictions via unspecified vectors.

6.5
2015-06-28 CVE-2015-5078 Limesurvey SQL Injection vulnerability in Limesurvey 2.06+

SQL injection vulnerability in the insert function in application/controllers/admin/dataentry.php in LimeSurvey 2.06+ allows remote authenticated users to execute arbitrary SQL commands via the closedate parameter.

6.5
2015-06-26 CVE-2015-4222 Cisco SQL Injection vulnerability in Cisco Unified Communications Manager IM and Presence Service 9.1(1)

SQL injection vulnerability in Cisco Unified Communications Manager IM and Presence Service 9.1(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuq46325.

6.5
2015-06-22 CVE-2015-4713 Apphp SQL Injection vulnerability in Apphp Hotel Site

SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php.

6.5
2015-06-23 CVE-2015-4209 Cisco Information Exposure vulnerability in Cisco Webex Meeting Center

Cisco WebEx Meeting Center does not properly determine authorization for reading a host calendar, which allows remote attackers to obtain sensitive information by obtaining a list of all meetings and then sending a calendar request for each one, aka Bug ID CSCur23913.

6.4
2015-06-22 CVE-2015-3237 Haxx
HP
Oracle
Improper Input Validation vulnerability in multiple products

The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.

6.4
2015-06-24 CVE-2015-4215 Cisco Resource Management Errors vulnerability in Cisco Wireless LAN Controller Software 7.5.102.0

Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) and 7.6(1.62) allow remote attackers to cause a denial of service (device crash) by triggering an exception during attempted forwarding of unspecified IPv6 packets to a non-IPv6 device, aka Bug ID CSCuj01046.

6.1
2015-06-28 CVE-2015-0115 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Leads

Cross-site request forgery (CSRF) vulnerability in IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to hijack the authentication of customer accounts.

6.0
2015-06-24 CVE-2015-5062 Silverstripe Open Redirection and Cross Site Scripting vulnerability in Silverstripe 3.1.13

Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter to dev/build.

5.8
2015-06-23 CVE-2015-2859 Mcafee Cryptographic Issues vulnerability in Mcafee Epolicy Orchestrator

Intel McAfee ePolicy Orchestrator (ePO) 4.x through 4.6.9 and 5.x through 5.1.2 does not validate server names and Certification Authority names in X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2015-06-22 CVE-2015-3233 Drupal Open Redirection vulnerability in Drupal Core Overlay Module

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

5.8
2015-06-22 CVE-2015-3232 Drupal
Debian
Open Redirection vulnerability in Drupal Field UI Module

Open redirect vulnerability in the Field UI module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destinations parameter.

5.8
2015-06-23 CVE-2015-4205 Cisco Resource Management Errors vulnerability in Cisco IOS XR 5.3.1

Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959.

5.7
2015-06-23 CVE-2015-4203 Cisco Race Condition vulnerability in Cisco IOS 12.2(33)Sch/12.2Sch

Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of service (PXF process crash) by sending malformed MPLS 6VPE packets quickly, aka Bug ID CSCud83396.

5.4
2015-06-26 CVE-2015-1268 Google 7PK - Security Features vulnerability in Google Chrome

bindings/scripts/v8_types.py in Blink, as used in Google Chrome before 43.0.2357.130, does not properly select a creation context for a return value's DOM wrapper, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code, as demonstrated by use of a data: URL.

5.0
2015-06-26 CVE-2015-1267 Google 7PK - Security Features vulnerability in Google Chrome

Blink, as used in Google Chrome before 43.0.2357.130, does not properly restrict the creation context during creation of a DOM wrapper, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that uses a Blink public API, related to WebArrayBufferConverter.cpp, WebBlob.cpp, WebDOMError.cpp, and WebDOMFileSystem.cpp.

5.0
2015-06-26 CVE-2015-1266 Google 7PK - Security Features vulnerability in Google Chrome

content/browser/webui/content_web_ui_controller_factory.cc in Google Chrome before 43.0.2357.130 does not properly consider the scheme in determining whether a URL is associated with a WebUI SiteInstance, which allows remote attackers to bypass intended access restrictions via a similar URL, as demonstrated by use of http://gpu when there is a WebUI class for handling chrome://gpu requests.

5.0
2015-06-26 CVE-2015-4216 Cisco Information Exposure vulnerability in Cisco products

The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers' installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.

5.0
2015-06-25 CVE-2015-4223 Cisco Resource Management Errors vulnerability in Cisco IOS XR 5.1.3

Cisco IOS XR 5.1.3 allows remote attackers to cause a denial of service (process reload) via crafted MPLS Label Distribution Protocol (LDP) packets, aka Bug ID CSCuu77478.

5.0
2015-06-24 CVE-2015-5065 Intelligent IT Path Traversal vulnerability in Intelligent-It Paypal Currency Converter Basic FOR Woocommerce

Absolute path traversal vulnerability in proxy.php in the google currency lookup in the Paypal Currency Converter Basic For WooCommerce plugin before 1.4 for WordPress allows remote attackers to read arbitrary files via a full pathname in the requrl parameter.

5.0
2015-06-24 CVE-2015-3900 Ruby Lang
Rubygems
Oracle
Redhat
7PK - Security Features vulnerability in multiple products

RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hijack attack."

5.0
2015-06-24 CVE-2015-4218 Cisco Information Exposure vulnerability in Cisco Jabber

The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 through 9.7(5) on Windows allows remote attackers to obtain sensitive information via a crafted value in a GET request, aka Bug IDs CSCuu65622 and CSCuu70858.

5.0
2015-06-24 CVE-2015-4212 Cisco Information Exposure vulnerability in Cisco Webex Meeting Center

Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by discovering credentials, aka Bug ID CSCut17466.

5.0
2015-06-24 CVE-2014-4875 Toshiba Information Exposure vulnerability in Toshiba Chec 6.6/6.7

CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server (BOSS) DB2 database credentials by leveraging knowledge of this key in conjunction with bossinfo.pro read access.

5.0
2015-06-23 CVE-2015-0972 Pearson Credentials Management vulnerability in Pearson Proctorcache

Pearson ProctorCache before 2015.1.17 uses the same hardcoded password across different customers' installations, which allows remote attackers to modify test metadata or cause a denial of service (test disruption) by leveraging knowledge of this password.

5.0
2015-06-23 CVE-2015-4207 Cisco Information Exposure vulnerability in Cisco Webex Meeting Center

Cisco WebEx Meeting Center places a meeting's access number in a URL, which allows remote attackers to obtain sensitive information and bypass intended attendance restrictions by visiting a meeting-registration page, aka Bug ID CSCus62147.

5.0
2015-06-22 CVE-2015-3236 Haxx Information Exposure vulnerability in Haxx Curl and Libcurl

cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authentication credentials for a previous connection when reusing a reset (curl_easy_reset) connection handle to send a request to the same host name, which allows remote attackers to obtain sensitive information via unspecified vectors.

5.0
2015-06-22 CVE-2015-4590 Arduino Json Project Buffer Errors vulnerability in Arduino Json Project Arduino Json 4.4

The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service (crash) via a JSON string with a \ (backslash) followed by a terminator, as demonstrated by "\\\0", which triggers a buffer overflow and over-read.

5.0
2015-06-28 CVE-2015-1959 IBM Improper Access Control vulnerability in IBM Tivoli Directory Server

IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 does not properly restrict encrypted files, which allows local users to obtain sensitive information or possibly have unspecified other impact via a (1) download or (2) upload action.

4.6
2015-06-28 CVE-2015-0118 IBM Cryptographic Issues vulnerability in IBM Integration BUS and Websphere Message Broker

IBM WebSphere Message Broker Toolkit 7 before 7007 IF2 and 8 before 8005 IF1 and Integration Toolkit 9 before 9003 IF1 are distributed with MQ client JAR files that support only weak TLS ciphers, which might make it easier for remote attackers to obtain sensitive information by sniffing the network during a connection to an Integration Bus node.

4.3
2015-06-28 CVE-2014-9230 Symantec Cross-Site Scripting vulnerability in Symantec Data Loss Prevention

Cross-site scripting (XSS) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2015-06-28 CVE-2015-1978 IBM Cross-Site Scripting vulnerability in IBM Tivoli Directory Server

Cross-site scripting (XSS) vulnerability in IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2015-06-28 CVE-2015-1972 IBM Information Exposure vulnerability in IBM Tivoli Directory Server

IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 allows remote attackers to obtain sensitive error-log information via a crafted POST request.

4.3
2015-06-28 CVE-2015-0173 IBM Code vulnerability in IBM Websphere MQ Internet Pass Thru 2.1.0.1

The HTTP connection-management functionality in Internet Pass-Thru (IPT) before 2.1.0.2 in IBM WebSphere MQ, when HTTPS is disabled, does not properly generate MQIPT Session IDs, which makes it easier for remote attackers to bypass intended restrictions on MQ message data by predicting an ID value.

4.3
2015-06-28 CVE-2015-4174 Siemens Cross-Site Scripting vulnerability in Siemens Climatix Bacnet/Ip

Cross-site scripting (XSS) vulnerability in the integrated web server on the Siemens Climatix BACnet/IP communication module with firmware before 10.34 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

4.3
2015-06-28 CVE-2015-0989 Icsgmbh Data Processing Errors vulnerability in Icsgmbh Pactware 4.1

PACTware 4.1 SP3 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers an internal error.

4.3
2015-06-26 CVE-2015-1269 Google 7PK - Security Features vulnerability in Google Chrome

The DecodeHSTSPreloadRaw function in net/http/transport_security_state.cc in Google Chrome before 43.0.2357.130 does not properly canonicalize DNS hostnames before making comparisons to HSTS or HPKP preload entries, which allows remote attackers to bypass intended access restrictions via a string that (1) ends in a .

4.3
2015-06-26 CVE-2015-4217 Cisco Information Exposure vulnerability in Cisco products

The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601.

4.3
2015-06-26 CVE-2015-1159 Cups Cross-Site Scripting vulnerability in Cups

Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.

4.3
2015-06-25 CVE-2015-4220 Cisco Cross-Site Scripting vulnerability in Cisco Unified Presence Server 9.1(1)

Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Server 9.1(1) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq03773.

4.3
2015-06-24 CVE-2013-7398 Async Http Client Project
Redhat
Insufficient Verification of Data Authenticity vulnerability in multiple products

main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) before 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate.

4.3
2015-06-24 CVE-2013-7397 Redhat
Async Http Client Project
Insufficient Verification of Data Authenticity vulnerability in multiple products

Async Http Client (aka AHC or async-http-client) before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle attackers to spoof HTTPS servers by presenting an arbitrary certificate during use of a typical AHC configuration, as demonstrated by a configuration that does not send client certificates.

4.3
2015-06-24 CVE-2015-5066 Metalgenix Cross-Site Scripting vulnerability in Metalgenix Genixcms 0.0.3

Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) content or (2) title field in an add action in the posts page to index.php or the (3) q parameter in the posts page to index.php.

4.3
2015-06-24 CVE-2015-5064 Mysql Lite Administrator Project Cross-Site Scripting vulnerability in Mysql-Lite-Administrator Project Mysql-Lite-Administrator

Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite Administrator (mysql-lite-administrator) beta-1 allow remote attackers to inject arbitrary web script or HTML via the table_name parameter to (1) tabella.php, (2) coloni.php, or (3) insert.php or (4) num_row parameter to coloni.php.

4.3
2015-06-24 CVE-2015-5063 Silverstripe Cross-Site Scripting vulnerability in Silverstripe 3.1.13

Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework 3.1.13 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter to install.php.

4.3
2015-06-24 CVE-2015-4413 Nextendweb Cross-Site Scripting vulnerability in Nextendweb Facebook Connect

Cross-site scripting (XSS) vulnerability in the new_fb_sign_button function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirect_to parameter.

4.3
2015-06-24 CVE-2015-2169 Zohocorp Cross-Site Scripting vulnerability in Zohocorp Manageengine Assetexplorer 6.1

Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExplorer 6.1 service pack 6112 allows remote attackers to inject arbitrary web script or HTML via a Publisher registry entry, which is not properly handled when the machine is scanned.

4.3
2015-06-23 CVE-2015-4725 Audiosharescript Cross-Site Scripting vulnerability in Audiosharescript Audioshare 2.0.2

Cross-site scripting (XSS) vulnerability in forgot.php in AudioShare 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the email parameter.

4.3
2015-06-23 CVE-2015-4210 Cisco Cross-Site Scripting vulnerability in Cisco Webex Meeting Center

Cross-site scripting (XSS) vulnerability in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCur03806.

4.3
2015-06-22 CVE-2015-3234 Drupal
Debian
Improper Input Validation vulnerability in multiple products

The OpenID module in Drupal 6.x before 6.36 and 7.x before 7.38 allows remote attackers to log into other users' accounts by leveraging an OpenID identity from certain providers, as demonstrated by the Verisign, LiveJournal, and StackExchange providers.

4.3
2015-06-22 CVE-2015-4714 Dream Multimedia TV Cross-Site Scripting vulnerability in Dream-Multimedia-Tv Dreambox Dm500-S Firmware

Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S allows remote attackers to inject arbitrary web script or HTML via the mode parameter to /body.

4.3
2015-06-22 CVE-2015-0526 EMC Cross-Site Scripting vulnerability in EMC RSA Validation Manager

Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Validation Manager (RVM) 3.2 before build 201 allow remote attackers to inject arbitrary web script or HTML via the (1) displayMode or (2) wrapPreDisplayMode parameter.

4.3
2015-06-28 CVE-2015-2965 Oscommerce Path Traversal vulnerability in Oscommerce

Directory traversal vulnerability in osCommerce Japanese 2.2ms1j-R8 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors.

4.0
2015-06-28 CVE-2015-1884 IBM Path Traversal vulnerability in IBM Business Process Manager and Websphere

Directory traversal vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2 through 7.2.0.5 allows remote authenticated users to read arbitrary files via a crafted internationalization-file URL.

4.0
2015-06-27 CVE-2015-4225 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os 1.0(1.110A)/1.0(1E)

Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.

4.0
2015-06-26 CVE-2015-4221 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Communications Manager IM and Presence Service 9.1(1)

Cisco Unified Communications Manager IM and Presence Service 9.1(1) does not properly restrict access to encrypted passwords, which allows remote attackers to determine cleartext passwords, and consequently execute arbitrary commands, by visiting an unspecified web page and then conducting a decryption attack, aka Bug ID CSCuq46194.

4.0
2015-06-24 CVE-2015-4219 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco products

Cisco Secure Access Control System before 5.4(0.46.2) and 5.5 before 5.5(0.46) and Cisco Identity Services Engine 1.0(4.573) do not properly implement access control for support bundles, which allows remote authenticated users to obtain sensitive information via brute-force attempts to send valid credentials, aka Bug IDs CSCue00833 and CSCub40331.

4.0
2015-06-24 CVE-2015-4214 Cisco Information Exposure vulnerability in Cisco Unified Meetingplace 8.6(1.2)/8.6(1.9)

Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) allows remote authenticated users to discover cleartext passwords by reading HTML source code, aka Bug ID CSCuu33050.

4.0
2015-06-24 CVE-2015-4213 Cisco Information Exposure vulnerability in Cisco Nx-Os 1.1(1G)

Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.

4.0
2015-06-22 CVE-2015-3231 Drupal
Debian
Information Exposure vulnerability in multiple products

The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache.

4.0

9 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-06-28 CVE-2015-0131 IBM Cross-Site Scripting vulnerability in IBM Leads

Cross-site scripting (XSS) vulnerability in IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2015-06-28 CVE-2015-0127 IBM 7PK - Security Features vulnerability in IBM Leads

IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 does not properly restrict use of FRAME elements, which allows remote authenticated users to conduct phishing attacks via a crafted web site.

3.5
2015-06-28 CVE-2015-0116 IBM Injection vulnerability in IBM Leads

IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 does not properly restrict the addition of links, which makes it easier for remote authenticated users to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.

3.5
2015-06-28 CVE-2015-0549 EMC Cross-Site Scripting vulnerability in EMC Documentum D2

Cross-site scripting (XSS) vulnerability in EMC Documentum D2 before 4.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2015-06-24 CVE-2015-5061 Zohocorp Cross-Site Scripting vulnerability in Zohocorp Manageengine Assetexplorer 6.1

Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExplorer 6.1 service pack 6112 and earlier allows remote authenticated users with permissions to add new vendors to inject arbitrary web script or HTML via the organizationName parameter to VendorDef.do.

3.5
2015-06-28 CVE-2014-4768 IBM Denial of Service vulnerability in IBM Unified Extensible Firmware Interface

IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of service by using privileged access to enable a legacy boot mode.

2.1
2015-06-28 CVE-2015-2019 IBM Code vulnerability in IBM Tivoli Directory Server

IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 does not prevent caching of documents retrieved in SSL sessions, which allows physically proximate attackers to obtain sensitive information by leveraging an unattended workstation.

2.1
2015-06-28 CVE-2015-1981 IBM Cross-Site Scripting vulnerability in IBM Domino

Cross-site scripting (XSS) vulnerability in the web server in IBM Domino 8.5.x before 8.5.3 FP6 IF8 and 9.x before 9.0.1 FP4, when Webmail is enabled, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYH9WYPR5.

2.1
2015-06-28 CVE-2015-1901 IBM Information Exposure vulnerability in IBM Infosphere Information Server

The installer in IBM InfoSphere Information Server 8.5 through 11.3 before 11.3.1.2 allows local users to obtain sensitive information via unspecified commands.

1.9