Upload
vanthu
View
214
Download
0
Embed Size (px)
Citation preview
Vulnerability Summary for the Week of July 21, 2014Please Note:
• The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low.
• The CVE indentity number is the publicly known ID given to that particular vulnerability. Therefore you can
search the status of that particular vulnerability using that ID.
• The CVSS (Common Vulnerability Scoring System) score is a standard scoring system used to determine the
severity of the vulnerability.
High Severity Vulnerabilities
The Primary Vendor --- Product
Description Date Published
CVSS Score
The CVE Identity
acme -- micro_httpd Buffer overflow in ACME micro_httpd, as used in
D-Link DSL2750U and DSL2740U and NetGear
WGR614 and MR-ADSL-DG834 routers allows
remote attackers to cause a denial of service
(crash) via a long string in the URI in a GET
request.
2014-07-24 7.8 CVE-2014-4927BIDEXPLOIT-DBMISCOSVDB
advantech --
advantech_webaccess
Multiple stack-based buffer overflows in
Advantech WebAccess before 7.2 allow remote
attackers to execute arbitrary code via a long
string in the (1) ProjectName, (2) SetParameter,
(3) NodeName, (4) CCDParameter, (5) SetColor,
(6) AlarmImage, (7) GetParameter, (8) GetColor,
(9) ServerResponse, (10) SetBaud, or (11)
IPAddress parameter to an ActiveX control in (a)
webvact.ocx, (b) dvs.ocx, or (c) webdact.ocx.
2014-07-19 7.5 CVE-2014-2364
attachmate --
verastream_process_desi
gner
Unrestricted file upload vulnerability in
Attachmate Verastream Process Designer (VPD)
before R6 SP1 Hotfix 1 allows remote attackers
to execute arbitrary code by uploading and
launching an executable file.
2014-07-24 10.0 CVE-2014-0607
autodesk --
sketchbook_pro
Integer overflow in Autodesk SketchBook Pro
before 6.2.6 allows remote attackers to execute
arbitrary code via crafted layer mask data in a
PSD file, which triggers a heap-based buffer
overflow.
2014-07-23 9.3 CVE-2014-3938MISCSECUNIA
autodesk --
sketchbook_pro
Heap-based buffer overflow in Autodesk
SketchBook Pro before 6.2.6 allows remote
attackers to execute arbitrary code via crafted
layer bitmap data in a PXD file.
2014-07-23 9.3 CVE-2014-3939MISCSECUNIA
bfgminer -- bfgminer Multiple stack-based buffer overflows in sgminer
before 4.2.2, cgminer before 4.3.5, and BFGMiner
before 3.3.0 allow remote pool servers to have
unspecified impact via a long URL in a
client.reconnect stratum message to the (1)
extract_sockaddr or (2) parse_reconnect
functions in util.c.
2014-07-23 10.0 CVE-2014-4501FULLDISC
bfgminer -- bfgminer Multiple heap-based buffer overflows in the
parse_notify function in sgminer before 4.2.2,
cgminer before 4.3.5, and BFGMiner before 4.1.0
allow remote pool servers to have unspecified
impact via a (1) large or (2) negative value in the
Extranonc2_size parameter in a
mining.subscribe response and a crafted
mining.notify request.
2014-07-23 10.0 CVE-2014-4502CONFIRMFULLDISC
blogengine -- e2 SQL injection vulnerability in E2 before 2.4
(2845) allows remote attackers to execute
arbitrary SQL commands via the note-id
parameter to @actions/comment-process.
2014-07-24 7.5 CVE-2014-4736MISCBIDBUGTRAQ
citrix -- xenserver Buffer overflow in the HVM graphics console
support in Citrix XenServer 6.2 Service Pack 1
and earlier has unspecified impact and attack
vectors.
2014-07-22 10.0 CVE-2014-4947BID
cybozu -- garoon The CGI component in Cybozu Garoon 3.1.0
through 3.7 SP3 allows remote attackers to
execute arbitrary commands via unspecified
vectors.
2014-07-20 10.0 CVE-2014-1987
cybozu -- garoon Cybozu Garoon 3.7 before SP4 allows remote
authenticated users to bypass intended access
2014-07-20 7.5 CVE-2014-1996
restrictions, and execute arbitrary code or cause
a denial of service, via an API call.
elasticsearch -- logstash Elasticsearch Logstash 1.0.14 through 1.4.x
before 1.4.2 allows remote attackers to execute
arbitrary commands via a crafted event in (1)
zabbix.rb or (2) nagios_nsca.rb in outputs/.
2014-07-22 7.5 CVE-2014-4326BUGTRAQCONFIRM
fuelphp -- fuelphp The auto-format feature in the Request_Curl
class in FuelPHP 1.1 through 1.7.1 allows remote
attackers to execute arbitrary code via a crafted
response.
2014-07-20 7.5 CVE-2014-1999
gitlist -- gitlist Gitlist allows remote attackers to execute
arbitrary commands via shell metacharacters in a
file name to Source/.
2014-07-22 7.5 CVE-2013-7392MISCMISC
gitlist -- gitlist Gitlist before 0.5.0 allows remote attackers to
execute arbitrary commands via shell
metacharacters in the file name in the URI of a
request for a (1) blame, (2) file, or (3) stats page,
as demonstrated by requests to blame/master/,
master/, and stats/master/.
2014-07-22 7.5 CVE-2014-4511CONFIRMEXPLOIT-DBEXPLOIT-DBMISCMISCMISC
google -- chrome The ResourceFetcher::canRequest function in
core/fetch/ResourceFetcher.cpp in Blink, as used
in Google Chrome before 36.0.1985.125, does
not properly restrict subresource requests
associated with SVG files, which allows remote
attackers to bypass the Same Origin Policy via a
crafted file.
2014-07-20 7.5 CVE-2014-3160CONFIRMCONFIRM
google -- chrome The WebMediaPlayerAndroid::load function in
content/renderer/media/android/webmediaplay
er_android.cc in Google Chrome before
36.0.1985.122 on Android does not properly
interact with redirects, which allows remote
attackers to bypass the Same Origin Policy via a
crafted web site that hosts a video stream.
2014-07-20 7.5 CVE-2014-3161CONFIRMCONFIRM
honeywell --
falcon_xlweb_linux_contr
oller
Honeywell FALCON XLWeb Linux controller
devices 2.04.01 and earlier and FALCON XLWeb
XLWebExe controller devices 2.02.11 and earlier
allow remote attackers to bypass authentication
and obtain administrative access by visiting the
2014-07-24 7.6 CVE-2014-2717
change-password page.
joomlaboat --
com_youtubegallery
Multiple SQL injection vulnerabilities in
models\gallery.php in Youtube Gallery
(com_youtubegallery) component 4.x through
4.1.7, and possibly 3.x, for Joomla! allow remote
attackers to execute arbitrary SQL commands via
the (1) listid or (2) themeid parameter to
index.php.
2014-07-21 7.5 CVE-2014-4960BIDEXPLOIT-DB
limesurvey -- limesurvey SQL injection vulnerability in CPDB in
application/controllers/admin/participantsactio
n.php in LimeSurvey 2.05+ Build 140618 allows
remote attackers to execute arbitrary SQL
commands via the sidx parameter in a JSON
request to
admin/participants/sa/getParticipants_json,
related to a search parameter.
2014-07-21 7.5 CVE-2014-5017MISC
mozilla -- firefox Use-after-free vulnerability in the
CERT_DestroyCertificate function in libnss3.so in
Mozilla Network Security Services (NSS) 3.x, as
used in Firefox before 31.0, Firefox ESR 24.x
before 24.7, and Thunderbird before 24.7, allows
remote attackers to execute arbitrary code via
vectors that trigger certain improper removal of
an NSSCertificate structure from a trust domain.
2014-07-23 10.0 CVE-2014-1544CONFIRM
mozilla -- firefox Multiple unspecified vulnerabilities in the
browser engine in Mozilla Firefox before 31.0,
Firefox ESR 24.x before 24.7, and Thunderbird
before 24.7 allow remote attackers to cause a
denial of service (memory corruption and
application crash) or possibly execute arbitrary
code via unknown vectors.
2014-07-23 10.0 CVE-2014-1547CONFIRMCONFIRMCONFIRMCONFIRM
mozilla -- firefox Multiple unspecified vulnerabilities in the
browser engine in Mozilla Firefox before 31.0
and Thunderbird before 31.0 allow remote
attackers to cause a denial of service (memory
corruption and application crash) or possibly
execute arbitrary code via unknown vectors.
2014-07-23 10.0 CVE-2014-1548CONFIRMCONFIRMCONFIRMCONFIRMCONFIRMCONFIRMCONFIRMCONFIRMCONFIRM
CONFIRMCONFIRMCONFIRMCONFIRMCONFIRMCONFIRM
mozilla -- firefox The
mozilla::dom::AudioBufferSourceNodeEngine::C
opyFromInputBuffer function in Mozilla Firefox
before 31.0 and Thunderbird before 31.0 does
not properly allocate Web Audio buffer memory,
which allows remote attackers to execute
arbitrary code or cause a denial of service (buffer
overflow and application crash) via crafted audio
content that is improperly handled during
playback buffering.
2014-07-23 9.3 CVE-2014-1549CONFIRM
mozilla -- firefox Use-after-free vulnerability in the
MediaInputPort class in Mozilla Firefox before
31.0 and Thunderbird before 31.0 allows remote
attackers to execute arbitrary code or cause a
denial of service (heap memory corruption) by
leveraging incorrect Web Audio control-message
ordering.
2014-07-23 10.0 CVE-2014-1550CONFIRM
mozilla -- firefox Use-after-free vulnerability in the FontTableRec
destructor in Mozilla Firefox before 31.0, Firefox
ESR 24.x before 24.7, and Thunderbird before
24.7 on Windows allows remote attackers to
execute arbitrary code via crafted use of fonts in
MathML content, leading to improper handling
of a DirectWrite font-face object.
2014-07-23 10.0 CVE-2014-1551CONFIRM
mozilla -- firefox Use-after-free vulnerability in the
nsDocLoader::OnProgress function in Mozilla
Firefox before 31.0, Firefox ESR 24.x before 24.7,
and Thunderbird before 24.7 allows remote
attackers to execute arbitrary code via vectors
that trigger a FireOnStateChange event.
2014-07-23 9.3 CVE-2014-1555CONFIRM
mozilla -- firefox Mozilla Firefox before 31.0, Firefox ESR 24.x
before 24.7, and Thunderbird before 24.7 allow
remote attackers to execute arbitrary code via
crafted WebGL content constructed with the
2014-07-23 9.3 CVE-2014-1556CONFIRM
Cesium JavaScript library.
mozilla -- firefox The ConvolveHorizontally function in Skia, as
used in Mozilla Firefox before 31.0, Firefox ESR
24.x before 24.7, and Thunderbird before 24.7,
does not properly handle the discarding of
image data during function execution, which
allows remote attackers to execute arbitrary
code by triggering prolonged image scaling, as
demonstrated by scaling of a high-quality
image.
2014-07-23 9.3 CVE-2014-1557CONFIRM
oleumtech --
sensor_wireless_i/o_mod
ule
OleumTech WIO DH2 Wireless Gateway and
Sensor Wireless I/O Modules allow remote
attackers to execute arbitrary code via packets
that report a high battery voltage.
2014-07-24 7.5 CVE-2014-2360
oleumtech --
sensor_wireless_i/o_mod
ule
OleumTech WIO DH2 Wireless Gateway and
Sensor Wireless I/O Modules, when BreeZ is
used, do not require authentication for reading
the site security key, which allows physically
proximate attackers to spoof communication by
obtaining this key after use of direct hardware
access or manual-setup mode.
2014-07-24 7.2 CVE-2014-2361
oleumtech --
sensor_wireless_i/o_mod
ule
OleumTech WIO DH2 Wireless Gateway and
Sensor Wireless I/O Modules rely exclusively on a
time value for entropy in key generation, which
makes it easier for remote attackers to defeat
cryptographic protection mechanisms by
predicting the time of project creation.
2014-07-24 7.8 CVE-2014-2362
redhat --
jboss_enterprise_applicati
on_platform
The
org.picketlink.common.util.DocumentUtil.getDo
cumentBuilderFactory method in PicketLink, as
used in Red Hat JBoss Enterprise Application
Platform (JBEAP) 5.2.0 and 6.2.4, expands entity
references, which allows remote attackers to
read arbitrary code and possibly have other
unspecified impact via unspecified vectors,
related to an XML External Entity (XXE) issue.
2014-07-22 7.5 CVE-2014-3530
Medium Severity Vulnerabilities
The Primary Vendor --- Product
Description Date Published CVSSScore
The CVE Identity
advantech --
advantech_webacc
ess
Unspecified vulnerability in Advantech WebAccess
before 7.2 allows remote authenticated users to
create or delete arbitrary files via unknown vectors.
2014-07-19 5.5 CVE-2014-2365
advantech --
advantech_webacc
ess
upAdminPg.asp in Advantech WebAccess before
7.2 allows remote authenticated users to discover
credentials by reading HTML source code.
2014-07-19 4.0 CVE-2014-2366
advantech --
advantech_webacc
ess
The ChkCookie subroutine in an ActiveX control in
broadweb/include/gChkCook.asp in Advantech
WebAccess before 7.2 allows remote attackers to
read arbitrary files via a crafted call.
2014-07-19 4.3 CVE-2014-2367
advantech --
advantech_webacc
ess
The BrowseFolder method in the bwocxrun ActiveX
control in Advantech WebAccess before 7.2 allows
remote attackers to read arbitrary files via a crafted
call.
2014-07-19 5.0 CVE-2014-2368
apache --
http_server
The cache_invalidate function in
modules/cache/cache_storage.c in the mod_cache
module in the Apache HTTP Server 2.4.6, when a
caching forward proxy is enabled, allows remote
HTTP servers to cause a denial of service (NULL
pointer dereference and daemon crash) via vectors
that trigger a missing hostname value.
2014-07-20 4.3 CVE-2013-4352CONFIRMCONFIRMCONFIRM
apache --
http_server
The mod_proxy module in the Apache HTTP Server
2.4.x before 2.4.10, when a reverse proxy is enabled,
allows remote attackers to cause a denial of service
(child-process crash) via a crafted HTTP Connection
header.
2014-07-20 4.3 CVE-2014-0117CONFIRMMISCCONFIRMCONFIRMCONFIRMCONFIRM
apache --
http_server
The deflate_in_filter function in mod_deflate.c in
the mod_deflate module in the Apache HTTP Server
before 2.4.10, when request body decompression is
enabled, allows remote attackers to cause a denial
of service (resource consumption) via crafted
request data that decompresses to a much larger
size.
2014-07-20 4.3 CVE-2014-0118CONFIRMCONFIRMCONFIRM
apache --
http_server
Race condition in the mod_status module in the
Apache HTTP Server before 2.4.10 allows remote
attackers to cause a denial of service (heap-based
buffer overflow), or possibly obtain sensitive
credential information or execute arbitrary code,
via a crafted request that triggers improper
scoreboard handling within the status_handler
function in modules/generators/mod_status.c and
the lua_ap_scoreboard_worker function in
modules/lua/lua_request.c.
2014-07-20 6.8 CVE-2014-0226CONFIRMMISCCONFIRMCONFIRMCONFIRMCONFIRM
apache --
http_server
The mod_cgid module in the Apache HTTP Server
before 2.4.10 does not have a timeout mechanism,
which allows remote attackers to cause a denial of
service (process hang) via a request to a CGI script
that does not read from its stdin file descriptor.
2014-07-20 5.0 CVE-2014-0231CONFIRMCONFIRMCONFIRMCONFIRM
apache --
http_server
Memory leak in the winnt_accept function in
server/mpm/winnt/child.c in the WinNT MPM in the
Apache HTTP Server 2.4.x before 2.4.10 on
Windows, when the default AcceptFilter is enabled,
allows remote attackers to cause a denial of service
(memory consumption) via crafted requests.
2014-07-20 5.0 CVE-2014-3523CONFIRMCONFIRM
canonical -- acpi-
support
Race condition in the power policy functions in
policy-funcs in acpi-support before 0.142 allows
local users to gain privileges via unspecified
vectors.
2014-07-24 6.9 CVE-2014-1419CONFIRM
cgminer_project --
cgminer
The parse_notify function in util.c in sgminer before
4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-
in-the-middle attackers to cause a denial of service
(application exit) via a crafted (1) bbversion, (2)
prev_hash, (3) nbit, or (4) ntime parameter in a
mining.notify action stratum message.
2014-07-23 4.3 CVE-2014-4503FULLDISC
cisco --
asr_9000_rsp440_r
outer
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices
does not properly perform NetFlow sampling of IP
packets, which allows remote attackers to cause a
denial of service (chip and card hangs) via
malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID
CSCuo68417.
2014-07-24 6.1 CVE-2014-3322
cisco --
unified_customer_v
oice_portal
Multiple cross-site scripting (XSS) vulnerabilities in
Cisco Unified Customer Voice Portal (CVP) allow
remote attackers to inject arbitrary web script or
HTML via a crafted parameter, aka Bug IDs
CSCuh61711, CSCuh61720, CSCuh61723,
CSCuh61726, CSCuh61727, CSCuh61731, and
CSCuh61733.
2014-07-19 4.3 CVE-2014-3325
citrix -- xenserver Unspecified vulnerability in Citrix XenServer 6.2
Service Pack 1 and earlier allows attackers to cause
a denial of service and obtain sensitive information
by modifying the guest virtual hard disk (VHD).
2014-07-22 6.4 CVE-2014-4948BID
cybozu -- garoon The Portlets subsystem in Cybozu Garoon 2.x and
3.x before 3.7 SP4 allows remote authenticated
users to bypass intended access restrictions via
unspecified vectors.
2014-07-20 4.0 CVE-2014-1993
dell --
sonicwall_analyzer
Cross-site scripting (XSS) vulnerability in
sgms/panelManager in Dell SonicWALL GMS,
Analyzer, and UMA before 7.2 SP1 allows remote
attackers to inject arbitrary web script or HTML via
the node_id parameter.
2014-07-24 4.3 CVE-2014-5024BIDFULLDISCMISC
drupal -- drupal The multisite feature in Drupal 6.x before 6.32 and
7.x before 7.29 allows remote attackers to cause a
denial of service via a crafted HTTP Host header,
related to determining which configuration file to
use.
2014-07-22 5.0 CVE-2014-5019DEBIAN
drupal -- drupal The File module in Drupal 7.x before 7.29 does not
properly check permissions to view files, which
allows remote authenticated users with certain
permissions to bypass intended restrictions and
read files by attaching the file to content with a file
field.
2014-07-22 4.9 CVE-2014-5020DEBIAN
drupal -- drupal Cross-site scripting (XSS) vulnerability in the Ajax 2014-07-22 4.3 CVE-2014-5022
system in Drupal 7.x before 7.29 allows remote
attackers to inject arbitrary web script or HTML via
vectors involving forms with an Ajax-enabled
textfield and a file field.
DEBIAN
e107 -- e107 Cross-site scripting (XSS) vulnerability in
e107_admin/db.php in e107 2.0 alpha2 and earlier
allows remote attackers to inject arbitrary web
script or HTML via the type parameter.
2014-07-21 4.3 CVE-2014-4734MISCCONFIRMBIDBUGTRAQ
emc --
recoverpoint_applia
nce
The default configuration of EMC RecoverPoint
Appliance (RPA) 4.1 before 4.1.0.1 does not enable a
firewall, which allows remote attackers to obtain
potentially sensitive information about open ports,
or cause a denial of service, by sending packets to
many ports.
2014-07-19 5.8 CVE-2014-2519BUGTRAQ
entity_api_module_
project --
entity_api_module
The Entity API module 7.x-1.x before 7.x-1.2 for
Drupal does not properly restrict access to node
comments, which allows remote authenticated
users to read the comments via unspecified vectors.
NOTE: this identifier was SPLIT per ADT5 due to
different researcher organizations. CVE-2013-7391
was assigned for the View vector.
2014-07-19 4.0 CVE-2013-4273CONFIRMMLIST
entity_api_module_
project --
entity_api_module
The Entity API module 7.x-1.x before 7.x-1.2 for
Drupal, when using the (a) Views field or (b) area
plugins, allows remote attackers to read restricted
entities via the (1) field, (2) header, or (3) footer of a
View. NOTE: this identifier was SPLIT from CVE-
2013-4273 per ADT5 due to different researcher
organizations.
2014-07-19 5.0 CVE-2013-7391MLIST
eterna -- bozohttpd bozotic HTTP server (aka bozohttpd) before
20140708, as used in NetBSD, truncates paths when
checking .htpasswd restrictions, which allows
remote attackers to bypass the HTTP authentication
scheme and access restrictions via a long path.
2014-07-24 5.0 CVE-2014-5015XFBIDOSVDBCONFIRMMLIST
gitlist -- gitlist Repository.php in Gitter, as used in Gitlist, allows
remote attackers with commit privileges to execute
arbitrary commands via shell metacharacters in a
branch name, as demonstrated by a "git checkout
-b" command.
2014-07-22 6.8 CVE-2014-5023MISC
google -- chrome The
WebContentsDelegateAndroid::OpenURLFromTab
function in
components/web_contents_delegate_android/we
b_contents_delegate_android.cc in Google Chrome
before 36.0.1985.122 on Android does not properly
restrict URL loading, which allows remote attackers
to spoof the URL in the Omnibox via unspecified
vectors.
2014-07-20 6.4 CVE-2014-3159CONFIRMCONFIRM
google -- chrome Multiple unspecified vulnerabilities in Google
Chrome before 36.0.1985.125 allow attackers to
cause a denial of service or possibly have other
impact via unknown vectors.
2014-07-20 5.0 CVE-2014-3162CONFIRM
honeywell --
falcon_xlweb_linux
_controller
Multiple cross-site scripting (XSS) vulnerabilities on
Honeywell FALCON XLWeb Linux controller devices
2.04.01 and earlier and FALCON XLWeb XLWebExe
controller devices 2.02.11 and earlier allow remote
attackers to inject arbitrary web script or HTML via
invalid input.
2014-07-24 4.3 CVE-2014-3110
huawei --
e355_web_ui
Cross-site scripting (XSS) vulnerability in the web
interface on the Huawei E355 CH1E355SM modem
with software 21.157.37.01.910 and Web UI
11.001.08.00.03 allows remote attackers to inject
arbitrary web script or HTML via an SMS message.
2014-07-24 4.3 CVE-2014-2968
ibm --
storwize_unified_v7
000_software
IBM Storwize V7000 Unified 1.3.x and 1.4.x before
1.4.3.3 allows remote authenticated users to gain
privileges by leveraging access to the service
account.
2014-07-19 6.5 CVE-2014-3043
ibm --
infosphere_master_
data_management_
collaboration_serve
r
The GDS component in IBM InfoSphere Master Data
Management - Collaborative Edition 10.x and 11.x
before 11.0 FP4 and InfoSphere Master Data
Management Server for Product Information
Management 9.0 and 9.1 allows remote
authenticated users to read arbitrary files via a
crafted UNIX file parameter.
2014-07-19 6.3 CVE-2014-3064XF
limesurvey --
limesurvey
Multiple cross-site scripting (XSS) vulnerabilities in
LimeSurvey 2.05+ Build 140618 allow remote
attackers to inject arbitrary web script or HTML via
2014-07-21 4.3 CVE-2014-5016MISC
(1) the pid attribute to the getAttribute_json
function to
application/controllers/admin/participantsaction.p
hp in CPDB, (2) the sa parameter to
application/views/admin/globalSettings_view.php,
or (3) a crafted CSV file to the "Import CSV"
functionality.
limesurvey --
limesurvey
Incomplete blacklist vulnerability in the autoEscape
function in common_helper.php in LimeSurvey
2.05+ Build 140618 allows remote attackers to
conduct cross-site scripting (XSS) attacks via the
GBK charset in the loadname parameter to
index.php, related to the survey resume.
2014-07-21 4.3 CVE-2014-5018MISC
linux -- linux_kernel The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the
Linux kernel through 3.15.6 allows local users to
gain privileges by leveraging data-structure
differences between an l2tp socket and an inet
socket.
2014-07-19 6.9 CVE-2014-4943CONFIRMCONFIRMMLIST
mit -- kerberos MIT Kerberos 5 (aka krb5) before 1.12.2 allows
remote attackers to cause a denial of service (buffer
over-read and application crash) by injecting invalid
tokens into a GSSAPI application session.
2014-07-20 5.0 CVE-2014-4341CONFIRM
mit -- kerberos MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x
before 1.12.2 allows remote attackers to cause a
denial of service (buffer over-read or NULL pointer
dereference, and application crash) by injecting
invalid tokens into a GSSAPI application session.
2014-07-20 5.0 CVE-2014-4342CONFIRM
mozilla -- firefox Mozilla Firefox before 31.0 and Thunderbird before
31.0 do not properly implement the sandbox
attribute of the IFRAME element, which allows
remote attackers to bypass intended restrictions on
same-origin content via a crafted web site in
conjunction with a redirect.
2014-07-23 5.8 CVE-2014-1552CONFIRM
mozilla -- firefox Mozilla Firefox before 31.0 and Thunderbird before
31.0 allow remote attackers to cause a denial of
service (X.509 certificate parsing outage) via a
crafted certificate that does not use UTF-8 character
encoding in a required context, a different
2014-07-23 4.3 CVE-2014-1558CONFIRM
vulnerability than CVE-2014-1559.
mozilla -- firefox Mozilla Firefox before 31.0 and Thunderbird before
31.0 allow remote attackers to cause a denial of
service (X.509 certificate parsing outage) via a
crafted certificate that does not use UTF-8 character
encoding in a required context, a different
vulnerability than CVE-2014-1558.
2014-07-23 4.3 CVE-2014-1559CONFIRM
mozilla -- firefox Mozilla Firefox before 31.0 and Thunderbird before
31.0 allow remote attackers to cause a denial of
service (X.509 certificate parsing outage) via a
crafted certificate that does not use ASCII character
encoding in a required context.
2014-07-23 4.3 CVE-2014-1560CONFIRM
mozilla -- firefox Mozilla Firefox before 31.0 does not properly
restrict use of drag-and-drop events to spoof
customization events, which allows remote
attackers to alter the placement of UI icons via
crafted JavaScript code that is encountered during
(1) page, (2) panel, or (3) toolbar customization.
2014-07-23 5.8 CVE-2014-1561CONFIRMCONFIRM
nexatechnologies --
meridian
Cross-site scripting (XSS) vulnerability in Nexa
Meridian before 2014 allows remote attackers to
inject arbitrary web script or HTML via unspecified
vectors.
2014-07-20 4.3 CVE-2014-3892
nextapp --
file_explorer
Directory traversal vulnerability in the NextApp File
Explorer application before 2.1.0.3 for Android
allows remote attackers to overwrite or create
arbitrary files via a crafted filename.
2014-07-20 5.0 CVE-2014-1973
octavocms --
octavocms
Cross-site scripting (XSS) vulnerability in
admin/viewer.php in OctavoCMS allows remote
attackers to inject arbitrary web script or HTML via
the src parameter.
2014-07-19 4.3 CVE-2014-4331BIDBUGTRAQVIM
omeka -- omeka Multiple cross-site request forgery (CSRF)
vulnerabilities in Omeka before 2.2.1 allow remote
attackers to hijack the authentication of
administrators for requests that (1) add a new super
user account via a request to admin/users/add, (2)
insert cross-site scripting (XSS) sequences via the
api_key_label parameter to admin/users/api-
keys/1, or (3) disable file validation via a request to
2014-07-25 6.8 CVE-2014-5100XFXFMISCMISCBIDEXPLOIT-DBMISC
admin/settings/edit-security.
omron --
ns10_hmi_terminal
Cross-site request forgery (CSRF) vulnerability in the
web application on Omron NS5, NS8, NS10, NS12,
and NS15 HMI terminals 8.1xx through 8.68x allows
remote authenticated users to hijack the
authentication of unspecified victims via unknown
vectors.
2014-07-24 6.0 CVE-2014-2369
openstack --
neutron
OpenStack Neutron before 2013.2.4, 2014.x before
2014.1.2, and Juno before Juno-2 allows remote
authenticated users to cause a denial of service
(crash or long firewall rule updates) by creating a
large number of allowed address pairs.
2014-07-23 4.0 CVE-2014-3555MISCBIDMLIST
php_kobo --
multifunctional_mai
lform_free
Cross-site scripting (XSS) vulnerability in PHP Kobo
Multifunctional MailForm Free 2014/1/28 and
earlier allows remote attackers to inject arbitrary
web script or HTML via an HTTP Referer header.
2014-07-20 4.3 CVE-2014-3894
phpmyadmin --
phpmyadmin
server_user_groups.php in phpMyAdmin 4.1.x
before 4.1.14.2 and 4.2.x before 4.2.6 allows remote
authenticated users to bypass intended access
restrictions and read the MySQL user list via a
viewUsers request.
2014-07-20 4.0 CVE-2014-4987CONFIRM
polarssl -- polarssl The ssl_decrypt_buf function in library/ssl_tls.c in
PolarSSL before 1.2.11 and 1.3.x before 1.3.8 allows
remote attackers to cause a denial of service (crash)
via vectors related to the GCM ciphersuites, as
demonstrated using the Codenomicon Defensics
toolkit.
2014-07-22 5.0 CVE-2014-4911DEBIAN
redhat --
enterprise_mrg
Cumin (aka MRG Management Console), as used in
Red Hat Enterprise MRG 2.5, allows attackers with
certain database privileges to cause a denial of
service (inaccessible page) via a non-ASCII character
in the name of a link.
2014-07-19 5.0 CVE-2012-2682CONFIRM
redhat --
jboss_enterprise_ap
plication_platform
jmx-remoting.sar in JBoss Remoting, as used in Red
Hat JBoss Enterprise Application Platform (JEAP)
5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss
Portal Platform 5.2.2, and Red Hat JBoss SOA
Platform 5.3.1, does not properly implement the
JSR 160 specification, which allows remote
2014-07-22 6.8 CVE-2014-3518
attackers to execute arbitrary code via unspecified
vectors.
reviewboard --
review_board
Cross-site scripting (XSS) vulnerability in Review
Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4
allows remote attackers to inject arbitrary web
script or HTML via a query parameter to a diff
fragment page.
2014-07-25 4.3 CVE-2014-5027BIDMLISTMLIST
siemens --
simatic_pcs7
The WebNavigator server in Siemens SIMATIC
WinCC before 7.3, as used in PCS7 and other
products, allows remote attackers to obtain
sensitive information via an HTTP request.
2014-07-24 5.0 CVE-2014-4682
siemens --
simatic_pcs7
The WebNavigator server in Siemens SIMATIC
WinCC before 7.3, as used in PCS7 and other
products, allows remote authenticated users to
gain privileges via a (1) HTTP or (2) HTTPS request.
2014-07-24 4.9 CVE-2014-4683
siemens --
simatic_pcs7
The database server in Siemens SIMATIC WinCC
before 7.3, as used in PCS7 and other products,
allows remote authenticated users to gain
privileges via a request to TCP port 1433.
2014-07-24 6.0 CVE-2014-4684
siemens --
simatic_pcs7
Siemens SIMATIC WinCC before 7.3, as used in PCS7
and other products, allows local users to gain
privileges by leveraging weak system-object access
control.
2014-07-24 4.6 CVE-2014-4685
siemens --
simatic_pcs7
The Project administration application in Siemens
SIMATIC WinCC before 7.3, as used in PCS7 and
other products, has a hardcoded encryption key,
which allows remote attackers to obtain sensitive
information by extracting this key from another
product installation and then employing this key
during the sniffing of network traffic on TCP port
1030.
2014-07-24 6.8 CVE-2014-4686
sophos -- anti-virus Multiple cross-site scripting (XSS) vulnerabilities in
the web UI in Sophos Anti-Virus for Linux before
9.6.1 allow local users to inject arbitrary web script
or HTML via the (1)
newListList:ExcludeFileOnExpression, (2)
newListList:ExcludeFilesystems, or (3)
newListList:ExcludeMountPaths parameter to
2014-07-22 4.3 CVE-2014-2385MISCSECTRACKFULLDISC
exclusion/configure or (4) text:EmailServer or (5)
newListList:Email parameter to
notification/configure.
tenable -- nessus The /server/properties resource in Tenable Web UI
before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows
remote attackers to obtain sensitive information via
the token parameter.
2014-07-23 5.0 CVE-2014-4980SECTRACKBIDBUGTRAQOSVDBMISCMISC
ubnt -- unifi_video The default Flash cross-domain policy
(crossdomain.xml) in Ubiquiti Networks UniFi Video
(formerly AirVision aka AirVision Controller) before
3.0.1 does not restrict access to the application,
which allows remote attackers to bypass the Same
Origin Policy via a crafted SWF file.
2014-07-25 6.0 CVE-2014-2227BIDMISCFULLDISC
webmin -- usermin Cross-site scripting (XSS) vulnerability in Usermin
before 1.600 allows remote attackers to inject
arbitrary web script or HTML via unspecified
vectors. NOTE: this might overlap CVE-2014-3924.
2014-07-20 4.3 CVE-2014-3884
webmin -- webmin Cross-site scripting (XSS) vulnerability in Webmin
before 1.690 allows remote authenticated users to
inject arbitrary web script or HTML via unspecified
vectors. NOTE: this might overlap CVE-2014-3924.
2014-07-20 4.3 CVE-2014-3885
x -- xf86-video-intel Directory traversal vulnerability in
tools/backlight_helper.c in X.Org xf86-video-intel
2.99.911 allows remote attackers to create or
overwrite arbitrary files via a .. (dot dot) in the
interface name.
2014-07-24 4.6 CVE-2014-4910XFMLISTMLISTOSVDBMLIST
Low Severity Vulnerabilities
The Primary Vendor --- Product
Description Date Published CVSSScore
The CVE Identity
apple -- cups The web interface in CUPS before 1.7.4 allows local
users in the lp group to read arbitrary files via a
symlink attack on a file in /var/cache/cups/rss/.
2014-07-23 1.2 CVE-2014-3537CONFIRMUBUNTUSECTRACKCONFIRMSECUNIAFEDORA
cybozu -- garoon Cross-site scripting (XSS) vulnerability in the
Messages functionality in Cybozu Garoon 3.1.x, 3.5.x,
and 3.7.x before 3.7 SP4 allows remote
authenticated users to inject arbitrary web script or
HTML via unspecified vectors.
2014-07-20 3.5 CVE-2014-1992
cybozu -- garoon Cross-site scripting (XSS) vulnerability in the Notices
portlet in Cybozu Garoon 2.x and 3.x before 3.7 SP4
allows remote authenticated users to inject arbitrary
web script or HTML via unspecified vectors.
2014-07-20 3.5 CVE-2014-1994
cybozu -- garoon Cross-site scripting (XSS) vulnerability in the Map
search functionality in Cybozu Garoon 2.x and 3.x
before 3.7 SP4 allows remote authenticated users to
inject arbitrary web script or HTML via unspecified
vectors.
2014-07-20 3.5 CVE-2014-1995
d-bus_project -- d-
bus
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when
running on Linux 2.6.37-rc4 or later, allows local
users to cause a denial of service (system-bus
disconnect of other services or applications) by
sending a message containing a file descriptor, then
exceeding the maximum recursion depth before the
initial message is forwarded.
2014-07-19 2.1 CVE-2014-3532DEBIANSECUNIAMLIST
d-bus_project -- d-
bus
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows
local users to cause a denial of service (disconnect)
via a certain sequence of crafted messages that
cause the dbus-daemon to forward a message
containing an invalid file descriptor.
2014-07-19 2.1 CVE-2014-3533CONFIRMDEBIANSECUNIAMLIST
drupal -- drupal Cross-site scripting (XSS) vulnerability in the Form
API in Drupal 6.x before 6.32 and possibly 7.x before
7.29 allows remote authenticated users with the
2014-07-22 2.1 CVE-2014-5021DEBIAN
"administer taxonomy" permission to inject arbitrary
web script or HTML via an option group label.
ibm --
infosphere_master
_data_managemen
t_collaboration_ser
ver
Cross-site scripting (XSS) vulnerability in the GDS
component in IBM InfoSphere Master Data
Management - Collaborative Edition 10.x and 11.x
before 11.0 FP4 and InfoSphere Master Data
Management Server for Product Information
Management 9.0 and 9.1 allows remote
authenticated users to inject arbitrary web script or
HTML via a crafted URL.
2014-07-19 3.5 CVE-2014-0967XF
ibm --
infosphere_master
_data_managemen
t_collaboration_ser
ver
Cross-site scripting (XSS) vulnerability in the GDS
component in IBM InfoSphere Master Data
Management - Collaborative Edition 10.x and 11.x
before 11.0 FP4 and InfoSphere Master Data
Management Server for Product Information
Management 9.0 and 9.1 allows remote
authenticated users to inject arbitrary web script or
HTML via a crafted URL for an MHTML document.
2014-07-19 3.5 CVE-2014-0968XF
ibm --
infosphere_master
_data_managemen
t_collaboration_ser
ver
The GDS component in IBM InfoSphere Master Data
Management - Collaborative Edition 10.x and 11.x
before 11.0 FP4 and InfoSphere Master Data
Management Server for Product Information
Management 9.0 and 9.1 allows remote
authenticated users to inject links via unspecified
vectors.
2014-07-19 3.5 CVE-2014-0970XF
ibm --
scale_out_network
_attached_storage
IBM Scale Out Network Attached Storage (SONAS)
1.3.x and 1.4.x before 1.4.3.3 places an
administrative password in the shell history upon
use of the -p option to chuser, which allows local
users to obtain sensitive information by leveraging
root access.
2014-07-19 1.7 CVE-2014-3045
micropact --
icomplaints
Cross-site scripting (XSS) vulnerability in
AddStdLetter.jsp in MicroPact iComplaints before
8.0.2.1.8.8014 allows remote authenticated users to
inject arbitrary web script or HTML via the
description parameter.
2014-07-24 3.5 CVE-2014-2971
omron --
ns10_hmi_terminal
Cross-site scripting (XSS) vulnerability in the web
application on Omron NS5, NS8, NS10, NS12, and
2014-07-24 3.5 CVE-2014-2370
NS15 HMI terminals 8.1xx through 8.68x allows
remote authenticated users to inject arbitrary web
script or HTML via crafted data.
phpmyadmin --
phpmyadmin
Cross-site scripting (XSS) vulnerability in the
PMA_getHtmlForActionLinks function in
libraries/structure.lib.php in phpMyAdmin 4.2.x
before 4.2.6 allows remote authenticated users to
inject arbitrary web script or HTML via a crafted table
comment that is improperly handled during
construction of a database structure page.
2014-07-20 3.5 CVE-2014-4954CONFIRM
phpmyadmin --
phpmyadmin
Cross-site scripting (XSS) vulnerability in the
PMA_TRI_getRowForList function in
libraries/rte/rte_list.lib.php in phpMyAdmin 4.0.x
before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x
before 4.2.6 allows remote authenticated users to
inject arbitrary web script or HTML via a crafted
trigger name that is improperly handled on the
database triggers page.
2014-07-20 3.5 CVE-2014-4955CONFIRM
phpmyadmin --
phpmyadmin
Multiple cross-site scripting (XSS) vulnerabilities in
js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1,
4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow
remote authenticated users to inject arbitrary web
script or HTML via a crafted (1) table name or (2)
column name that is improperly handled during
construction of an AJAX confirmation message.
2014-07-20 3.5 CVE-2014-4986CONFIRM
webmin -- webmin Cross-site scripting (XSS) vulnerability in Webmin
before 1.690, when referrer checking is disabled,
allows remote attackers to inject arbitrary web script
or HTML via unspecified vectors. NOTE: this might
overlap CVE-2014-3924.
2014-07-20 2.6 CVE-2014-3886
apple -- cups The web interface in CUPS before 1.7.4 allows local
users in the lp group to read arbitrary files via a
symlink attack on a file in /var/cache/cups/rss/.
2014-07-23 1.2 CVE-2014-3537CONFIRMUBUNTUSECTRACKCONFIRMSECUNIAFEDORA
cybozu -- garoon Cross-site scripting (XSS) vulnerability in the
Messages functionality in Cybozu Garoon 3.1.x, 3.5.x,
and 3.7.x before 3.7 SP4 allows remote
2014-07-20 3.5 CVE-2014-1992
authenticated users to inject arbitrary web script or
HTML via unspecified vectors.
cybozu -- garoon Cross-site scripting (XSS) vulnerability in the Notices
portlet in Cybozu Garoon 2.x and 3.x before 3.7 SP4
allows remote authenticated users to inject arbitrary
web script or HTML via unspecified vectors.
2014-07-20 3.5 CVE-2014-1994
cybozu -- garoon Cross-site scripting (XSS) vulnerability in the Map
search functionality in Cybozu Garoon 2.x and 3.x
before 3.7 SP4 allows remote authenticated users to
inject arbitrary web script or HTML via unspecified
vectors.
2014-07-20 3.5 CVE-2014-1995
d-bus_project -- d-
bus
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when
running on Linux 2.6.37-rc4 or later, allows local
users to cause a denial of service (system-bus
disconnect of other services or applications) by
sending a message containing a file descriptor, then
exceeding the maximum recursion depth before the
initial message is forwarded.
2014-07-19 2.1 CVE-2014-3532DEBIANSECUNIAMLIST
d-bus_project -- d-
bus
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows
local users to cause a denial of service (disconnect)
via a certain sequence of crafted messages that
cause the dbus-daemon to forward a message
containing an invalid file descriptor.
2014-07-19 2.1 CVE-2014-3533CONFIRMDEBIANSECUNIAMLIST
drupal -- drupal Cross-site scripting (XSS) vulnerability in the Form
API in Drupal 6.x before 6.32 and possibly 7.x before
7.29 allows remote authenticated users with the
"administer taxonomy" permission to inject arbitrary
web script or HTML via an option group label.
2014-07-22 2.1 CVE-2014-5021DEBIAN
ibm --
infosphere_master
_data_managemen
t_collaboration_ser
ver
Cross-site scripting (XSS) vulnerability in the GDS
component in IBM InfoSphere Master Data
Management - Collaborative Edition 10.x and 11.x
before 11.0 FP4 and InfoSphere Master Data
Management Server for Product Information
Management 9.0 and 9.1 allows remote
authenticated users to inject arbitrary web script or
HTML via a crafted URL.
2014-07-19 3.5 CVE-2014-0967XF
ibm --
infosphere_master
Cross-site scripting (XSS) vulnerability in the GDS
component in IBM InfoSphere Master Data
2014-07-19 3.5 CVE-2014-0968XF
_data_managemen
t_collaboration_ser
ver
Management - Collaborative Edition 10.x and 11.x
before 11.0 FP4 and InfoSphere Master Data
Management Server for Product Information
Management 9.0 and 9.1 allows remote
authenticated users to inject arbitrary web script or
HTML via a crafted URL for an MHTML document.
ibm --
infosphere_master
_data_managemen
t_collaboration_ser
ver
The GDS component in IBM InfoSphere Master Data
Management - Collaborative Edition 10.x and 11.x
before 11.0 FP4 and InfoSphere Master Data
Management Server for Product Information
Management 9.0 and 9.1 allows remote
authenticated users to inject links via unspecified
vectors.
2014-07-19 3.5 CVE-2014-0970XF
ibm --
scale_out_network
_attached_storage
IBM Scale Out Network Attached Storage (SONAS)
1.3.x and 1.4.x before 1.4.3.3 places an
administrative password in the shell history upon
use of the -p option to chuser, which allows local
users to obtain sensitive information by leveraging
root access.
2014-07-19 1.7 CVE-2014-3045
micropact --
icomplaints
Cross-site scripting (XSS) vulnerability in
AddStdLetter.jsp in MicroPact iComplaints before
8.0.2.1.8.8014 allows remote authenticated users to
inject arbitrary web script or HTML via the
description parameter.
2014-07-24 3.5 CVE-2014-2971
omron --
ns10_hmi_terminal
Cross-site scripting (XSS) vulnerability in the web
application on Omron NS5, NS8, NS10, NS12, and
NS15 HMI terminals 8.1xx through 8.68x allows
remote authenticated users to inject arbitrary web
script or HTML via crafted data.
2014-07-24 3.5 CVE-2014-2370
phpmyadmin --
phpmyadmin
Cross-site scripting (XSS) vulnerability in the
PMA_getHtmlForActionLinks function in
libraries/structure.lib.php in phpMyAdmin 4.2.x
before 4.2.6 allows remote authenticated users to
inject arbitrary web script or HTML via a crafted table
comment that is improperly handled during
construction of a database structure page.
2014-07-20 3.5 CVE-2014-4954CONFIRM
phpmyadmin --
phpmyadmin
Cross-site scripting (XSS) vulnerability in the
PMA_TRI_getRowForList function in
2014-07-20 3.5 CVE-2014-4955CONFIRM
libraries/rte/rte_list.lib.php in phpMyAdmin 4.0.x
before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x
before 4.2.6 allows remote authenticated users to
inject arbitrary web script or HTML via a crafted
trigger name that is improperly handled on the
database triggers page.
phpmyadmin --
phpmyadmin
Multiple cross-site scripting (XSS) vulnerabilities in
js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1,
4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow
remote authenticated users to inject arbitrary web
script or HTML via a crafted (1) table name or (2)
column name that is improperly handled during
construction of an AJAX confirmation message.
2014-07-20 3.5 CVE-2014-4986CONFIRM
webmin -- webmin Cross-site scripting (XSS) vulnerability in Webmin
before 1.690, when referrer checking is disabled,
allows remote attackers to inject arbitrary web script
or HTML via unspecified vectors. NOTE: this might
overlap CVE-2014-3924.
2014-07-20 2.6 CVE-2014-3886
• Sources: http://nvd.nist.gov (For more information visit the National Vulnerabilities Database (NVD) which
contains a database of every vulnerability that has ever been published).
Uganda Communications Commission – UGCERTEmail: [email protected] Tel + 256 414 302 100/150 Toll Free: 0800 133 911
Website www.ug-cert.ug Face book / Twitter: UGCERT