Weekly Vulnerabilities Reports > September 14 to 20, 2015

Overview

193 new vulnerabilities reported during this period, including 18 critical vulnerabilities and 27 high severity vulnerabilities. This weekly summary report vulnerabilities in 118 products from 53 vendors including Apple, Cisco, Symantec, Newphoria Corporation, and IBM. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Information Exposure", "Permissions, Privileges, and Access Controls", "Improper Input Validation", and "Resource Management Errors".

  • 163 reported vulnerabilities are remotely exploitables.
  • 9 reported vulnerabilities have public exploit available.
  • 31 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 167 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 98 reported vulnerabilities.
  • Apple has the most reported critical vulnerabilities, with 8 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

18 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-09-18 CVE-2015-6459 GE Path Traversal vulnerability in GE MDS Pulsenet

Absolute path traversal vulnerability in the download feature in FileDownloadServlet in GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 allows remote attackers to read or delete arbitrary files via a full pathname.

10.0
2015-09-18 CVE-2015-5911 Apple Security Bypass vulnerability in Apple mac OS X Server 5.0.2

Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document.

10.0
2015-09-18 CVE-2015-5903 Apple Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Watchos

The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5896.

10.0
2015-09-18 CVE-2015-5895 Sqlite
Apple
Multiple Security vulnerability in Apple iOS APPLE-SA-2015-09-16-1

Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as used in Apple iOS before 9, have unknown impact and attack vectors.

10.0
2015-09-17 CVE-2015-5538 Citrix Unspecified vulnerability in Citrix products

Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the (1) Command Line Interface (CLI) and the (2) Web User Interface (UI).

10.0
2015-09-14 CVE-2015-5998 Impero Improper Authentication vulnerability in Impero Education PRO

Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASSWORD string for authentication, which allows remote attackers to execute arbitrary programs via an encrypted command.

10.0
2015-09-18 CVE-2015-5876 Apple Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Watchos

dyld in Dev Tools in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3
2015-09-18 CVE-2015-5867 Apple Buffer Errors vulnerability in Apple Iphone OS and Watchos

IOHIDFamily in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3
2015-09-18 CVE-2015-5846 Apple Buffer Errors vulnerability in Apple Iphone OS and Watchos

IOKit in the kernel in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5844 and CVE-2015-5845.

9.3
2015-09-18 CVE-2015-5845 Apple Buffer Errors vulnerability in Apple Iphone OS and Watchos

IOKit in the kernel in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5844 and CVE-2015-5846.

9.3
2015-09-18 CVE-2015-5844 Apple Buffer Errors vulnerability in Apple Iphone OS and Watchos

IOKit in the kernel in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5845 and CVE-2015-5846.

9.3
2015-09-15 CVE-2015-6949 Asus Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Asus Tm-1900

Stack-based buffer overflow in the ASUS TM-AC1900 router allows remote attackers to execute arbitrary code via crafted HTTP header values.

9.3
2015-09-15 CVE-2015-6946 Microfocus Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microfocus Accurev

Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allow remote attackers to execute arbitrary code via the (1) akey or (2) actserver parameter to the activate_doit function or (3) licfile parameter to the service_startup_doit functionality.

9.3
2015-09-20 CVE-2015-4307 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Collaboration Provisioning

The web framework in Cisco Prime Collaboration Provisioning before 11.0 allows remote authenticated users to bypass intended access restrictions and create administrative accounts via a crafted URL, aka Bug ID CSCut64111.

9.0
2015-09-20 CVE-2015-4304 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Collaboration Assurance

The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended access restrictions, and create administrative accounts or read data from arbitrary tenant domains, via a crafted URL, aka Bug IDs CSCus62671 and CSCus62652.

9.0
2015-09-18 CVE-2015-6456 GE Unspecified vulnerability in GE MDS Pulsenet

GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 have hardcoded credentials for a support account, which allows remote attackers to obtain administrative access, and consequently execute arbitrary code, by leveraging knowledge of the password.

9.0
2015-09-16 CVE-2014-8778 Checkmarx Code Injection vulnerability in Checkmarx Cxsast

Checkmarx CxSAST (formerly CxSuite) before 7.1.8 allows remote authenticated users to bypass the CxQL sandbox protection mechanism and execute arbitrary C# code by asserting the (1) System.Security.Permissions.PermissionState.Unrestricted or (2) System.Security.Permissions.SecurityPermissionFlag.AllFlags permission.

9.0
2015-09-15 CVE-2015-4947 IBM Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Http Server

Stack-based buffer overflow in the Administration Server in IBM HTTP Server 6.1.0.x through 6.1.0.47, 7.0.0.x before 7.0.0.39, 8.0.0.x before 8.0.0.12, and 8.5.x before 8.5.5.7, as used in WebSphere Application Server and other products, allows remote authenticated users to execute arbitrary code via unspecified vectors.

9.0

27 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-09-20 CVE-2015-5690 Symantec OS Command Injection vulnerability in Symantec web Gateway

The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging a "redirect."

8.5
2015-09-20 CVE-2015-4306 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Collaboration Assurance

The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended login-session read restrictions, and impersonate administrators of arbitrary tenant domains, by discovering a session identifier and constructing a crafted URL, aka Bug IDs CSCus88343 and CSCus88334.

8.5
2015-09-20 CVE-2015-6547 Symantec Command Injection vulnerability in Symantec web Gateway

The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands at boot time via unspecified vectors.

8.3
2015-09-20 CVE-2015-5693 Symantec Code Injection vulnerability in Symantec web Gateway

The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to "traffic capture."

7.9
2015-09-20 CVE-2015-5692 Symantec Permissions, Privileges, and Access Controls vulnerability in Symantec web Gateway

admin_messages.php in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary code by uploading a file with a safe extension and content type, and then leveraging an improper Sudo configuration to make this a setuid-root file.

7.9
2015-09-20 CVE-2015-6284 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Telepresence Server Software

Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277.

7.8
2015-09-15 CVE-2015-5472 IBS Mappro Project Path Traversal vulnerability in IBS Mappro Project IBS Mappro 0.6

Absolute path traversal vulnerability in lib/download.php in the IBS Mappro plugin before 1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter.

7.8
2015-09-14 CVE-2015-1943 IBM Resource Management Errors vulnerability in IBM Websphere Portal

IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request.

7.8
2015-09-14 CVE-2015-5997 Impero Unspecified vulnerability in Impero Education PRO

Impero Education Pro before 5105 uses a hardcoded CBC key and initialization vector derived from a hash of the Imp3ro string, which makes it easier for remote attackers to obtain plaintext data by sniffing the network for ciphertext data.

7.8
2015-09-18 CVE-2015-6460 3S Smart Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in 3S-Smart Codesys Gateway Server

Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.47 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0.

7.5
2015-09-18 CVE-2015-7243 Boxoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Boxoft WAV TO MP3 Converter

Buffer overflow in Boxoft WAV to MP3 Converter allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted WAV file.

7.5
2015-09-18 CVE-2015-7239 SAP SQL Injection vulnerability in SAP Netweaver J2Ee Engine 7.40

SQL injection vulnerability in the BP_FIND_JOBS_WITH_PROGRAM function module in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2015-09-18 CVE-2015-5874 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

7.5
2015-09-17 CVE-2015-7235 CP Reservation Calender Project SQL Injection vulnerability in CP Reservation Calender Project CP Reservation Calender

Multiple SQL injection vulnerabilities in dex_reservations.php in the CP Reservation Calendar plugin before 1.1.7 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a dex_reservations_calendar_load2 action or (2) dex_item parameter in a dex_reservations_check_posted_data action in a request to the default URI.

7.5
2015-09-17 CVE-2015-6962 Teiko SQL Injection vulnerability in Teiko Farol

SQL injection vulnerability in the web application in Farol allows remote attackers to execute arbitrary SQL commands via the email parameter to tkmonitor/estrutura/login/Login.actions.php.

7.5
2015-09-16 CVE-2015-1173 Unit4 Improper Access Control vulnerability in Unit4 Teta web

Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 does not properly restrict access to the (1) Design Mode and (2) Debug Logger mode modules, which allows remote attackers to gain privileges via crafted "received parameters."

7.5
2015-09-16 CVE-2015-6829 Ciphercoin SQL Injection vulnerability in Ciphercoin WP Limit Login Attempts 1.0/2.0

Multiple SQL injection vulnerabilities in the getip function in wp-limit-login-attempts.php in the WP Limit Login Attempts plugin before 2.0.1 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) X-Forwarded-For or (2) Client-IP HTTP header.

7.5
2015-09-14 CVE-2015-4499 Mozilla Improper Input Validation vulnerability in Mozilla Bugzilla

Util.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.15, 4.3.x and 4.4.x before 4.4.10, and 5.x before 5.0.1 mishandles long e-mail addresses during account registration, which allows remote attackers to obtain the default privileges for an arbitrary domain name by placing that name in a substring of an address, as demonstrated by truncation of an @mozilla.com.example.com address to an @mozilla.com address.

7.5
2015-09-18 CVE-2015-6296 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Network Registrar 8.1.3.3/8.2.3/8.3.2

Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825.

7.2
2015-09-18 CVE-2015-5899 Apple Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Watchos

libpthread in the kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.2
2015-09-18 CVE-2015-5896 Apple Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Watchos

The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5903.

7.2
2015-09-18 CVE-2015-5882 Apple Improper Access Control vulnerability in Apple Iphone OS, mac OS X and Watchos

The processor_set_tasks API implementation in Apple iOS before 9 allows local users to bypass an entitlement protection mechanism and obtain access to the task ports of arbitrary processes by leveraging root privileges.

7.2
2015-09-18 CVE-2015-5868 Apple Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Watchos

The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5896 and CVE-2015-5903.

7.2
2015-09-18 CVE-2015-5848 Apple Buffer Errors vulnerability in Apple Iphone OS and Watchos

IOAcceleratorFamily in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.2
2015-09-18 CVE-2015-5847 Apple Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Watchos

The Disk Images component in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.2
2015-09-18 CVE-2015-5843 Apple Buffer Errors vulnerability in Apple Iphone OS and Watchos

IOMobileFrameBuffer in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.2
2015-09-16 CVE-2015-5465 SIS Memory Corruption vulnerability in SIS Windows VGA Display Manager 6.14.10.3930

Silicon Integrated Systems WindowsXP Display Manager (aka VGA Driver Manager and VGA Display Manager) 6.14.10.3930 allows local users to gain privileges via a crafted (1) 0x96002400 or (2) 0x96002404 IOCTL call.

7.2

130 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-09-18 CVE-2014-8611 Apple
Freebsd
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.

6.9
2015-09-20 CVE-2015-5689 Symantec Buffer Errors vulnerability in Symantec Deployment Solution and Ghost Solutions Suite

ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution (DS) before 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote attackers to execute arbitrary code, cause a denial of service (application crash), or possibly obtain sensitive information via a crafted Ghost image.

6.8
2015-09-20 CVE-2015-5637 Newphoria Corporation Permissions, Privileges, and Access Controls vulnerability in Newphoria Corporation 1.1

The Newphoria Photon application before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.

6.8
2015-09-20 CVE-2015-5636 Newphoria Corporation Permissions, Privileges, and Access Controls vulnerability in Newphoria Corporation Reversi

The Newphoria Reversi application before 1.0.3 for Android and before 1.2 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.

6.8
2015-09-20 CVE-2015-5635 Newphoria Corporation Permissions, Privileges, and Access Controls vulnerability in Newphoria Corporation Koritore

The Newphoria Koritore application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.

6.8
2015-09-20 CVE-2015-5634 Newphoria Corporation Permissions, Privileges, and Access Controls vulnerability in Newphoria Corporation Megaphone Music

The Newphoria MEGAPHONE MUSIC application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.

6.8
2015-09-20 CVE-2015-5633 Newphoria Corporation Permissions, Privileges, and Access Controls vulnerability in Newphoria Corporation Auction Camera

The Newphoria Auction Camera application for iOS and before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.

6.8
2015-09-20 CVE-2015-5632 Newphoria Corporation Permissions, Privileges, and Access Controls vulnerability in Newphoria Corporation Applican

The runtime engine in the Newphoria applican framework before 1.12.3 for Android and before 1.12.2 for iOS allows attackers to bypass a whitelist.xml URL whitelist protection mechanism and obtain API access via unspecified vectors.

6.8
2015-09-18 CVE-2015-5829 Apple Buffer Errors vulnerability in Apple Iphone OS and Watchos

Data Detectors Engine in Apple iOS before 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file.

6.8
2015-09-18 CVE-2015-5823 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5822 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5821 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5819 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5818 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5817 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5816 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5815 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes and Safari

WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5814 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5813 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5812 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5811 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5810 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5809 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5808 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes and Safari

WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5807 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5806 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5805 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5804 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5803 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5802 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5801 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5800 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5799 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5798 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes and Safari

WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5797 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5796 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5795 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5794 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5793 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5792 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5791 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5790 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-18 CVE-2015-5789 Apple Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

6.8
2015-09-16 CVE-2015-6973 Igniterealtime Cross-Site Request Forgery (CSRF) vulnerability in Igniterealtime Openfire 3.10.2

Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via a crafted request to user-password.jsp, (2) add users via a crafted request to user-create.jsp, (3) edit server settings or (4) disable SSL on the server via a crafted request to server-props.jsp, or (5) add clients via a crafted request to plugins/clientcontrol/permitted-clients.jsp.

6.8
2015-09-16 CVE-2015-6966 Nibbleblog Cross-Site Request Forgery (CSRF) vulnerability in Nibbleblog 4.0.1

Multiple cross-site request forgery (CSRF) vulnerabilities in Nibbleblog before 4.0.5 allow remote attackers to hijack the authentication of administrators for requests that (1) create a post via a new_simple action to admin.php or (2) conduct cross-site scripting (XSS) attacks via the content parameter in a new_simple action to admin.php.

6.8
2015-09-16 CVE-2015-6965 Creative Solutions Cross-Site Request Forgery (CSRF) vulnerability in Creative-Solutions Contact Form Generator

Multiple cross-site request forgery (CSRF) vulnerabilities in the Contact Form Generator plugin 2.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) create a field, (2) update a field, (3) delete a field, (4) create a form, (5) update a form, (6) delete a form, (7) create a template, (8) update a template, (9) delete a template, or (10) conduct cross-site scripting (XSS) attacks via a crafted request to the cfg_forms page in wp-admin/admin.php.

6.8
2015-09-16 CVE-2015-6828 Securemoz Improper Input Validation vulnerability in Securemoz Security Audit

The tweet_info function in class/__functions.php in the SecureMoz Security Audit plugin 1.0.5 and earlier for WordPress does not use an HTTPS session for downloading serialized data, which allows man-in-the-middle attackers to conduct PHP object injection attacks and execute arbitrary PHP code by modifying the client-server data stream.

6.8
2015-09-15 CVE-2015-6948 Corel Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Corel Wordperfect

Heap-based buffer overflow in the Microsoft Word document conversion feature in Corel WordPerfect allows remote attackers to execute arbitrary code via a crafted document.

6.8
2015-09-15 CVE-2015-6944 JSP Mysql Administrador WEB Project Cross-Site Request Forgery (CSRF) vulnerability in Jsp/Mysql Administrador web Project Jsp/Mysql Administrador web 1.0

Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to hijack the authentication of users for requests that execute arbitrary SQL commands via the cmd parameter to sys/sys/listaBD2.jsp.

6.8
2015-09-20 CVE-2014-9229 Symantec SQL Injection vulnerability in Symantec Endpoint Protection

Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role.

6.5
2015-09-20 CVE-2015-6299 Cisco SQL Injection vulnerability in Cisco Unity Connection 9.1(1)/9.1(2)

SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824.

6.5
2015-09-18 CVE-2015-5274 Redhat Command Injection vulnerability in Redhat Openshift 2.2

rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to execute arbitrary commands via a crafted request to the Broker.

6.5
2015-09-16 CVE-2015-6968 S9Y Unspecified vulnerability in S9Y Serendipity

Multiple incomplete blacklist vulnerabilities in the serendipity_isActiveFile function in include/functions_images.inc.php in Serendipity before 2.0.2 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .pht or (2) .phtml extension.

6.5
2015-09-16 CVE-2015-6967 Nibbleblog Unspecified vulnerability in Nibbleblog 4.0.1

Unrestricted file upload vulnerability in the My Image plugin in Nibbleblog before 4.0.5 allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in content/private/plugins/my_image/image.php.

6.5
2015-09-16 CVE-2015-3623 Qlik Unspecified vulnerability in Qlik Qlikview

XML external entity (XXE) vulnerability in QlikTech Qlikview before 11.20 SR12 allows remote attackers to conduct server-side request forgery (SSRF) attacks and read arbitrary files via crafted XML data in a request to AccessPoint.aspx.

6.4
2015-09-14 CVE-2015-6285 Cisco USE of Externally-Controlled Format String vulnerability in Cisco Email Security Appliance 7.6.0/8.0.0

Format string vulnerability in Cisco Email Security Appliance (ESA) 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service (memory overwrite or service outage) via format string specifiers in an HTTP request, aka Bug ID CSCug21497.

6.4
2015-09-18 CVE-2015-6294 Cisco Resource Management Errors vulnerability in Cisco IOS and IOS XE

Cisco IOS 15.2(3)E and earlier and IOS XE 3.6(2)E and earlier allow remote attackers to cause a denial of service (functionality loss) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuu25770.

6.1
2015-09-15 CVE-2015-6943 S9Y SQL Injection vulnerability in S9Y Serendipity

SQL injection vulnerability in the serendipity_checkCommentToken function in include/functions_comments.inc.php in Serendipity before 2.0.2, when "Use Tokens for Comment Moderation" is enabled, allows remote administrators to execute arbitrary SQL commands via the serendipity[id] parameter to serendipity_admin.php.

6.0
2015-09-20 CVE-2015-6548 Symantec SQL Injection vulnerability in Symantec web Gateway

Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

5.8
2015-09-18 CVE-2015-6932 Vmware Cryptographic Issues vulnerability in VMWare Vcenter Server 5.5/6.0

VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LDAP servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2015-09-14 CVE-2015-6286 Cisco Resource Management Errors vulnerability in Cisco Application Visibility and Control 15.3(3)Ja

Cisco Application Visibility and Control (AVC) 15.3(3)JA, when FlexConnect is enabled, allows remote attackers to cause a denial of service (access-point outage) via a crafted UDP packet, aka Bug ID CSCuu47016.

5.7
2015-09-17 CVE-2015-7233 Structured Dynamics Cross-Site Request Forgery (CSRF) vulnerability in Structured Dynamics Open Semantic Framework 7.X3.0/7.X3.X

Cross-site request forgery (CSRF) vulnerability in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Import module is enabled, allows remote attackers to hijack the authentication of administrators for requests that create new OSF datasets via unspecified vectors.

5.1
2015-09-20 CVE-2015-6301 Cisco Resource Management Errors vulnerability in Cisco products

The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171.

5.0
2015-09-18 CVE-2015-6297 Cisco Resource Management Errors vulnerability in Cisco IOS XR 5.2.0Base

The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun36525.

5.0
2015-09-18 CVE-2015-3962 Schneider Electric Information Exposure vulnerability in Schneider Electric Struxureware Building Expert MPM

Schneider Electric StruxureWare Building Expert MPM before 2.15 does not use encryption for the client-server data stream, which allows remote attackers to discover credentials by sniffing the network.

5.0
2015-09-18 CVE-2015-7237 Mcafee Path Traversal vulnerability in Mcafee Agent 5.0.0/5.0.1

Directory traversal vulnerability in the remote log viewing functionality in McAfee Agent (MA) 5.x before 5.0.2 allows remote attackers to obtain sensitive information via unspecified vectors.

5.0
2015-09-18 CVE-2015-4638 F5 Improper Input Validation vulnerability in F5 products

The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 through 11.3.0, and BIG-IP PSM 11.2.1 through 11.4.1 allows remote attackers to cause a denial of service (Traffic Management Microkernel restart) via a fragmented packet.

5.0
2015-09-18 CVE-2015-5912 Apple Code vulnerability in Apple Iphone OS and mac OS X

The CFNetwork FTPProtocol component in Apple iOS before 9 allows remote FTP proxy servers to trigger TCP connection attempts to intranet hosts via crafted responses.

5.0
2015-09-18 CVE-2015-5909 Apple Information Exposure vulnerability in Apple Xcode

IDE Xcode Server in Apple Xcode before 7.0 does not properly restrict access to repository e-mail lists, which allows remote attackers to obtain potentially sensitive build information in opportunistic circumstances by leveraging incorrect notification delivery.

5.0
2015-09-18 CVE-2015-5906 Apple Information Exposure vulnerability in Apple Iphone OS

The HTML form implementation in WebKit in Apple iOS before 9 does not prevent QuickType access to the final character of a password, which might make it easier for remote attackers to discover a password by leveraging a later prediction containing that character.

5.0
2015-09-18 CVE-2015-5905 Apple 7PK - Security Features vulnerability in Apple Iphone OS

Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web content via a crafted window opener on a web site.

5.0
2015-09-18 CVE-2015-5885 Apple Information Exposure vulnerability in Apple Iphone OS, mac OS X and Watchos

The CFNetwork Cookies component in Apple iOS before 9 allows remote attackers to track users via vectors involving a cookie for a top-level domain.

5.0
2015-09-18 CVE-2015-5879 Apple Improper Input Validation vulnerability in Apple Iphone OS and mac OS X

XNU in the kernel in Apple iOS before 9 does not properly validate the headers of TCP packets, which allows remote attackers to bypass the sequence-number protection mechanism and cause a denial of service (TCP connection disruption) via a crafted header.

5.0
2015-09-18 CVE-2015-5860 Apple Information Exposure vulnerability in Apple Iphone OS and Watchos

The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site.

5.0
2015-09-18 CVE-2015-5858 Apple Information Exposure vulnerability in Apple Iphone OS and Watchos

The CFNetwork HTTPProtocol component in Apple iOS before 9 allows remote attackers to bypass the HSTS protection mechanism, and consequently obtain sensitive information, via a crafted URL.

5.0
2015-09-18 CVE-2015-5857 Apple 7PK - Security Features vulnerability in Apple Iphone OS

Mail in Apple iOS before 9 allows remote attackers to use an address-book contact as a spoofed e-mail sender address via unspecified vectors.

5.0
2015-09-18 CVE-2015-5841 Apple Injection vulnerability in Apple Iphone OS, mac OS X and Watchos

The CFNetwork Proxies component in Apple iOS before 9 does not properly handle a Set-Cookie header within a response to an HTTP CONNECT request, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response.

5.0
2015-09-18 CVE-2015-5840 Apple Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Watchos

The checkint division routines in removefile in Apple iOS before 9 allow attackers to cause a denial of service (overflow fault and app crash) via crafted data.

5.0
2015-09-18 CVE-2015-5839 Apple 7PK - Security Features vulnerability in Apple Iphone OS, mac OS X and Watchos

dyld in Apple iOS before 9 allows attackers to bypass a code-signing protection mechanism via an app that places a crafted signature in an executable file.

5.0
2015-09-18 CVE-2015-5831 Apple Information Exposure vulnerability in Apple Iphone OS and mac OS X

NetworkExtension in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows attackers to obtain sensitive memory-layout information via a crafted app.

5.0
2015-09-18 CVE-2015-5827 Apple Information Exposure vulnerability in Apple Iphone OS and Safari

WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event.

5.0
2015-09-18 CVE-2015-3801 Apple Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS and Safari

The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors.

5.0
2015-09-17 CVE-2015-7231 Drupalcommerce Improper Input Validation vulnerability in Drupalcommerce Commerce Commonwealth

The Commerce Commonwealth (CBA) module 7.x-1.x before 7.x-1.5 for Drupal does not properly validate payments, which allows remote attackers to make a failed payment appear valid via a crafted URL, related to a "response from commweb."

5.0
2015-09-17 CVE-2015-7228 Restful Project Access Bypass vulnerability in Restful Project Restful 7.X1.0/7.X1.1/7.X1.2

The RESTful module 7.x-1.x before 7.x-1.3 for Drupal does not properly cache pages of authenticated users when using non-cookie authentication providers, which allows remote attackers to obtain sensitive information via unspecified vectors.

5.0
2015-09-17 CVE-2015-7226 Administration Views Project Information Exposure vulnerability in Administration Views Project Administration Views

The Administration Views module 7.x-1.x before 7.x-1.5 for Drupal checks access permissions based on the router path from the view instead of the display property, which allows remote attackers to obtain sensitive information via vectors related to the access handler.

5.0
2015-09-14 CVE-2014-9745 Freetype
Debian
Canonical
Opensuse
Resource Management Errors vulnerability in multiple products

The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.

5.0
2015-09-14 CVE-2015-6830 Phpmyadmin Information Exposure vulnerability in PHPmyadmin

libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha.

5.0
2015-09-14 CVE-2015-6288 Cisco Resource Management Errors vulnerability in Cisco Content Security Management Appliance 7.8Base

Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not properly validate credentials, which allows remote attackers to cause a denial of service (rapid log-file rollover and application fault) via crafted HTTP requests, aka Bug ID CSCuw09620.

5.0
2015-09-14 CVE-2015-6287 Cisco Resource Management Errors vulnerability in Cisco web Security Virtual Appliance 8.0.5/8.0.6/8.0Base

Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs CSCur32005 and CSCur07907.

5.0
2015-09-14 CVE-2015-2013 IBM Resource Management Errors vulnerability in IBM Websphere MQ

IBM WebSphere MQ 7.0.1 before 7.0.1.13 allows remote attackers to cause a denial of service (channel-agent abend and process outage) via a crafted selection string in an MQI call.

5.0
2015-09-20 CVE-2014-9228 Symantec Resource Management Errors vulnerability in Symantec Endpoint Protection

sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition.

4.9
2015-09-16 CVE-2015-5440 HP Information Exposure vulnerability in HP Universal Configuration Management Database

HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21 allows local users to obtain sensitive information via unspecified vectors.

4.9
2015-09-20 CVE-2015-6295 Cisco Resource Management Errors vulnerability in Cisco Nx-Os 6.1(2)I3(4)/7.0(3)I1(1)

Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560.

4.8
2015-09-16 CVE-2015-5426 HP Local Code Execution vulnerability in HP LoadRunner

Unspecified vulnerability in HP LoadRunner Controller before 12.50 allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2756.

4.6
2015-09-20 CVE-2014-9227 Symantec DLL Loading Local Privilege Escalation vulnerability in Symantec Endpoint Protection Manager and Client

Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory.

4.4
2015-09-20 CVE-2015-5691 Symantec Cross-Site Scripting vulnerability in Symantec web Gateway

Multiple cross-site scripting (XSS) vulnerabilities in PHP scripts in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated an attack against admin_messages.php.

4.3
2015-09-20 CVE-2015-5638 Dena Path Traversal vulnerability in Dena H20

Directory traversal vulnerability in H2O before 1.4.5 and 1.5.x before 1.5.0-beta2, when the file.dir directive is enabled, allows remote attackers to read arbitrary files via a crafted URL.

4.3
2015-09-18 CVE-2015-6939 Joomla Cross-Site Scripting vulnerability in Joomla Joomla!

Cross-site scripting (XSS) vulnerability in the login module in Joomla! 3.4.x before 3.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2015-09-18 CVE-2015-5921 Apple Information Exposure vulnerability in Apple Iphone OS

WebKit in Apple iOS before 9 mishandles "Content-Disposition: attachment" HTTP headers, which might allow man-in-the-middle attackers to obtain sensitive information via unspecified vectors.

4.3
2015-09-18 CVE-2015-5920 Apple Information Disclosure vulnerability in Apple iTunes

The Software Update component in Apple iTunes before 12.3 does not properly handle redirection, which allows man-in-the-middle attackers to discover encrypted SMB credentials via unspecified vectors.

4.3
2015-09-18 CVE-2015-5916 Apple Information Exposure vulnerability in Apple Iphone OS and Watchos

The Apple Pay component in Apple iOS before 9 allows remote terminals to obtain sensitive recent-transaction information during payments by leveraging the transaction-log feature.

4.3
2015-09-18 CVE-2015-5904 Apple 7PK - Security Features vulnerability in Apple Iphone OS

Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web content via a crafted web site.

4.3
2015-09-18 CVE-2015-5880 Apple Information Exposure vulnerability in Apple Iphone OS

CoreAnimation in Apple iOS before 9 allows attackers to bypass intended IOSurface restrictions and obtain screen-framebuffer access via a crafted background app.

4.3
2015-09-18 CVE-2015-5862 Apple Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Watchos

The Audio component in Apple iOS before 9 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted audio file.

4.3
2015-09-18 CVE-2015-5856 Apple 7PK - Security Features vulnerability in Apple Iphone OS

The Application Store component in Apple iOS before 9 allows remote attackers to cause a denial of service to an enterprise-signed app via a crafted ITMS URL.

4.3
2015-09-18 CVE-2015-5855 Apple Information Exposure vulnerability in Apple Iphone OS and Watchos

Apple iOS before 9 allows attackers to discover the e-mail address of a player via a crafted Game Center app.

4.3
2015-09-18 CVE-2015-5838 Apple Improper Access Control vulnerability in Apple Iphone OS

SpringBoard in Apple iOS before 9 does not properly restrict access to privileged API calls, which allows attackers to spoof the dialog windows of an arbitrary app via a crafted app.

4.3
2015-09-18 CVE-2015-5837 Apple Improper Input Validation vulnerability in Apple Iphone OS and Watchos

PluginKit in Apple iOS before 9 allows attackers to bypass an intended app-trust requirement and install arbitrary extensions via a crafted enterprise app.

4.3
2015-09-18 CVE-2015-5835 Apple Information Exposure vulnerability in Apple Iphone OS

Apple iOS before 9 allows attackers to obtain sensitive information about inter-app communication via a crafted app that conducts an interception attack involving an unspecified URL scheme.

4.3
2015-09-18 CVE-2015-5834 Apple Information Exposure vulnerability in Apple Iphone OS and Watchos

IOAcceleratorFamily in Apple iOS before 9 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

4.3
2015-09-18 CVE-2015-5826 Apple Improper Access Control vulnerability in Apple Iphone OS and Safari

WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

4.3
2015-09-18 CVE-2015-5825 Apple Information Exposure vulnerability in Apple Iphone OS and Safari

WebKit in Apple iOS before 9 does not properly restrict the availability of Performance API times, which allows remote attackers to obtain sensitive information about the browser history, mouse movement, or network traffic via crafted JavaScript code.

4.3
2015-09-18 CVE-2015-5824 Apple Cryptographic Issues vulnerability in Apple Iphone OS, mac OS X and Watchos

The NSURL implementation in the CFNetwork SSL component in Apple iOS before 9 does not properly verify X.509 certificates from SSL servers after a certificate change, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2015-09-18 CVE-2015-5820 Apple Improper Input Validation vulnerability in Apple Iphone OS and Safari

WebKit in Apple iOS before 9 allows remote attackers to trigger a dialing action via a crafted (1) tel://, (2) facetime://, or (3) facetime-audio:// URL.

4.3
2015-09-18 CVE-2015-5788 Apple Information Exposure vulnerability in Apple Iphone OS and Safari

The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element.

4.3
2015-09-18 CVE-2015-5767 Apple Improper Input Validation vulnerability in Apple Iphone OS and Safari

The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspecified vectors, a different vulnerability than CVE-2015-5764 and CVE-2015-5765.

4.3
2015-09-18 CVE-2015-5765 Apple Improper Input Validation vulnerability in Apple Iphone OS and Safari

The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspecified vectors, a different vulnerability than CVE-2015-5764 and CVE-2015-5767.

4.3
2015-09-18 CVE-2015-5764 Apple Improper Input Validation vulnerability in Apple Iphone OS and Safari

The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspecified vectors, a different vulnerability than CVE-2015-5765 and CVE-2015-5767.

4.3
2015-09-17 CVE-2015-6672 Citrix Cross-Site Scripting vulnerability in Citrix products

Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2015-09-16 CVE-2015-6972 Igniterealtime Cross-Site Scripting vulnerability in Igniterealtime Openfire 3.10.2

Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to inject arbitrary web script or HTML via the (1) groupchatName parameter to plugins/clientcontrol/create-bookmark.jsp; the (2) urlName parameter to plugins/clientcontrol/create-bookmark.jsp; the (3) hostname parameter to server-session-details.jsp; or the (4) search parameter to group-summary.jsp.

4.3
2015-09-16 CVE-2015-6929 Nokia Cross-Site Scripting vulnerability in Nokia @Vantage Commander

Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks (formerly Nokia Solutions and Networks and Nokia Siemens Networks) @vantage Commander allow remote attackers to inject arbitrary web script or HTML via the (1) idFilter or (2) nameFilter parameter to cftraces/filter/fl_copy.jsp; the (3) flName parameter to cftraces/filter/fl_crea1.jsp; the (4) serchStatus, (5) refreshTime, or (6) serchNode parameter to cftraces/process/pr_show_process.jsp; the (7) MaxActivationTime, (8) NumberOfBytes, (9) NumberOfTracefiles, (10) SessionName, or (11) serchSessionkind parameter to cftraces/session/se_crea.jsp; the (12) serchSessionDescription parameter to cftraces/session/se_show.jsp; the (13) serchApplication or (14) serchApplicationkind parameter to cftraces/session/tr_crea_filter.jsp; the (15) columKeyUnique, (16) columParameter, (17) componentName, (18) criteria1, (19) criteria2, (20) criteria3, (21) description, (22) filter, (23) id, (24) pathName, (25) tableName, or (26) component parameter to cftraces/session/tr_create_tagg_para.jsp; or the (27) userid parameter to home/certificate_association.jsp.

4.3
2015-09-16 CVE-2015-6969 S9Y Cross-Site Scripting vulnerability in S9Y Serendipity

Cross-site scripting (XSS) vulnerability in js/2k11.min.js in the 2k11 theme in Serendipity before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via a user name in a comment, which is not properly handled in a Reply link.

4.3
2015-09-15 CVE-2015-6945 JSP Mysql Administrador WEB Project Cross-Site Scripting vulnerability in Jsp/Mysql Administrador web Project Jsp/Mysql Administrador web 1.0

Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp.

4.3
2015-09-14 CVE-2015-6290 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco web Security Virtual Appliance

Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426.

4.3
2015-09-20 CVE-2015-6300 Cisco Improper Input Validation vulnerability in Cisco Secure Access Control Server 5.7.0.15

Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users to cause a denial of service (SSH screen process crash) via crafted (1) CLI or (2) GUI commands, aka Bug ID CSCuw24694.

4.0
2015-09-20 CVE-2015-4305 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Collaboration Assurance

The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended system-database read restrictions, and discover credentials or SNMP communities for arbitrary tenant domains, via a crafted URL, aka Bug ID CSCus62656.

4.0
2015-09-17 CVE-2015-7234 Structured Dynamics Improper Input Validation vulnerability in Structured Dynamics Open Semantic Framework 7.X3.0/7.X3.X

The OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology and OSF Import modules are enabled, allows user-assisted remote attackers to delete arbitrary files via unspecified vectors.

4.0
2015-09-17 CVE-2015-4040 F5 Path Traversal vulnerability in F5 products

Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.

4.0
2015-09-16 CVE-2015-2136 HP Information Exposure vulnerability in HP Arcsight Logger 5.2/5.3/6.0

HP ArcSight Logger before 6.0 P2 allows remote authenticated users to bypass the intended authorization policy via unspecified vectors.

4.0
2015-09-14 CVE-2015-4980 IBM Information Exposure vulnerability in IBM Websphere Commerce

Unspecified vulnerability in IBM WebSphere Commerce 7.0.0.6 through 7.0.0.9 allows remote authenticated users to obtain sensitive personal information via unknown vectors.

4.0

18 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-09-17 CVE-2015-7230 Workbench Email Project Permissions, Privileges, and Access Controls vulnerability in Workbench Email Project Workbench Email

The Workbench Email module 7.x-3.x before 7.x-3.4 for Drupal allows remote authenticated users with certain permissions to bypass node and field validation by saving a node.

3.5
2015-09-17 CVE-2015-7229 Twitter Project Permissions, Privileges, and Access Controls vulnerability in Twitter Project Twitter

The Twitter module 6.x-5.x before 6.x-5.2, 7.x-5.x before 7.x-5.9, and 7.x-6.x before 7.x-6.0 for Drupal does not properly check access permissions, which allows remote authenticated users to post tweets to arbitrary accounts by leveraging the (1) "post to twitter" permission or change the options for arbitrary attached accounts by leveraging the (2) "add twitter accounts" or (3) "add authenticated twitter accounts" permission.

3.5
2015-09-17 CVE-2015-7227 Fieldable Panels Panes Project Permissions, Privileges, and Access Controls vulnerability in Fieldable Panels Panes Project Fieldable Panels Panes

The Fieldable Panels Panes module 7.x-1.x before 7.x-1.7 for Drupal does not properly check permissions to edit Fieldable Panels Panes entities, which allows remote authenticated users to edit panes by leveraging permissions to edit panels.

3.5
2015-09-16 CVE-2015-5956 Typo3 Cross-Site Scripting vulnerability in Typo3

The sanitizeLocalUrl function in TYPO3 6.x before 6.2.15, 7.x before 7.4.0, 4.5.40, and earlier allows remote authenticated users to bypass the XSS filter and conduct cross-site scripting (XSS) attacks via a base64 encoded data URI, as demonstrated by the (1) returnUrl parameter to show_rechis.php and the (2) redirect_url parameter to index.php.

3.5
2015-09-18 CVE-2015-5910 Apple Information Exposure vulnerability in Apple Xcode

IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted, which allows remote attackers to obtain sensitive information by sniffing the network.

3.3
2015-09-18 CVE-2015-5869 Apple Improper Input Validation vulnerability in Apple Iphone OS, mac OS X and Watchos

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

3.3
2015-09-18 CVE-2015-5907 Apple Cryptographic Issues vulnerability in Apple Iphone OS

WebKit in Apple iOS before 9 allows man-in-the-middle attackers to conduct redirection attacks by leveraging the mishandling of the resource cache of an SSL web site with an invalid X.509 certificate.

2.6
2015-09-17 CVE-2015-7232 Structured Dynamics Cross-Site Scripting vulnerability in Structured Dynamics Open Semantic Framework 7.X3.0/7.X3.X

Cross-site scripting (XSS) vulnerability in unspecified administration pages in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology module is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

2.6
2015-09-18 CVE-2015-7238 Mcafee Permissions, Privileges, and Access Controls vulnerability in Mcafee Threat Intelligence Exchange

The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sensitive information by reading the files.

2.1
2015-09-18 CVE-2015-5898 Apple Information Exposure vulnerability in Apple Iphone OS and Watchos

CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.

2.1
2015-09-18 CVE-2015-5892 Apple Information Exposure vulnerability in Apple Iphone OS

Siri in Apple iOS before 9 allows physically proximate attackers to bypass an intended client-side protection mechanism and obtain sensitive content-notification information by listening to a device in the lock-screen state.

2.1
2015-09-18 CVE-2015-5863 Apple Information Exposure vulnerability in Apple Iphone OS, mac OS X and Watchos

IOStorageFamily in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive information from kernel memory via unknown vectors.

2.1
2015-09-18 CVE-2015-5861 Apple Improper Access Control vulnerability in Apple Iphone OS

SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen preview-disabled setting, and reply to an audio message, via unspecified vectors.

2.1
2015-09-18 CVE-2015-5851 Apple Information Exposure vulnerability in Apple Iphone OS and mac OS X

The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not require an encrypted session, which allows local users to obtain cleartext multipeer data via an encrypted-to-unencrypted downgrade attack.

2.1
2015-09-18 CVE-2015-5850 Apple 7PK - Security Features vulnerability in Apple Iphone OS

AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to reset the count of incorrect passcode attempts via a device backup.

2.1
2015-09-18 CVE-2015-5842 Apple Information Exposure vulnerability in Apple Iphone OS, mac OS X and Watchos

XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive memory-layout information via unknown vectors.

2.1
2015-09-18 CVE-2015-5832 Apple Information Exposure vulnerability in Apple Iphone OS

The iTunes Store component in Apple iOS before 9 does not properly delete AppleID credentials from the keychain upon a signout action, which might allow physically proximate attackers to obtain sensitive information via unspecified vectors.

2.1
2015-09-17 CVE-2015-1319 Canonical Improper Input Validation vulnerability in Canonical Ubuntu Linux 14.04/15.04

The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and 15.04.x before 15.04.1+15.04.20150408-0ubuntu1.2 does not properly detect if the screen is locked, which allows physically proximate attackers to mount removable media while the screen is locked as demonstrated by inserting a USB thumb drive.

2.1