Weekly Vulnerabilities Reports > August 24 to 30, 2015

Overview

72 new vulnerabilities reported during this period, including 3 critical vulnerabilities and 28 high severity vulnerabilities. This weekly summary report vulnerabilities in 113 products from 35 vendors including HP, Cisco, Drupal, Oracle, and Apple. Vulnerabilities are notably categorized as "Information Exposure", "Resource Management Errors", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", and "Cross-site Scripting".

  • 68 reported vulnerabilities are remotely exploitables.
  • 1 reported vulnerabilities have public exploit available.
  • 7 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 57 reported vulnerabilities are exploitable by an anonymous user.
  • HP has the most reported vulnerabilities, with 30 reported vulnerabilities.
  • Adobe has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

3 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-08-29 CVE-2015-4497 Mozilla Use After Free Denial of Service vulnerability in Mozilla Firefox and Firefox ESR

Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.

10.0
2015-08-28 CVE-2015-1171 GSM Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GSM SIM Card Editor 6.6

Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) 6.6 allows remote attackers to execute arbitrary code via a long entry in a .sms file.

10.0
2015-08-24 CVE-2015-5566 Adobe
Linux
Apple
Microsoft
Unspecified vulnerability in Adobe products

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

10.0

28 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-08-29 CVE-2015-6273 Cisco Resource Management Errors vulnerability in Cisco IOS XE

Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly (VFR) by certain firewall and NAT components, which allows remote attackers to cause a denial of service (Embedded Services Processor crash) via crafted IP packets, aka Bug IDs CSCtf87624, CSCte93229, CSCtd19103, and CSCti63623.

7.8
2015-08-29 CVE-2015-6268 Cisco Resource Management Errors vulnerability in Cisco IOS XE 2.2.1/2.2.2

Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted IPv4 UDP packet, aka Bug ID CSCsw95482.

7.8
2015-08-29 CVE-2015-6267 Cisco Resource Management Errors vulnerability in Cisco IOS XE 2.2.1/2.2.2

Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted L2TP packet, aka Bug IDs CSCsw95722 and CSCsw95496.

7.8
2015-08-27 CVE-2015-5368 HP Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP products

The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows remote attackers to modify data or cause a denial of service, or execute arbitrary code, via unspecified vectors.

7.8
2015-08-24 CVE-2014-9744 Opensuse
Polarssl
Resource Management Errors vulnerability in multiple products

Memory leak in PolarSSL before 1.3.9 allows remote attackers to cause a denial of service (memory consumption) via a large number of ClientHello messages.

7.8
2015-08-24 CVE-2015-5058 F5 Resource Management Errors vulnerability in F5 products

Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.5.x before 11.5.1 HF10, 11.5.3 before HF1, and 11.6.0 before HF5, BIG-IQ Cloud, Device, and Security 4.4.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted ICMP packets.

7.8
2015-08-30 CVE-2015-4555 Tibco Buffer Overflow vulnerability in Multiple TIBCO Products

Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the Rendezvous Daemon (rvd), Routing Daemon (rvrd), Secure Daemon (rvsd), Secure Routing Daemon (rvsrd), Gateway Daemon (rvgd), Daemon Adapter (rvda), Cache (rvcache), Agent (rva), and Relay Agent (rvrad) components.

7.5
2015-08-29 CVE-2015-4498 Mozilla 7PK - Security Features vulnerability in Mozilla Firefox and Firefox ESR

The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process.

7.5
2015-08-28 CVE-2014-9651 Call CC Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Call-Cc Chicken 4.10.0/4.9.0/4.9.0.1

Buffer overflow in CHICKEN 4.9.0.x before 4.9.0.2, 4.9.x before 4.9.1, and before 5.0 allows attackers to have unspecified impact via a positive START argument to the "substring-index[-ci] procedures."

7.5
2015-08-27 CVE-2015-5432 HP Unspecified vulnerability in HP Virtual Connect Enterprise Manager SDK 7.4.0

HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors.

7.5
2015-08-27 CVE-2015-5429 HP Unspecified vulnerability in HP Matrix Operating Environment 7.4

HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5427 and CVE-2015-5428.

7.5
2015-08-27 CVE-2015-5428 HP Unspecified vulnerability in HP Matrix Operating Environment 7.4

HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5427 and CVE-2015-5429.

7.5
2015-08-27 CVE-2015-5427 HP Unspecified vulnerability in HP Matrix Operating Environment 7.4

HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5428 and CVE-2015-5429.

7.5
2015-08-27 CVE-2015-5404 HP Unspecified vulnerability in HP Systems Insight Manager

HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors.

7.5
2015-08-26 CVE-2015-5409 HP Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP Version Control Repository Manager

Buffer overflow in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors.

7.5
2015-08-24 CVE-2015-5424 HP Remote Code Execution vulnerability in HP Keyview 10.23.0.0/10.24.0.0

Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2885.

7.5
2015-08-24 CVE-2015-5423 HP Remote Code Execution vulnerability in HP Keyview 10.23.0.0/10.24.0.0

Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2884.

7.5
2015-08-24 CVE-2015-5422 HP Remote Code Execution vulnerability in HP Keyview 10.23.0.0/10.24.0.0

Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2883.

7.5
2015-08-24 CVE-2015-5421 HP Remote Code Execution vulnerability in HP Keyview 10.23.0.0/10.24.0.0

Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2881.

7.5
2015-08-24 CVE-2015-5420 HP Remote Code Execution vulnerability in HP Keyview 10.23.0.0/10.24.0.0

Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2880.

7.5
2015-08-24 CVE-2015-5419 HP Remote Code Execution vulnerability in HP Keyview 10.23.0.0/10.24.0.0

Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2879.

7.5
2015-08-24 CVE-2015-5418 HP Remote Code Execution vulnerability in HP Keyview 10.23.0.0/10.24.0.0

Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2877.

7.5
2015-08-24 CVE-2015-5417 HP Remote Code Execution vulnerability in HP Keyview 10.23.0.0/10.24.0.0

Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2876.

7.5
2015-08-24 CVE-2015-5416 HP Remote Code Execution vulnerability in HP Keyview 10.23.0.0/10.24.0.0

Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2875.

7.5
2015-08-24 CVE-2015-6659 Drupal SQL Injection vulnerability in Drupal

SQL injection vulnerability in the SQL comment filtering system in the Database API in Drupal 7.x before 7.39 allows remote attackers to execute arbitrary SQL commands via an SQL comment.

7.5
2015-08-24 CVE-2015-6525 Debian
Libevent Project
Numeric Errors vulnerability in multiple products

Multiple integer overflows in the evbuffer API in Libevent 2.0.x before 2.0.22 and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the (1) evbuffer_add, (2) evbuffer_prepend, (3) evbuffer_expand, (4) exbuffer_reserve_space, or (5) evbuffer_read function, which triggers a heap-based buffer overflow or an infinite loop.

7.5
2015-08-24 CVE-2014-6272 Debian
Libevent Project
Numeric Errors vulnerability in multiple products

Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the (1) evbuffer_add, (2) evbuffer_expand, or (3) bufferevent_write function, which triggers a heap-based buffer overflow or an infinite loop.

7.5
2015-08-27 CVE-2015-5402 HP Permissions, Privileges, and Access Controls vulnerability in HP Systems Insight Manager

HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows local users to gain privileges, and consequently obtain sensitive information, modify data, or cause a denial of service, via unspecified vectors.

7.2

38 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-08-27 CVE-2015-5367 HP Permissions, Privileges, and Access Controls vulnerability in HP products

The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows local users to gain privileges via unspecified vectors.

6.9
2015-08-26 CVE-2015-4173 Sonicwall Unquoted Search Path or Element vulnerability in Sonicwall Netextender

Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.

6.9
2015-08-26 CVE-2015-5411 HP Information Exposure vulnerability in HP Version Control Repository Manager

HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtain sensitive information via unspecified vectors.

6.8
2015-08-25 CVE-2015-5161 Zend XML External Entity Injection vulnerability in Multiple Zend Products

The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework before 1.12.14, 2.x before 2.4.6, and 2.5.x before 2.5.2, when running under PHP-FPM in a threaded environment, allows remote attackers to bypass security checks and conduct XML external entity (XXE) and XML entity expansion (XEE) attacks via multibyte encoded characters.

6.8
2015-08-25 CVE-2015-6262 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Infrastructure 1.2.0.103/2.0

Cross-site request forgery (CSRF) vulnerability in Cisco Prime Infrastructure 1.2(0.103) and 2.0(0.0) allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCum49054 and CSCum49059.

6.8
2015-08-25 CVE-2015-5786 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime

Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-5785.

6.8
2015-08-25 CVE-2015-5785 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime

Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-5786.

6.8
2015-08-24 CVE-2015-6664 SAP Unspecified vulnerability in SAP Mobile Platform 2.3

XML external entity (XXE) vulnerability in the application import functionality in SAP Mobile Platform 2.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2152227.

6.8
2015-08-24 CVE-2015-6662 SAP Unspecified vulnerability in SAP Netweaver 7.40

XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485.

6.8
2015-08-24 CVE-2015-6660 Drupal Cross-Site Request Forgery (CSRF) vulnerability in Drupal

The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user's account via vectors related to "file upload value callbacks."

6.8
2015-08-27 CVE-2015-5431 HP Unspecified vulnerability in HP Matrix Operating Environment 7.4

HP Matrix Operating Environment before 7.5.0 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.

6.5
2015-08-27 CVE-2015-5405 HP Unspecified vulnerability in HP Systems Insight Manager

HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors.

6.5
2015-08-27 CVE-2015-2140 HP Improper Input Validation vulnerability in HP Systems Insight Manager

HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.

6.5
2015-08-26 CVE-2015-5410 HP Arbitrary Code Execution vulnerability in HP Version Control Repository Manager

HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to execute arbitrary code or cause a denial of service via unspecified vectors.

6.5
2015-08-24 CVE-2015-3238 Linux PAM
Oracle
Information Exposure vulnerability in multiple products

The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.

6.5
2015-08-26 CVE-2015-5412 HP Cross-Site Request Forgery (CSRF) vulnerability in HP Version Control Repository Manager

Cross-site request forgery (CSRF) vulnerability in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

6.0
2015-08-28 CVE-2015-6266 Cisco Improper Authentication vulnerability in Cisco Identity Services Engine Software 1.2(0.899)

The guest portal in Cisco Identity Services Engine (ISE) 3300 1.2(0.899) does not restrict access to uploaded HTML documents, which allows remote attackers to obtain sensitive information from customized documents via a direct request, aka Bug ID CSCuo78045.

5.0
2015-08-27 CVE-2015-5430 HP Information Exposure vulnerability in HP Matrix Operating Environment 7.4

HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information via unspecified vectors.

5.0
2015-08-25 CVE-2012-2150 SGI Information Exposure vulnerability in SGI Xfsprogs 3.2.3

xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image.

5.0
2015-08-25 CVE-2015-3269 HP
Adobe
Information Exposure vulnerability in multiple products

Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x before 3.0.0.354170, 4.5 before 4.5.1.354169, 4.6.2 before 4.6.2.354169, and 4.7 before 4.7.0.354169 and other products, allows remote attackers to read arbitrary files via an AMF message containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

5.0
2015-08-24 CVE-2015-6661 Drupal Information Exposure vulnerability in Drupal

Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to obtain sensitive node titles by reading the menu.

5.0
2015-08-24 CVE-2015-6524 Fedoraproject
Apache
Credentials Management vulnerability in multiple products

The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack.

5.0
2015-08-24 CVE-2015-6251 GNU
Debian
Denial of Service vulnerability in GnuTLS 'common.c' Double Free

Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.

5.0
2015-08-24 CVE-2015-5964 Djangoproject
Canonical
Oracle
Resource Management Errors vulnerability in multiple products

The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors.

5.0
2015-08-24 CVE-2015-5963 Djangoproject
Oracle
Canonical
Resource Management Errors vulnerability in multiple products

contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session record.

5.0
2015-08-27 CVE-2015-6265 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Application Control Engine 4700

The CLI in Cisco Application Control Engine (ACE) 4700 A5 3.0 and earlier allows local users to bypass intended access restrictions, and read or write to files, by entering an unspecified CLI command with a crafted file as this command's input, aka Bug ID CSCur23662.

4.3
2015-08-25 CVE-2015-4020 Oracle
Rubygems
Improper Input Validation vulnerability in multiple products

RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record with a domain that is suffixed with the original domain name, aka a "DNS hijack attack." NOTE: this vulnerability exists because to an incomplete fix for CVE-2015-3900.

4.3
2015-08-24 CVE-2015-6665 Fedoraproject
Drupal
Chaos Tool Suite Project
Cross-site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in the Ajax handler in Drupal 7.x before 7.39 and the Ctools module 6.x-1.x before 6.x-1.14 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving a whitelisted HTML element, possibly related to the "a" tag.

4.3
2015-08-24 CVE-2015-6663 SAP Cross-site Scripting vulnerability in SAP Afaria 7.0

Cross-site scripting (XSS) vulnerability in the Client form in the Device Inspector page in SAP Afaria 7 allows remote attackers to inject arbitrary web script or HTML via crafted client name data, aka SAP Security Note 2152669.

4.3
2015-08-24 CVE-2015-6658 Drupal Cross-site Scripting vulnerability in Drupal

Cross-site scripting (XSS) vulnerability in the Autocomplete system in Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to uploading files.

4.3
2015-08-24 CVE-2015-0298 Redhat Cross-site Scripting vulnerability in Redhat MOD Cluster 1.3.1

Cross-site scripting (XSS) vulnerability in the manager web interface in mod_cluster before 1.3.2.Alpha1 allows remote attackers to inject arbitrary web script or HTML via a crafted MCMP message.

4.3
2015-08-30 CVE-2015-3966 Innominate Improper Input Validation vulnerability in Innominate Mguard Firmware

The IPsec SA establishment process on Innominate mGuard devices with firmware 8.x before 8.1.7 allows remote authenticated users to cause a denial of service (VPN service restart) by leveraging a peer relationship to send a crafted configuration with compression.

4.0
2015-08-27 CVE-2015-5433 HP Unspecified vulnerability in HP Virtual Connect Enterprise Manager SDK 7.4.0

HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors.

4.0
2015-08-27 CVE-2015-5403 HP Information Exposure vulnerability in HP Systems Insight Manager

HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-2139.

4.0
2015-08-27 CVE-2015-2139 HP Information Exposure vulnerability in HP Systems Insight Manager

HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5403.

4.0
2015-08-26 CVE-2015-3158 Picketlink Permissions, Privileges, and Access Controls vulnerability in Picketlink 2.7.0

The invokeNextValve function in identity/federation/bindings/tomcat/idp/AbstractIDPValve.java in PicketLink before 2.8.0.Beta1 does not properly check role based authorization, which allows remote authenticated users to gain access to restricted application resources via a (1) direct request or (2) request through an SP initiated flow.

4.0
2015-08-26 CVE-2015-5413 HP Permissions, Privileges, and Access Controls vulnerability in HP Version Control Repository Manager

HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain privileges and obtain sensitive information via unspecified vectors.

4.0
2015-08-26 CVE-2015-6261 Cisco Information Exposure vulnerability in Cisco Telepresence Video Communication Server Software X8.5.2

Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to bypass intended access restrictions and read configuration files by leveraging the Mobile and Remote Access (MRA) role and establishing a TFTP session, aka Bug ID CSCuv78531.

4.0

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-08-24 CVE-2014-8987 Mantisbt Cross-site Scripting vulnerability in Mantisbt

Cross-site scripting (XSS) vulnerability in the "set configuration" box in the Configuration Report page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.17 allows remote administrators to inject arbitrary web script or HTML via the config_option parameter, a different vulnerability than CVE-2014-8986.

3.5
2015-08-28 CVE-2015-2987 Type74 Code vulnerability in Type74 ED

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.

2.6
2015-08-26 CVE-2015-4037 Qemu Code vulnerability in Qemu

The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.

1.9